{productname}'s permission model provides fine-grained access control over repositories and the content of those repositories, helping ensure secure collaboration and automation. {productname} administrators can grant users and robot accounts one of the following levels of access:
-
Read: Allows users, robots, and teams to pull images.
-
Write: Allows users, robots, and teams to push images.
-
Admin: Provides users, robots, and teams administrative privileges.
|
Note
|
Administrative users can delegate new permissions for existing users and teams, change existing permissions, and revoke permissions when necessary |
Collectively, these levels of access provide users or robot accounts the ability to perform specific tasks, like pulling images, pushing new versions of an image into the registry, or managing the settings of a repository. These permissions can be delegated across the entire organization and on specific repositories. For example, Read permissions can be set to a specific team within the organization, while Admin permissions can be given to all users across all repositories within the organization.