From a949a7335ab96124fee6f0d8441d9e2f4a97604b Mon Sep 17 00:00:00 2001 From: Arthur Date: Mon, 7 Jul 2025 12:41:58 +0200 Subject: [PATCH 1/5] fix: visual touch-ups (#23012) - **increase h2 mt** - **tabs: remove rounded border** - **fix page action icons** - **increase article width** - **reduce breadcrumb font size** --- assets/css/components.css | 2 +- assets/css/global.css | 2 +- assets/css/utilities.css | 23 +++++++++++++---------- layouts/partials/breadcrumbs.html | 2 +- layouts/partials/content-default.html | 2 +- layouts/partials/github-links.html | 4 ++-- layouts/partials/md-dropdown.html | 2 +- 7 files changed, 20 insertions(+), 17 deletions(-) diff --git a/assets/css/components.css b/assets/css/components.css index 4e7a2234d3a0..0398544f06eb 100644 --- a/assets/css/components.css +++ b/assets/css/components.css @@ -110,6 +110,6 @@ } .tab-item { - @apply inline-block rounded-sm px-3 py-2 hover:bg-gray-100 dark:hover:bg-gray-900; + @apply inline-block rounded-t-sm px-3 py-2 hover:bg-gray-100 dark:hover:bg-gray-900; @apply dark:text-gray-200; } diff --git a/assets/css/global.css b/assets/css/global.css index 37d2c85d8769..8ff730389ba8 100644 --- a/assets/css/global.css +++ b/assets/css/global.css @@ -49,7 +49,7 @@ input[type="search"]::-ms-clear { margin-bottom: 0.4em !important; } > h2 { - @apply mt-5! mb-3!; + @apply mt-7! mb-3!; font-size: 160% !important; a { @apply hover:no-underline!; diff --git a/assets/css/utilities.css b/assets/css/utilities.css index ee01aaadc7ff..cc7f6b3ba1b9 100644 --- a/assets/css/utilities.css +++ b/assets/css/utilities.css @@ -1,13 +1,3 @@ -@utility icon-svg { - svg { - font-size: 24px; - width: 1em; - height: 1em; - display: inline-block; - fill: currentColor; - } -} - @utility icon-xs { svg { font-size: 12px; @@ -91,6 +81,15 @@ fill: currentColor; } } +@utility icon-svg-stroke { + svg { + font-size: 24px; + width: 1em; + height: 1em; + display: inline-block; + stroke: currentColor; + } +} @utility icon-xs { svg { @@ -257,3 +256,7 @@ @utility pagination-link { @apply flex items-center justify-center rounded-sm p-2; } + +@utility breadcrumbs { + font-size: 90%; +} diff --git a/layouts/partials/breadcrumbs.html b/layouts/partials/breadcrumbs.html index 1b2a0ea2f053..fc893af263e2 100644 --- a/layouts/partials/breadcrumbs.html +++ b/layouts/partials/breadcrumbs.html @@ -2,7 +2,7 @@ id="breadcrumbs" {{- $breadcrumbTitles := slice }} data-pagefind-ignore - class="mb-4 flex min-w-0 items-center gap-2 text-gray-400 dark:text-gray-300" + class="breadcrumbs mb-4 flex min-w-0 items-center gap-2 text-gray-400 dark:text-gray-300" > {{ range .Ancestors.Reverse }} {{ $breadcrumbTitles = $breadcrumbTitles | append .LinkTitle }} diff --git a/layouts/partials/content-default.html b/layouts/partials/content-default.html index 3492323720a2..24dbbbce5a5c 100644 --- a/layouts/partials/content-default.html +++ b/layouts/partials/content-default.html @@ -13,7 +13,7 @@

{{ .Title }}

{{ .Content }} - diff --git a/layouts/partials/github-links.html b/layouts/partials/github-links.html index 8e4694ca37f8..cea019c11548 100644 --- a/layouts/partials/github-links.html +++ b/layouts/partials/github-links.html @@ -7,7 +7,7 @@ {{ with .File }} {{ if not (in .Filename "/_vendor/") }}

- + {{ partial "utils/svg.html" "theme/icons/edit.svg" }} - + {{ partial "utils/svg.html" "theme/icons/issue.svg" }} +

Date: Mon, 7 Jul 2025 15:15:38 +0200 Subject: [PATCH 2/5] fix: broken alias prop (#23014) --- content/manuals/ai/compose/models-and-compose.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/content/manuals/ai/compose/models-and-compose.md b/content/manuals/ai/compose/models-and-compose.md index e7863b8179a6..737b4b217af2 100644 --- a/content/manuals/ai/compose/models-and-compose.md +++ b/content/manuals/ai/compose/models-and-compose.md @@ -3,7 +3,7 @@ title: Define AI Models in Docker Compose applications linkTitle: Use AI models in Compose description: Learn how to define and use AI models in Docker Compose applications using the models top-level element keywords: compose, docker compose, models, ai, machine learning, cloud providers, specification -alias: +aliases: - /compose/how-tos/model-runner/ - /ai/compose/model-runner/ weight: 10 @@ -68,14 +68,14 @@ models: ``` Common configuration options include: -- `model` (required): The OCI artifact identifier for the model. This is what Compose pulls and runs via the model runner. +- `model` (required): The OCI artifact identifier for the model. This is what Compose pulls and runs via the model runner. - `context_size`: Defines the maximum token context size for the model. - + > [!NOTE] > Each model has its own maximum context size. When increasing the context length, > consider your hardware constraints. In general, try to keep context size > as small as feasible for your specific needs. - + - `runtime_flags`: A list of raw command-line flags passed to the inference engine when the model is started. For example, if you use llama.cpp, you can pass any of [the available parameters](https://github.com/ggml-org/llama.cpp/blob/master/tools/server/README.md). - Platform-specific options may also be available via extension attributes `x-*` @@ -172,7 +172,7 @@ Docker Model Runner will: > > This approach is deprecated. Use the [`models` top-level element](#basic-model-definition) instead. -You can also use the `provider` service type, which allows you to declare platform capabilities required by your application. +You can also use the `provider` service type, which allows you to declare platform capabilities required by your application. For AI models, you can use the `model` type to declare model dependencies. To define a model provider: From 68c55b6b095e489e1c6af12dbe7388e86ee04e69 Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Mon, 7 Jul 2025 10:17:02 -0400 Subject: [PATCH 3/5] Merge pull request #23000 from sarahsanders-docker/admin-freshness-2 admin: org freshness part 2 --- .../admin/organization/activity-logs.md | 47 +++++- .../admin/organization/deactivate-account.md | 26 ++-- .../admin/organization/general-settings.md | 23 +-- .../manuals/admin/organization/insights.md | 35 +++-- .../admin/organization/manage-products.md | 140 +++++++++--------- layouts/shortcodes/admin-org-audit-log.html | 30 ---- 6 files changed, 162 insertions(+), 139 deletions(-) delete mode 100644 layouts/shortcodes/admin-org-audit-log.html diff --git a/content/manuals/admin/organization/activity-logs.md b/content/manuals/admin/organization/activity-logs.md index 281e3efdbf9f..57ea00250a16 100644 --- a/content/manuals/admin/organization/activity-logs.md +++ b/content/manuals/admin/organization/activity-logs.md @@ -1,17 +1,19 @@ --- title: Activity logs weight: 50 -description: Learn about activity logs. -keywords: team, organization, activity, log, audit, activities +description: Learn how to access and interpret Docker activity logs for organizations and repositories. +keywords: audit log, organization activity, Docker business logs, repository activity, track