Allow users to pull images

Allow users to pull images

By default only admin users can pull images into a cluster managed by MKE.

Images are a shared resource, as such they are always in the swarm collection. To allow users access to pull images, you need to grant them the image load permission for the swarm collection.

As an admin user, go to the MKE web UI, navigate to the Roles page, and create a new role named Pull images.

Then go to the Grants page, and create a new grant with:

  • Subject: the user you want to be able to pull images.

  • Roles: the “Pull images” role you created.

  • Resource set: the swarm collection.

Once you click Create the user is able to pull images from the MKE web UI or the CLI.