Change theme
Help
Press space for more information.
Show links for this issue (Shortcut: i, l)
Copy issue ID
Previous Issue (Shortcut: k)
Next Issue (Shortcut: j)
Sign in to use full features.
Vote: I am impacted
Notification menu
Refresh (Shortcut: Shift+r)
Go home (Shortcut: u)
Pending code changes (auto-populated)
View issue level access limits(Press Alt + Right arrow for more information)
Request for new functionality
View staffing
Description
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish:
Implement granular image-level permissions within Artifact Registry repositories. This would allow users to grant specific permissions to individual images, rather than the entire repository.
How this might work:
Image-level IAM roles (Preferred): Introduce a way to have IAM roles that can be assigned to specific images. These roles could have permissions to view, pull, or push individual images.
Image-level access control lists (ACLs): Allow users to create ACLs for images, specifying which users or groups can perform specific actions on those images.
If applicable, reasons why alternative solutions are not sufficient:
Currently, the only way to grant access to specific images is to create separate repositories for each image or group of images that a specific service account needs access to. This approach is inefficient and cumbersome, especially for large-scale deployments with many images.
Other information (workarounds you have tried, documentation consulted, etc):
We have tried using repository-level permissions and creating separate repositories, but neither solution provides the necessary granularity. I have consulted the Artifact Registry documentation, but it does not mention any plans for image-level permissions.
Additional Considerations: NA