changes Docker, security logs Docker, filter logs, log Docker events aliases: - /docker-hub/audit-log/ --- {{< summary-bar feature_name="Activity logs" >}} -Activity logs display a chronological list of activities that occur at organization and repository levels. It provides a report to owners on all their member activities. +Activity logs display a chronological list of activities that occur at organization and repository levels. The activity log provides organization owners with a record of all +member activities. With activity logs, owners can view and track: + - What changes were made - The date when a change was made - Who initiated the change @@ -20,24 +22,55 @@ For example, activity logs display activities such as the date when a repository Owners can also see the activity logs for their repository if the repository is part of the organization subscribed to a Docker Business or Team subscription. -## Manage activity logs +## Access activity logs {{< tabs >}} {{< tab name="Admin Console" >}} -{{% admin-org-audit-log product="admin" %}} +To view activity logs in the Admin Console: + +1. Sign in to [Docker Home](https://app.docker.com) and select your +organization. +1. Select **Admin Console**, then **Activity logs**. {{< /tab >}} {{< tab name="Docker Hub" >}} {{% include "hub-org-management.md" %}} -{{% admin-org-audit-log product="hub" %}} +To view activity logs in Docker Hub: + +1. Sign in to [Docker Hub](https://hub.docker.com). +1. Select **My Hub**, your organization, and then **Activity**. {{< /tab >}} {{< /tabs >}} -## Event definitions +## Filter and customize activity logs + +By default, the **Activity** tab displays all recorded events. To narrow your +view, use the calendar to select a specific date range. The log updates to +show only the activities that occurred during that period. + +You can also filter by activity type. Use the **All Activities** drop-down to +focus on organization-level, repository-level, or billing-related events. +In Docker Hub, when viewing a repository, the **Activities** tab only shows +events for that repository. + +After selecting a category—**Organization**, **Repository**, or **Billing**—use +the **All Actions** drop-down to refine the results even further by specific +event type. + +> [!NOTE] +> +> Events triggered by Docker Support appear under the username **dockersupport**. + +> [!IMPORTANT] +> +> Docker retains activity logs for three months. To maintain access to older +data, export logs regularly. + +## Types of activity log events Refer to the following section for a list of events and their descriptions: diff --git a/content/manuals/admin/organization/deactivate-account.md b/content/manuals/admin/organization/deactivate-account.md index aee1e720bc85..ed8b0474038e 100644 --- a/content/manuals/admin/organization/deactivate-account.md +++ b/content/manuals/admin/organization/deactivate-account.md @@ -1,7 +1,7 @@ --- title: Deactivate an organization -description: Learn how to deactivate a Docker organization. -keywords: Docker Hub, delete, deactivate organization, account, organization management +description: Learn how to deactivate a Docker organization and required prerequisite steps. +keywords: delete, deactivate organization, account, organization management, Admin Console, cancel subscription weight: 42 aliases: - /docker-hub/deactivate-account/ @@ -9,38 +9,44 @@ aliases: {{< summary-bar feature_name="General admin" >}} -You can deactivate an account at any time. This section describes the prerequisites and steps to deactivate an organization account. For information on deactivating a user account, see [Deactivate a user account](../../accounts/deactivate-user-account.md). +Learn how to deactivate a Docker organization, including required prerequisite +steps. For information about deactivating user +accounts, see [Deactivate a user account](../../accounts/deactivate-user-account.md). > [!WARNING] > -> All Docker products and services that use your Docker account or organization account will be inaccessible after deactivating your account. +> All Docker products and services that use your Docker account or organization +account will be inaccessible after deactivating your account. ## Prerequisites -Before deactivating an organization, complete the following: +You must complete all the following steps before you can deactivate your +organization: - Download any images and tags you want to keep: `docker pull -a :`. - If you have an active Docker subscription, [downgrade it to a free subscription](../../subscription/change.md). - Remove all other members within the organization. -- Unlink your [Github and Bitbucket accounts](../../docker-hub/repos/manage/builds/link-source.md#unlink-a-github-user-account). +- Unlink your [GitHub and Bitbucket accounts](../../docker-hub/repos/manage/builds/link-source.md#unlink-a-github-user-account). - For Business organizations, [remove your SSO connection](../../security/for-admins/single-sign-on/manage/#remove-an-organization). ## Deactivate -Once you have completed all the previous steps, you can deactivate your organization. +You can deactivate your organization using either the Admin Console or +Docker Hub. > [!WARNING] > -> This cannot be undone. Be sure you've gathered all the data you need from your organization before deactivating it. +> This cannot be undone. Be sure you've gathered all the data you need from +your organization before deactivating it. {{< tabs >}} {{< tab name="Admin Console" >}} 1. Sign in to [Docker Home](https://app.docker.com) and select the organization you want to deactivate. -1. Select **Admin Console**, then **Deactivate**. If this button is greyed out, -you must complete the [Prerequisites](#prerequisites). +1. Select **Admin Console**, then **Deactivate**. If the **Deactivate** +button is unavailable, confirm you've completed all [Prerequisites](#prerequisites). 1. Enter the organization name to confirm deactivation. 1. Select **Deactivate organization**. diff --git a/content/manuals/admin/organization/general-settings.md b/content/manuals/admin/organization/general-settings.md index c0f5f07ffb60..3b6ad6803f65 100644 --- a/content/manuals/admin/organization/general-settings.md +++ b/content/manuals/admin/organization/general-settings.md @@ -1,13 +1,13 @@ --- -title: Organization settings +title: Organization information weight: 60 description: Learn how to manage settings for organizations using Docker Admin Console. -keywords: organization, settings, Admin Console +keywords: organization, settings, Admin Console, manage, Docker organization, Gravatar, SCIM, SSO setup, domain management, organization settings --- -This section describes how to manage organization settings in the Docker Admin Console. +Learn how to update your organization information using the Admin Console. -## Configure organization information +## Update organization information General organization information appears on your organization landing page in the Admin Console. @@ -17,14 +17,19 @@ This information includes: - Company - Location - Website - - Gravatar email: To add an avatar to your Docker account, create a [Gravatar account](https://gravatar.com/) and create your avatar. Next, add your Gravatar email to your Docker account settings. It may take some time for your avatar to update in Docker. + - Gravatar email: To add an avatar to your Docker account, create a [Gravatar account](https://gravatar.com/) and upload an avatar. Next, add your Gravatar email to your Docker account settings. It may take some time for your avatar to update in Docker. To edit this information: -1. Sign in to the [Admin Console](https://app.docker.com/admin). -1. Select your company on the **Choose profile** page. -1. Specify the organization information and select **Save**. +1. Sign in to the [Admin Console](https://app.docker.com/admin) and +select your organization. +1. Enter or update your organization’s details, then select **Save**. ## Next steps -In the **Organization settings** menu, you can also [configure SSO](../../security/for-admins/single-sign-on/configure/) and [set up SCIM](../../security/for-admins/provisioning/scim.md). If your organization isn't part of a company, from here you can also [manage your domains](/manuals/security/for-admins/domain-management.md) or [create a company](new-company.md). +After configuring your organization information, you can: + +- [Configure single sign-on (SSO)](../../security/for-admins/single-sign-on/configure/) +- [Set up SCIM provisioning](../../security/for-admins/provisioning/scim.md) +- [Manage domains](../../security/for-admins/domain-management.md) +- [Create a company](new-company.md) diff --git a/content/manuals/admin/organization/insights.md b/content/manuals/admin/organization/insights.md index 6de7e5679090..7d62e416a7fa 100644 --- a/content/manuals/admin/organization/insights.md +++ b/content/manuals/admin/organization/insights.md @@ -1,7 +1,7 @@ --- -description: Gain insights about your organization's users and their Docker usage. -keywords: organization, insights title: Insights +description: Gain insights about your organization's users and their Docker usage. +keywords: organization, insights, Docker Desktop analytics, user usage statistics, Docker Business, track Docker activity --- {{< summary-bar feature_name="Insights" >}} @@ -13,26 +13,29 @@ productivity and efficiency across the organization. Key benefits include: -- Uniform working environment. Establish and maintain standardized +- Uniform working environment: Establish and maintain standardized configurations across teams. -- Best practices. Promote and enforce usage guidelines to ensure optimal +- Best practices: Promote and enforce usage guidelines to ensure optimal performance. -- Increased visibility. Monitor and drive adoption of organizational +- Increased visibility: Monitor and drive adoption of organizational configurations and policies. -- Optimized license use. Ensure that developers have access to advanced +- Optimized license use: Ensure that developers have access to advanced features provided by a Docker subscription. ## Prerequisites +To use Insights, you must meet the following requirements: + - [Docker Business subscription](../../subscription/details.md#docker-business) -- Administrators must [enforce sign-in](/security/for-admins/enforce-sign-in/) for users -- Insights enabled by your Customer Success Manager +- Administrators must [enforce sign-in](/security/for-admins/enforce-sign-in/) +for users +- Your Customer Success Manager must turn on Insights for your organization ## View Insights for organization users -To access Insights, you must contact your Customer Success Manager to have the -feature enabled. Once the feature is enabled, access Insights using the following -steps: +To access Insights, contact your Customer Success Manager to have the +feature turned on. Once the feature is turned on, access Insights using the +following steps: 1. Sign in to [Docker Home](https://app.docker.com/) and choose your organization. @@ -44,7 +47,7 @@ your organization. > Insights page, view the **Last updated** date to understand when the data was > last updated. -You can view data in the following charts: +Insights data is displayed in the following charts: - [Docker Desktop users](#docker-desktop-users) - [Builds](#builds) @@ -187,7 +190,7 @@ installed ## Troubleshoot Insights If you’re experiencing issues with data in Insights, consider the following -solutions to resolve common problems. +solutions to resolve common problems: - Update users to the latest version of Docker Desktop. @@ -195,12 +198,12 @@ solutions to resolve common problems. In addition, older versions may not provide all data. Ensure all users have installed the latest version of Docker Desktop. -- Enable **Send usage statistics** in Docker Desktop for all your users. +- Turn on **Send usage statistics** in Docker Desktop for all your users. If users have opted out of sending usage statistics for Docker Desktop, then their usage data will not be a part of Insights. To manage the setting at scale for all your users, you can use [Settings - Management](/desktop/hardened-desktop/settings-management/) and enable the + Management](/desktop/hardened-desktop/settings-management/) and turn on the `analyticsEnabled` setting. - Ensure users use Docker Desktop and aren't using the standalone @@ -210,7 +213,7 @@ solutions to resolve common problems. Engine outside of Docker Desktop, Docker Engine won't provide data for that user. -- Ensure that users are signing in to an account associated with your +- Make sure users sign in to an account associated with your organization. Users who don’t sign in to an account associated with your organization are diff --git a/content/manuals/admin/organization/manage-products.md b/content/manuals/admin/organization/manage-products.md index b2dc56ec662c..5b645bce67a4 100644 --- a/content/manuals/admin/organization/manage-products.md +++ b/content/manuals/admin/organization/manage-products.md @@ -1,8 +1,8 @@ --- title: Manage Docker products weight: 45 -description: Learn how to manage Docker products for your organization -keywords: organization, tools, products +description: Learn how to manage access and usage for Docker products for your organization +keywords: organization, tools, products, product access, organization management --- {{< summary-bar feature_name="Admin orgs" >}} @@ -11,99 +11,105 @@ In this section, learn how to manage access and view usage of the Docker products for your organization. For more detailed information about each product, including how to set up and configure them, see the following manuals: -- [Docker Build Cloud](../../build-cloud/_index.md) - [Docker Desktop](../../desktop/_index.md) - [Docker Hub](../../docker-hub/_index.md) +- [Docker Build Cloud](../../build-cloud/_index.md) - [Docker Scout](../../scout/_index.md) - [Testcontainers Cloud](https://testcontainers.com/cloud/docs/#getting-started) -## Manage access to