Container Registry implements role-based access control with configurable pull/push permissions through scoped credentials for secure image management at scale.
Vultr Container Registry (VCR) enforces access control through role-based authentication and scoped credentials. By default, generated credentials provide pull-only access, but administrators can enable push access when generating the Docker configuration through the Vultr Customer Portal, API, or CLI. This provides fine-grained control over who can upload new images and who can only consume existing ones.
All images stored in VCR are encrypted at rest, ensuring that container images remain secure and accessible only to authorized users and systems.