docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
docs/layouts/shortcodes/admin-registry-access.html

32 lines
2.1 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{{ $product_link := "[Docker Hub](https://hub.docker.com)" }}
{{ $ram_navigation := "Select **Organizations**, your organization, **Settings**, and then select **Registry Access**." }}
{{ if eq (.Get "product") "admin" }}
{{ $product_link = "the [Admin Console](https://admin.docker.com)" }}
{{ $ram_navigation = "Select your organization in the left navigation drop-down menu, and then select **Registry access**." }}
{{ end }}
To configure Registry Access Management permissions, perform the following steps:
1. Sign in to {{ $product_link }}.
2. {{ $ram_navigation }}
3. Enable Registry Access Management to set the permissions for your registry.
> [!NOTE]
>
> When enabled, the Docker Hub registry is set by default, however you can also restrict this registry for your developers.
4. Select **Add registry** and enter your registry details in the applicable fields, and then select **Create** to add the registry to your list. There is no limit on the number of registries you can add.
5. Verify that the registry appears in your list and select **Save changes**.
Once you add a registry, it can take up to 24 hours for the changes to be enforced on your developers machines.
If you want to apply the changes sooner, you must force a Docker signout on your developers machine and have the developers re-authenticate for Docker Desktop. See the [Caveats](#caveats) section below to learn more about limitations when using this feature.
> [!IMPORTANT]
>
> Starting with Docker Desktop version 4.36, you can enforce sign-in for multiple organizations. If a developer belongs to multiple organizations with different RAM policies, only the RAM policy for the first organization listed in the `registry.json` file, `.plist` file, or registry key is enforced.
> [!TIP]
>
> Since RAM sets policies about where content can be fetched from, the [ADD](/reference/dockerfile/#add) instruction of the Dockerfile, when the parameter of the ADD instruction is a URL, is also subject to registry restrictions. It's recommended that you add the domains of URL parameters to the list of allowed registry addresses under the Registry Access Management settings of your organization.
Reference in New Issue View Git Blame Copy Permalink