Docker products +## Manage product access for your organization -Access to Docker products included in your subscription is enabled by default -for all users. The included products are: +Access to the Docker products included in your subscription is turned on by +default for all users. For an overview of products included in your +subscription, see +[Docker subscriptions and features](/manuals/subscription/details.md). -- Docker Hub -- Docker Build Cloud -- Docker Desktop -- Docker Scout +{{< tabs >}} +{{< tab name="Docker Desktop" >}} -Testcontainers Cloud is not enabled by default. To enable Testcontainers Cloud, see the Testcontainers [Getting Started](https://testcontainers.com/cloud/docs/#getting-started) guide. +### Manage Docker Desktop access -The following sections describe how to enable or disable access for these products. +To manage Docker Desktop access: -### Manage access to Docker Build Cloud +1. [Enforce sign-in](../../security/for-admins/enforce-sign-in/_index.md). +1. Manage members [manually](./members.md) or use +[provisioning](../../security/for-admins/provisioning/_index.md). -To learn how to initially set up and configure Docker Build Cloud, sign in to -the [Docker Build Cloud Dashboard](https://app.docker.com/build) and follow the -on-screen instructions. +With sign-in enforced, only users who are a member of your organization can +use Docker Desktop after signing in. -To manage access to Docker Build Cloud, sign in to [Docker Build -Cloud](http://app.docker.com/build) as an organization owner, select **Account -settings**, and then manage access under **Lock Docker Build Cloud**. +{{< /tab >}} +{{< tab name="Docker Hub" >}} -### Manage access to Docker Scout +### Manage Docker Hub access -To learn how to initially set up and configure Docker Scout for remote -repositories, sign in to the [Docker Scout Dashboard](https://scout.docker.com/) -and follow the on-screen instructions. +To manage Docker Hub access, sign in to +[Docker Home](https://app.docker.com/) and configure [Registry Access Management](../../security/for-admins/hardened-desktop/registry-access-management.md) +or [Image Access Management](../../security/for-admins/hardened-desktop/image-access-management.md). -To manage access to Docker Scout for use on remote repositories, sign in to the -[Docker Scout Dashboard](https://scout.docker.com/) and configure -[integrations](../../scout/explore/dashboard.md#integrations) and [repository -settings](../../scout/explore/dashboard.md#repository-settings). +{{< /tab >}} +{{< tab name="Docker Build Cloud" >}} -To manage access to Docker Scout for use on local images with Docker Desktop, use -[Settings -Management](../../security/for-admins/hardened-desktop/settings-management/_index.md) -and set `sbomIndexing` to `false` to disable, or to `true` to enable. +### Manage Docker Build Cloud access -### Manage access to Docker Hub +To initially set up and configure Docker Build Cloud, sign in to +[Docker Build Cloud](https://app.docker.com/build) and follow the +on-screen instructions. -To manage access to Docker Hub, sign in to the [Docker Admin Console](https://app.docker.com/admin) and configure [Registry Access -Management](../../security/for-admins/hardened-desktop/registry-access-management.md) -or [Image Access -Management](../../security/for-admins/hardened-desktop/image-access-management.md). +To manage Docker Build Cloud access: -### Manage access to Testcontainers Cloud +1. Sign in to [Docker Build Cloud](http://app.docker.com/build) as an +organization owner. +1. Select **Account settings**. +1. Select **Lock access to Docker Build Account**. -To learn how to initially set up and configure Testcontainers Cloud, sign in to -[Testcontainers Cloud](https://app.testcontainers.cloud/) and follow the -on-screen instructions. +{{< /tab >}} +{{< tab name="Docker Scout" >}} -To manage access to Testcontainers Cloud, sign in to the [Testcontainers Cloud -Settings page](https://app.testcontainers.cloud/dashboard/settings) as -an organization owner, and then manage access under **Lock Testcontainers -Cloud**. +### Manage Docker Scout access -### Manage access to Docker Desktop +To initially set up and configure Docker Scout, sign in to +[Docker Scout](https://scout.docker.com/) and follow the on-screen instructions. -To manage access to Docker Desktop, you can [enforce -sign-in](../../security/for-admins/enforce-sign-in/_index.md), then and manage -members [manually](./members.md) or use -[provisioning](../../security/for-admins/provisioning/_index.md). With sign-in -enforced, only users who are a member of your organization can use Docker -Desktop after signing in. +To manage Docker Scout access: -## View Docker product usage +1. Sign in to [Docker Scout](https://scout.docker.com/) as an organization +owner. +1. Select your organization, then **Settings**. +1. To manage what repositories are enabled for Docker Scout analysis, select +**Repository settings**. For more information on, +see [repository settings](../../scout/explore/dashboard.md#repository-settings). +1. To manage access to Docker Scout for use on local images with Docker Desktop, +use [Settings Management](../../security/for-admins/hardened-desktop/settings-management/_index.md) +and set `sbomIndexing` to `false` to disable, or to `true` to enable. + +{{< /tab >}} +{{< tab name="Testcontainers Cloud" >}} + +### Manage Testcontainers Cloud access + +To initially set up and configure Testcontainers Cloud, sign in to +[Testcontainers Cloud](https://app.testcontainers.cloud/) and follow the +on-screen instructions. -View usage for the products on the following pages: +To manage access to Testcontainers Cloud: -- Docker Build Cloud: View the **Build minutes** page in the [Docker Build Cloud - Dashboard](http://app.docker.com/build). +1. Sign in to the [Testcontainers Cloud](https://app.testcontainers.cloud/) and +select **Account**. +1. Select **Settings**, then **Lock access to Testcontainers Cloud**. -- Docker Scout: View the [**Repository settings** - page](https://scout.docker.com/settings/repos) in the Docker Scout - Dashboard. +{{< /tab >}} +{{< /tabs >}} -- Docker Hub: View the [**Usage** page](https://hub.docker.com/usage) in Docker - Hub. +## Monitor product usage for your organization -- Testcontainers Cloud: View the [**Billing** - page](https://app.testcontainers.cloud/dashboard/billing) in the - Testcontainers Cloud Dashboard. +To view usage for Docker products: -- Docker Desktop: View the **Insights** page in [Docker Home](https://app.docker.com/). For more details, see - [Insights](./insights.md). +- Docker Desktop: View the **Insights** page in [Docker Home](https://app.docker.com/). For more details, see [Insights](./insights.md). +- Docker Hub: View the [**Usage** page](https://hub.docker.com/usage) in Docker Hub. +- Docker Build Cloud: View the **Build minutes** page in [Docker Build Cloud](http://app.docker.com/build). +- Docker Scout: View the [**Repository