All Products
Search
Document Center

Container Registry:Configure access over the Internet

Last Updated:Apr 14, 2023

To make sure that a Container Registry Enterprise Edition instance can be accessed from the Internet with security, you must configure a whitelist for the Internet.

Prerequisites

By default, Container Registry Enterprise Edition instances cannot be accessed over the Internet. Therefore, you must enable access over the Internet before you configure the access control policy for Internet access.

Note

After you enable access over the Internet, the Classless Inter-Domain Routing (CIDR) block 127.0.0.1/32 is automatically added to the whitelist.

Procedure

  1. Log on to the Container Registry console.
  2. In the top navigation bar, select a region.
  3. On the Instances page, click the Enterprise Edition instance that you want to manage.
  4. On the management page of the Container Registry Enterprise Edition instance, choose Repositories > Access Control in the left-side navigation pane.

    Note

    If you want to configure access control for Helm charts, choose Helm Chart > Access Control.

  5. On the Access Control page, click the Internet tab.

  6. On the Internet tab, click Add Internet Whitelist.

  7. In the Add Internet Whitelist dialog box, specify the CIDR block that is allowed to access the Container Registry Enterprise Edition instance and the description.

  8. Click OK.

    After the CIDR block is added, Elastic Compute Service (ECS) instances whose IP addresses belong to the CIDR block can access the Container Registry Enterprise Edition instance.

    Important

    You may want to allow all ECS instances to access the Container Registry Enterprise Edition instance over the Internet. To achieve this purpose, you can enable access over the Internet and delete all IP addresses from the whitelist for Internet access. After you perform the preceding operation, the Container Registry Enterprise Edition instance is completely exposed to the Internet and may be attacked. Proceed with caution.