All Products
Search
Document Center

Container Registry:Configure internet access control

Last Updated:Apr 24, 2026

You can configure an internet access control policy to securely manage and access your Container Registry Enterprise Edition instance over the Internet.

Prerequisites

By default, Enterprise Edition instances are inaccessible over the Internet upon creation. Before you configure an internet access control policy, you must first enable Internet access.

Note

After you enable Internet access, the system automatically adds the CIDR block 127.0.0.1/32 to the IP allowlist.

公网访问

Procedure

  1. Log on to the Container Registry console.

  2. In the top navigation bar, select a region.

  3. On the Instances page, click the Enterprise Edition instance that you want to manage.

  4. In the navigation pane on the left, choose Repository > Access Control.

    Note

    To configure access control for a Helm chart, choose Helm Chart > Access Control.

  5. On the Access Control page, click the Internet tab.

  6. On the Internet tab, click Add Internet Whitelist.

  7. In the Add Internet Whitelist dialog box, enter a CIDR block and a description.

  8. Click Confirm.

    After you add the entry, clients in the specified CIDR block can access the Enterprise Edition instance.

    Important

    To allow any client on the Internet to access your Enterprise Edition instance, keep Internet access enabled and delete all IP allowlist entries. Warning: Exposing an instance to the Internet increases its security risk. Perform this action with caution.