settings** page](https://scout.docker.com/settings/repos) in Docker Scout. +- Testcontainers Cloud: View the [**Billing** page](https://app.testcontainers.cloud/dashboard/billing) in Testcontainers Cloud. -If your usage exceeds your subscription amount, you can [scale your -subscription](../../subscription/scale.md) to meet your needs. \ No newline at end of file +If your usage or seat count exceeds your subscription amount, you can +[scale your subscription](../../subscription/scale.md) to meet your needs. diff --git a/layouts/shortcodes/admin-org-audit-log.html b/layouts/shortcodes/admin-org-audit-log.html deleted file mode 100644 index a3d0802c5911..000000000000 --- a/layouts/shortcodes/admin-org-audit-log.html +++ /dev/null @@ -1,30 +0,0 @@ -{{ $product_link := "[Docker Hub](https://hub.docker.com)" }} -{{ $audit_navigation := "Select **My Hub**, your organization, and then **Activity**." }} - -{{ if eq (.Get "product") "admin" }} - {{ $product_link = "[Docker Home](https://app.docker.com/) and select your organization." }} - {{ $audit_navigation = "Select **Admin Console**, then **Activity logs**." }} -{{ end }} - -### View the activity logs - -To view the activity logs: - -1. Sign in to {{ $product_link }}. -2. {{ $audit_navigation }} - -> [!NOTE] -> -> Docker retains the activity data for a period of three months. - -### Customize the activity logs - -By default, all activities that occur are displayed on the **Activity** tab. Use the calendar option to select a date range and customize your results. After you have selected a date range, the activity logs of all the activities that occurred during that period are displayed. - -> [!NOTE] -> -> Activities created by the Docker Support team as part of resolving customer issues appear in the activity logs as **dockersupport**. - -Select the **All Activities** drop-down to view activities that are specific to an organization, repository, or billing. In Docker Hub, if you select the **Activities** tab from the **Repository** view, you can only filter repository-level activities. - -After choosing **Organization**, **Repository**, or **Billing**, you can further refine the results using the **All Actions** drop-down. From 1d869263bb1374ba3e8bb2eeef9e2464c32b65f0 Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Mon, 7 Jul 2025 10:26:08 -0400 Subject: [PATCH 4/5] admin: org freshness part 1 (#22970) ## Description - Part 1 admin freshness, admin section is huge so I am breaking it up into several PRs to make review a little easier :) ## Reviews - [ ] Editorial review --- content/includes/admin-org-overview.md | 14 --- content/manuals/admin/_index.md | 67 ++++++++-- content/manuals/admin/organization/_index.md | 28 ++++- .../admin/organization/convert-account.md | 85 +++++++------ .../admin/organization/manage-a-team.md | 89 ++++++++----- content/manuals/admin/organization/members.md | 16 +-- content/manuals/admin/organization/onboard.md | 119 ++++++++++++------ content/manuals/admin/organization/orgs.md | 34 +++-- 8 files changed, 293 insertions(+), 159 deletions(-) delete mode 100644 content/includes/admin-org-overview.md diff --git a/content/includes/admin-org-overview.md b/content/includes/admin-org-overview.md deleted file mode 100644 index 3aff83bc2fea..000000000000 --- a/content/includes/admin-org-overview.md +++ /dev/null @@ -1,14 +0,0 @@ -An organization in Docker is a collection of teams and repositories -that can be managed together. A team is a group of Docker members that belong to an organization. -An organization can have multiple teams. Members don't have to be added to a team to be part of an organization. - -Docker users become members of an organization once they're associated with that organization by an organization owner. An organization owner is a user with administrative access to the organization. - -Owners can invite users, assign them roles, create new teams, and add -members to an existing team using their Docker ID or email address. An organization owner can also add -additional owners to help them manage users, teams, and repositories in the -organization. - -The following diagram depicts the setup of an organization and how it relates to teams. Teams are an optional feature that owners can use to group members and assign permissions. - -![organization-hierarchy](/admin/images/org-structure.webp) diff --git a/content/manuals/admin/_index.md b/content/manuals/admin/_index.md index 2e1c733521ab..d75f739cf13f 100644 --- a/content/manuals/admin/_index.md +++ b/content/manuals/admin/_index.md @@ -1,6 +1,6 @@ --- title: Administration -description: Discover manuals on administration for accounts, organizations, and companies. +description: Overview of administration features and roles in the Docker Admin Console keywords: admin, administration, company, organization, Admin Console, user accounts, account management weight: 10 params: @@ -35,17 +35,66 @@ aliases: - /docker-hub/admin-overview --- -Administrators can manage companies and organizations using the Docker Admin Console. +Administrators can manage companies and organizations using the +[Docker Admin Console](https://app.docker.com/admin). The Admin Console +provides centralized observability, access management, and security controls +across Docker environments. + +## Company and organization hierarchy The [Docker Admin Console](https://app.docker.com/admin) provides administrators with centralized observability, access management, and controls for their company and organizations. To provide these features, Docker uses the following hierarchy and roles. -![Docker hierarchy](./images/docker-admin-structure.webp) +![Diagram showing Docker’s administration hierarchy with Company at the top, followed by Organizations, Teams, and Members](./images/docker-admin-structure.webp) + +### Company + +A company groups multiple Docker organizations for centralized configuration. +Companies are only available for Docker Business subscribers. + +Companies have the following administrator role available: + +- Company owner: Can view and manage all organizations within the company. +Has full access to company-wide settings and inherits the same permissions as +organization owners. + +### Organization + +An organization contains teams and repositories. All Docker Team and Business +subscribers must have at least one organization. + +Organizations have the following administrator role available: + +- Organization owner: Can manage organization settings, users, and access +controls. + +### Team + +Teams are optional and let you group members to assign repository permissions +collectively. Teams simplify permission management across projects +or functions. + +### Member + +A member is any Docker user added to an organization. Organization and company +owners can assign roles to members to define their level of access. + +> [!NOTE] +> +> Creating a company is optional, but organizations are required for Team and +Business subscriptions. + +## Admin Console features + +Docker's [Admin