centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-04-03 09:49:05 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
published
docker-docs/layouts/shortcodes/admin-registry-access.html
Sarah Sanders 683bd2268b Merge pull request #22947 from sarahsanders-docker/sidenav-release 
cx: update docs for new sidenav
2025-07-02 16:18:30 -04:00

53 lines
2.3 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{{ $product_link := "[Docker Hub](https://hub.docker.com)" }}
{{ $ram_navigation := "Select **My Hub**, your organization, **Settings**, and then select **Registry Access**." }}
{{ if eq (.Get "product") "admin" }}
{{ $product_link = "[Docker Home](https://app.docker.com/) and select your organization." }}
{{ $ram_navigation = "Select **Admin Console**, then **Registry access**." }}
{{ end }}
To configure Registry Access Management permissions, perform the following steps:
1. Sign in to {{ $product_link }}.
2. {{ $ram_navigation }}
3. Enable Registry Access Management to set the permissions for your registry.
> [!NOTE]
>
> When enabled, the Docker Hub registry is set by default; however you can
> also restrict this registry for your developers.
4. Select **Add registry** and enter your registry details in the applicable
fields, and then select **Create** to add the registry to your list. You can
add up to 100 registries/domains.
5. Verify that the registry appears in your list and select **Save changes**.
Once you add a registry, it can take up to 24 hours for the changes to be
enforced on your developers machines.
If you want to apply the changes sooner, you must force a Docker signout on your
developers machine and have the developers re-authenticate for Docker Desktop.
See the [Caveats](#caveats) section below to learn more about limitations.
> [!IMPORTANT]
>
> Starting with Docker Desktop version 4.36, you can enforce sign-in for
multiple organizations. If a developer belongs to multiple organizations with
different RAM policies, only the RAM policy for the first organization listed
in the `registry.json` file, `.plist` file, or registry key is enforced.
> [!TIP]
>
> Since RAM sets policies about where content can be fetched from, the
[ADD](/reference/dockerfile/#add) instruction of the Dockerfile when the
parameter of the ADD instruction is a URL is also subject to registry
restrictions.
>
> If you're using ADD to fetch an image or artifact from a trusted registry via
> URL, make sure the registry's domain is included in your organzation's
> allowed registries list.
>
> RAM is not intended to restrict access to general-purpose external URLs, for
> example, package mirrors or storage services. Attempting to add too many domains
> may cause errors or hit system limits.
Reference in New Issue View Git Blame Copy Permalink