0

I want to setup a private docker registry and need to be able to specify fine grained permissions on repository level e.g. I have repositories

  • foo
  • bar

  • baz

  • Developer A can see and pull from all three repositories but cannot push to any of them.

  • Developer B can push and pull to/from foo but cannot see any of the other repositories.
  • Developer C can push/pull from baz and pull from bar but cannot see foo.

As most of our services are in Azure I would prefer to use Azure Container Registry but it seems I can only assign permissions across the whole docker registry and not for individual repositories.

Is there a way to achieve what I want with Azure Container Registry and if not what are my alternatives (preferably open source)?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Semaphor
  • 57
  • 2
  • 3

1 Answers1

0

Just as you know, Azure Container Registry does not have the feature that you need, it just can control the access of all the repositories, not individual. So you cannot achieve your purpose in ACR.

Maybe you can try to create your own private docker registry in the VM, then you can follow the steps in Authentication and authorization in DTR. It seems you can control the access for the individual repository via the teams in docker registry. Hope it helps.

Charles Xu
  • 29,862
  • 2
  • 22
  • 39