mirror of https://github.com/docker/docs.git
Update access.md (#22505)
Added Gated Distribution information to docs page. <!--Delete sections as needed --> ## Description <!-- Tell us what you did and why --> ## Related issues or tickets <!-- Related issues, pull requests, or Jira tickets --> ## Reviews <!-- Notes for reviewers here --> <!-- List applicable reviews (optionally @tag reviewers) --> - [ ] Technical review - [ ] Editorial review - [ ] Product review --------- Signed-off-by: Craig <craig.osterhout@docker.com> Co-authored-by: Craig Osterhout <103533812+craig-osterhout@users.noreply.github.com> Co-authored-by: Craig <craig.osterhout@docker.com>
This commit is contained in:
parent
2b68133dc9
commit
fd2f88e908
|
@ -132,3 +132,42 @@ To configure team repository permissions:
|
|||
Organizations can use OATs. OATs let you assign fine-grained repository access
|
||||
permissions to tokens. For more details, see [Organization access
|
||||
tokens](/manuals/security/for-admins/access-tokens.md).
|
||||
|
||||
## Gated distribution
|
||||
|
||||
{{< summary-bar feature_name="Gated distribution" >}}
|
||||
|
||||
Gated distribution allows publishers to securely share private container images with external customers or partners, without giving them full organization access or visibility into your teams, collaborators, or other repositories.
|
||||
|
||||
This feature is ideal for commercial software publishers who want to control who can pull specific images while preserving a clean separation between internal users and external consumers.
|
||||
|
||||
### Key features
|
||||
|
||||
- **Private repository distribution**: Content is stored in private repositories and only accessible to explicitly invited users.
|
||||
|
||||
- **External access without organization membership**: External users don't need to be added to your internal organization to pull images.
|
||||
|
||||
- **Pull-only permissions**: External users receive pull-only access and cannot push or modify repository content.
|
||||
|
||||
- **Invite-only access**: Access is granted through authenticated email invites, managed via API.
|
||||
|
||||
### Invite distributor members via API
|
||||
|
||||
> [!NOTE]
|
||||
> When you invite members, you assign them a role. See [Roles and permissions](/manuals/security/for-admins/roles-and-permissions.md) for details about the access permissions for each role.
|
||||
|
||||
Distributor members (used for gated distribution) can only be invited using the Docker Hub API. UI-based invitations are not currently supported for this role. To invite distributor members, use the Bulk create invites API endpoint.
|
||||
|
||||
To invite distributor members:
|
||||
|
||||
1. Use the [Authentication API](https://docs.docker.com/reference/api/hub/latest/#tag/authentication-api/operation/AuthCreateAccessToken) to generate a bearer token for your Docker Hub account.
|
||||
|
||||
2. Create a team in the Hub UI or use the [Teams API](https://docs.docker.com/reference/api/hub/latest/#tag/groups/paths/~1v2~1orgs~1%7Borg_name%7D~1groups/post).
|
||||
|
||||
3. Grant repository access to the team:
|
||||
- In the Hub UI: Navigate to your repository settings and add the team with "Read-only" permissions
|
||||
- Using the [Repository Teams API](https://docs.docker.com/reference/api/hub/latest/#tag/repositories/paths/~1v2~1repositories~1%7Bnamespace%7D~1%7Brepository%7D~1groups/post): Assign the team to your repositories with "read-only" access level
|
||||
|
||||
4. Use the [Bulk create invites endpoint](https://docs.docker.com/reference/api/hub/latest/#tag/invites/paths/~1v2~1invites~1bulk/post) to send email invites with the distributor member role. In the request body, set the "role" field to "distributor_member".
|
||||
|
||||
5. The invited user will receive an email with a link to accept the invite. After signing in with their Docker ID, they'll be granted pull-only access to the specified private repository as a distributor member.
|
||||
|
|
|
@ -173,6 +173,8 @@ Domain management:
|
|||
Enforce sign-in:
|
||||
subscription: [Business]
|
||||
for: Administrators
|
||||
Gated distribution:
|
||||
availability: Early Access
|
||||
General admin:
|
||||
for: Administrators
|
||||
GitHub Actions cache:
|
||||
|
|
Loading…
Reference in New Issue