Configuring access to a registry

You can set up policies for accessing a registry from specific IP addresses.

Management console

CLI

In the management console, select the folder where the registry was created.
In the list of services, select Container Registry.
Select the registry to configure access to.
In the panel on the left, click Access for IP addresses.
Click Configure.
Enter the IP and specify an action. PULL to allow pulling and PUSH to allow pushing images.
To configure access for multiple IPs, click Add.
Click Save.

View the list of available registries, their names and IDs:

yc container registry list

Result:

+-----------------+-----------------+---------------+
|        ID       |      NAME       |   FOLDER ID   |
+-----------------+-----------------+---------------+
|  <Registry ID>  | <Registry name> |  <Folder ID>  |
+-----------------+-----------------+---------------+

Specify registry access settings.
```
yc container registry set-ip-permissions <registry_name> --pull <IP address> --push <IP address>
```
Where:
- --pull is a flag that allows pulling Docker images from the registry.
- --push is a flag that allows pushing Docker images to the registry.
To learn more about the command, see the CLI reference.

As a result of executing this command, all the permissions set for IP addresses will be deleted. To continue, type yes and press Enter.

Result:
```
WARN: All current ip permissions will be deleted. Are you sure?[y/N]
```

Check the current permissions:

yc container registry list-ip-permissions -- <registry_name>

Result:

+--------+--------------+
| ACTION |      IP      |
+--------+--------------+
| PULL   | <IP address> |
| PUSH   | <IP address> |
 +--------+--------------+