Console](https://app.docker.com/admin) allows you to: + +- Create and manage companies and organizations +- Assign roles and permissions to members +- Group members into teams to manage access by project or role +- Set company-wide policies, including SCIM provisioning and security +enforcement + +## Manage companies and organizations -- Company: A company simplifies the management of Docker organizations and settings. Creating a company is optional and only available to Docker Business subscribers. - - Company owner: A company can have multiple owners. Company owners have company-wide observability and can manage company-wide settings that apply to all associated organizations. In addition, company owners have the same access as organization owners for all associated organizations. -- Organization: An organization is a collection of teams and repositories. Docker Team and Business subscribers must have at least one organization. - - Organization owner: An organization can have multiple owners. Organization owners have observability into their organization and can manage its users and settings. -- Team: A team is a group of Docker members that belong to an organization. Organization and company owners can group members into additional teams to configure repository permissions on a per-team basis. Using teams to group members is optional. -- Member: A member is a Docker user that's a member of an organization. Organization and company owners can assign roles to members to define their permissions. +Learn how to manage companies and organizations in the following sections. {{< grid >}} diff --git a/content/manuals/admin/organization/_index.md b/content/manuals/admin/organization/_index.md index c1a05fe7e556..ec1d2bc1b07f 100644 --- a/content/manuals/admin/organization/_index.md +++ b/content/manuals/admin/organization/_index.md @@ -2,8 +2,8 @@ title: Organization administration overview linkTitle: Organization administration weight: 10 -description: Learn about managing organizations in Docker including how they relate to teams, how to onboard, and more -keywords: organizations, admin, overview +description: Learn how to manage your Docker organization, including teams, members, permissions, and settings. +keywords: organizations, admin, overview, manage teams, roles grid: - title: Onboard your organization description: Learn how to onboard and secure your organization. @@ -45,10 +45,26 @@ grid: icon: help --- -{{% include "admin-org-overview.md" %}} +A Docker organization is a collection of teams and repositories with centralized +management. It helps administrators group members and assign access in a +streamlined, scalable way. -To create an organization, see [Create your organization](../organization/orgs.md). +## Organization structure -Learn how to administer an organization in the following sections. +The following diagram shows how organizations relate to teams and members. -{{< grid >}} +![Diagram showing how teams and members relate within a Docker organization](/admin/images/org-structure.webp) + +## Organization members + +Organization owners have full administrator access to manage members, roles, +and teams across the organization. + +An organization includes members and optional teams. Teams help group members +and simplify permission management. + +## Create and manage your organization + +Learn how to create and manage your organization in the following sections. + +{{< grid >}} \ No newline at end of file diff --git a/content/manuals/admin/organization/convert-account.md b/content/manuals/admin/organization/convert-account.md index 337ff846617d..d7ee1fee1d91 100644 --- a/content/manuals/admin/organization/convert-account.md +++ b/content/manuals/admin/organization/convert-account.md @@ -9,13 +9,15 @@ aliases: {{< summary-bar feature_name="Admin orgs" >}} -You can convert an existing user account to an organization. This is useful if you need multiple users to access your account and the repositories that it’s connected to. Converting it to an organization gives you better control over permissions for these users through [teams](manage-a-team.md) and [roles](roles-and-permissions.md). +Learn how to convert an existing user account into an organization. This is +useful if you need multiple users to access your account and the repositories +it’s connected to. Converting it to an organization gives you better control +over permissions for these users through +[teams](/manuals/admin/organization/manage-a-team.md) and +[roles](/manuals/security/for-admins/roles-and-permissions.md). -When you convert a user account to an organization, the account is migrated to a Docker Team subscription. - -> [!IMPORTANT] -> -> Once you convert your account to an organization, you can’t revert it to a user account. +When you convert a user account to an organization, the account is migrated to +a Docker Team subscription by default. ## Prerequisites @@ -34,40 +36,43 @@ Before you convert a user account to an organization, ensure that you meet the f If you want to convert your user account into an organization account and you don't have any other user accounts, you need to create a new user account to assign it as the owner of the new organization. With the owner role assigned, this user account has full administrative access to configure and manage the organization. You can assign more users the owner role after the conversion. -## Effects of converting an account into an organization - -Consider the following effects of converting your account: - -- This process removes the email address for the account, and organization owners will receive notification emails instead. You'll be able to reuse the removed email address for another account after converting. - -- The current subscription will cancel and your new subscription will start. - -- Repository namespaces and names won't change, but converting your account removes any repository collaborators. Once you convert the account, you'll need to add those users as team members. - -- Existing automated builds will appear as if they were set up by the first owner added to the organization. See [Convert an account into an organization](#convert-an-account-into-an-organization) for steps on adding the first owner. - -- The user account that you add as the first owner will have full administrative access to configure and manage the organization. - -- To transfer a user's personal access tokens (PATs) to your converted organization, -you must designate the user as an organization owner. This will ensure any PATs associated with the user's account are transferred to the organization owner. - -> [!TIP] -> -> To avoid potentially disrupting service of personal access tokens when converting an account or changing ownership, it is recommended to use [organization access tokens](/manuals/security/for-admins/access-tokens.md). Organization access tokens are -associated with an organization, not a single user account. +## What happens when you convert your account + +The following