ContextQMD
Back to Docker

Create and manage a team

content/manuals/admin/organization/manage-a-team.md

18.09-release4.5 KB
Original Source

{{< summary-bar feature_name="Admin orgs" >}}

You can create teams for your organization in the Admin Console or Docker Hub, and configure team repository access in Docker Hub.

A team is a group of Docker users that belong to an organization. An organization can have multiple teams. An organization owner can create new teams and add members to an existing team using their Docker ID or email address. Members aren't required to be part of a team to be associated with an organization.

The organization owner can add additional organization owners to help them manage users, teams, and repositories in the organization by assigning them the owner role.

What is an organization owner?

An organization owner is an administrator who has the following permissions:

  • Manage repositories and add team members to the organization
  • Access private repositories, all teams, billing information, and organization settings
  • Specify permissions for each team in the organization
  • Enable SSO for the organization

When SSO is enabled for your organization, the organization owner can also manage users. Docker can auto-provision Docker IDs for new end-users or users who'd like to have a separate Docker ID for company use through SSO enforcement.

Organization owners can add others with the owner role to help them manage users, teams, and repositories in the organization.

For more information on roles, see Roles and permissions.

Create a team

  1. Sign in to Docker Home and select your organization.
  2. Select Teams.

Set team repository permissions

You must create a team before you are able to configure repository permissions. For more details, see Create and manage a team.

To set team repository permissions:

  1. Sign in to Docker Hub.

  2. Select My Hub > Repositories.

    A list of your repositories appears.

  3. Select a repository.

    The General page for the repository appears.

  4. Select the Permissions tab.

  5. Add, modify, or remove a team's repository permissions.

    • Add: Specify the Team, select the Permission, and then select Add.
    • Modify: Specify the new permission next to the team.
    • Remove: Select the Remove permission icon next to the team.

Permissions reference

  • Read-only access lets users view, search, and pull a private repository in the same way as they can a public repository.
  • Read & Write access lets users pull, push, and view a repository. In addition, it lets users view, cancel, retry or trigger builds.
  • Admin access lets users pull, push, view, edit, and delete a repository. You can also edit build settings and update the repository’s description, collaborator permissions, public/private visibility, and delete.

Permissions are cumulative. For example, if you have "Read & Write" permissions, you automatically have "Read-only" permissions.

The following table shows what each permission level allows users to do:

ActionRead-onlyRead & WriteAdmin
Pull a Repository
View a Repository
Push a Repository
Edit a Repository
Delete a Repository
Update a Repository Description
View Builds
Cancel Builds
Retry Builds
Trigger Builds
Edit Build Settings

[!NOTE]

A user who hasn't verified their email address only has Read-only access to the repository, regardless of the rights their team membership has given them.

Delete a team

Organization owners can delete a team. When you remove a team from your organization, this action revokes member access to the team's permitted resources. It won't remove users from other teams that they belong to, and it won't delete any resources.

  1. Sign in to Docker Home and select your organization.
  2. Select Teams.
  3. Select the Actions icon next to the name of the team you want to delete.
  4. Select Delete team.
  5. Review the confirmation message, then select Delete.

More resources