happens when you convert your account into +an organization: + +- This process removes the email address for the account. Notifications are +instead sent to organization owners. You'll be able to reuse the +removed email address for another account after converting. +- The current subscription will automatically cancel and your new subscription +will start. +- Repository namespaces and names won't change, but converting your account +removes any repository collaborators. Once you convert the account, you'll need +to add repository collaborators as team members. +- Existing automated builds appear as if they were set up by the first owner +added to the organization. +- The user account that you add as the first owner will have full +administrative access to configure and manage the organization. +- To transfer a user's personal access tokens (PATs) to your converted +organization, you must designate the user as an organization owner. This will +ensure any PATs associated with the user's account are transferred to the +organization owner. ## Convert an account into an organization -Before you convert an account into an organization ensure you have: - -- Removed your user account from any company or teams or organizations -- Created a new Docker ID before you convert an account - -See the [Prerequisites](#prerequisites) section for details. - -1. Sign in to [Docker Home](https://app.docker.com/login). -1. Select your avatar in the top-right corner and select **Account settings**. -1. In the **Settings** section, select **Convert**. -1. Review the warning displayed about converting a user account. This action cannot be undone and has considerable implications for your assets and the account. -1. Enter a **Username of new owner** to set an organization owner. This is the user account that will manage the organization, and the only way to access the organization settings after conversion. You cannot use the same Docker ID as the account you are trying to convert. -1. Select **Confirm**. The new owner receives a notification email. Use that owner account to sign in and manage the new organization. +> [!IMPORTANT] +> +> Converting an account into an organization is permanent. Back up any data + or settings you want to retain. + +1. Sign in to [Docker Home](https://app.docker.com/). +1. Select your avatar in the top-right corner to open the drop-down. +1. From **Account settings**, select **Convert**. +1. Review the warning displayed about converting a user account. This action +cannot be undone and has considerable implications for your assets and the +account. +1. Enter a **Username of new owner** to set an organization owner. The new +Docker ID you specify becomes the organization’s owner. You cannot use the +same Docker ID as the account you are trying to convert. +1. Select **Confirm**. The new owner receives a notification email. Use that +owner account to sign in and manage the new organization. diff --git a/content/manuals/admin/organization/manage-a-team.md b/content/manuals/admin/organization/manage-a-team.md index 43dd00e8c6f8..afcb93271026 100644 --- a/content/manuals/admin/organization/manage-a-team.md +++ b/content/manuals/admin/organization/manage-a-team.md @@ -2,35 +2,49 @@ title: Create and manage a team weight: 40 description: Learn how to create and manage teams for your organization -keywords: Docker, docker, registry, teams, organizations, plans, Dockerfile, Docker - Hub, docs, documentation, repository permissions +keywords: docker, registry, teams, organizations, plans, Dockerfile, Docker + Hub, docs, documentation, repository permissions, configure repository access, team management aliases: - /docker-hub/manage-a-team/ --- {{< summary-bar feature_name="Admin orgs" >}} -You can create teams for your organization in Docker Hub and the Docker Admin Console. You can [configure repository access for a team](#configure-repository-permissions-for-a-team) in Docker Hub. +You can create teams for your organization in the Admin Console or Docker Hub, +and configure team repository access in Docker Hub. -A team is a group of Docker users that belong to an organization. An organization can have multiple teams. An organization owner can then create new teams and add members to an existing team using their Docker ID or email address and by selecting a team the user should be part of. Members aren't required to be part of a team to be associated with an organization. +A team is a group of Docker users that belong to an organization. An +organization can have multiple teams. An organization owner can create new +teams and add members to an existing team using their Docker ID or email +address. Members aren't required to be part of a team to be associated with an +organization. -The organization owner can add additional organization owners to help them manage users, teams, and repositories in the organization by assigning them the owner role. +The organization owner can add additional organization owners to help them +manage users, teams, and repositories in the organization by assigning them +the owner role. -## Organization owner +## What is an organization owner? An organization owner is an administrator who has the following permissions: -- Manage repositories and add team members to the organization. -- Access private repositories, all teams, billing information, and organization settings. -- Specify [permissions](#permissions-reference) for each team in the organization. -- Enable [SSO](../../security/for-admins/single-sign-on/_index.md) for the organization. +- Manage repositories and add team members to the organization +- Access private repositories, all teams, billing information, and +organization settings +- Specify [permissions](#permissions-reference) for each team in the +organization +- Enable [SSO](../../security/for-admins/single-sign-on/_index.md) for the +organization When SSO is enabled for your organization, the organization owner can also manage users. Docker can auto-provision Docker IDs for new end-users or users who'd like to have a separate Docker ID for company use through SSO enforcement. -The organization owner can also add additional organization owners to help them manage users, teams, and repositories in the organization. +Organization owners can add others with the owner role to help them +manage users, teams, and repositories in the organization. + +For more information on roles, see +[Roles and permissions](/manuals/security/for-admins/roles-and-permissions.md). ## Create a team @@ -40,9 +54,6 @@ The organization owner can also add additional organization owners to help them 1. Sign in to [Docker Home](https://app.docker.com) and select your organization. 1. Select **Teams**. -1. Select **Create team**. -1. Fill out your team's information and select **Create**. -1. [Add members to your team](members.md#add-a-member-to-a-team). {{< /tab >}} {{< tab name="Docker Hub" >}} @@ -58,34 +69,45 @@ organization. {{< /tab >}} {{< /tabs >}} -## Configure repository permissions for a team +## Set team repository permissions Organization owners can configure repository permissions on a per-team basis. -For example, you can specify that all teams within an organization have "Read and -Write" access to repositories A and B, whereas only specific teams have "Admin" -access. Note that organization owners have full administrative access to all repositories within the organization. +For example, you can specify that all teams within an organization have +"Read and Write" access to repositories A and B, whereas only specific +teams have "Admin" access. + +Note that organization owners have full administrative access to all +repositories within the organization. To give a team access to a repository: 1. Sign in to [Docker Hub](https://hub.docker.com). 1. Select **My Hub** and choose your organization. -1. Select the **Teams** and select the team that you'd like to configure repository access to. +1. In the **Teams** section, select the team you want to configure repository +access for. 1. Select the **Permissions** tab and select a repository from the - **Repository** drop-down. +**Repository** drop-down. 1. Choose a permission from the **Permissions** drop-down list and select - **Add**. +**Add**. -Organization owners can also assign members the editor role to grant partial administrative access. See [Roles and permissions](../../security/for-admins/roles-and-permissions.md) for more about the editor role. +Organization owners can also assign members the editor role to grant partial +administrative access. For more information on the editor role, see +[Roles and permissions](../../security/for-admins/roles-and-permissions.md). ### Permissions reference -- `Read-only` access lets users view, search, and pull a private repository in the same way as they can a public repository. -- `Read & Write` access lets users pull, push, and view a repository. In addition, it lets users view, cancel, retry or trigger builds +- `Read-only` access lets users view, search, and pull a private repository +in the same way as they can a public repository. +- `Read & Write` access lets users pull, push, and view a repository. In +addition, it lets users view, cancel, retry or trigger builds. - `Admin` access lets users pull, push, view, edit, and delete a - repository. You can also edit build settings, and update the repositories description, collaborators rights, public/private visibility, and delete. + repository. You can also edit build settings and update the repository’s + description, collaborator permissions, public/private visibility, and delete. Permissions are cumulative. For example, if you have "Read & Write" permissions, -you automatically have "Read-only" permissions: +you automatically have "Read-only" permissions. + +The following table shows what each permission level allows users to do: | Action | Read-only | Read & Write | Admin | |:------------------:|:---------:|:------------:|:-----:| @@ -103,22 +125,25 @@ you automatically have "Read-only" permissions: > [!NOTE] > -> A user who hasn't verified their email address only has -> `Read-only` access to the repository, regardless of the rights their team -> membership has given them. +> A user who hasn't verified their email address only has `Read-only` access to +the repository, regardless of the rights their team membership has given them. -## View a team's permissions for all repositories +## View team permissions for all repositories To view a team's permissions across all repositories: 1. Sign in to [Docker Hub](https://hub.docker.com). 1. Select **My Hub** and choose your organization. 1. Select **Teams** and choose your team name. -1. Select the **Permissions** tab, where you can view the repositories this team can access. +1. Select the **Permissions** tab, where you can view the repositories this +team can access. ## Delete a team -Organization owners can delete a team in Docker Hub or Admin Console. When you remove a team from your organization, this action revokes the members' access to the team's permitted resources. It won't remove users from other teams that they belong to, nor will it delete any resources. +Organization owners can delete a team. When you remove a team from your +organization, this action revokes member access to the team's permitted +resources. It won't remove users from other teams that they belong to, and it +won't delete any resources. {{< tabs >}} {{< tab name="Admin Console" >}} diff --git a/content/manuals/admin/organization/members.md b/content/manuals/admin/organization/members.md index 505f088d6188..9cf4691553c0 100644 --- a/content/manuals/admin/organization/members.md +++ b/content/manuals/admin/organization/members.md @@ -2,7 +2,7 @@ title: Manage organization members weight: 30 description: Learn how to manage organization members in Docker Hub and Docker Admin Console. -keywords: members, teams, organizations, invite members, manage team members +keywords: members, teams, organizations, invite members, manage team members, export member list, edit roles, organization teams, user management aliases: - /docker-hub/members/ --- @@ -176,7 +176,7 @@ To add a member to a team with Docker Hub: {{< /tab >}} {{< /tabs >}} -### Remove a member from a team +### Remove members from teams > [!NOTE] > @@ -217,6 +217,11 @@ Organization owners can manage [roles](/security/for-admins/roles-and-permission within an organization. If an organization is part of a company, the company owner can also manage that organization's roles. If you have SSO enabled, you can use [SCIM for role mapping](/security/for-admins/provisioning/scim/). +> [!NOTE] +> +> If you're the only owner of an organization, you need to assign a new owner +before you can edit your role. + {{< tabs >}} {{< tab name="Admin Console" >}} @@ -228,11 +233,6 @@ organization. 1. Find the username of the member whose role you want to edit. Select the **Actions** menu, then **Edit role**. -> [!NOTE] -> -> If you're the only owner of an organization, -> you need to assign a new owner before you can edit your role. - {{< /tab >}} {{< tab name="Docker Hub" >}} @@ -289,4 +289,4 @@ To export a CSV file of your members: 1. Select the **Action** icon and then select **Export users as CSV**. {{< /tab >}} -{{< /tabs >}} \ No newline at end of file +{{< /tabs >}} diff --git a/content/manuals/admin/organization/onboard.md b/content/manuals/admin/organization/onboard.md index 480252e5f81b..ac7659dcf708 100644 --- a/content/manuals/admin/organization/onboard.md +++ b/content/manuals/admin/organization/onboard.md @@ -2,7 +2,7 @@ title: Onboard your organization weight: 20 description: Get started onboarding your Docker Team or Business organization. -keywords: business, team, organizations, get started, onboarding +keywords: business, team, organizations, get started, onboarding, Admin Console, organization management, toc_min: 1 toc_max: 3 aliases: @@ -13,33 +13,40 @@ aliases: {{< summary-bar feature_name="Admin orgs" >}} -Learn how to onboard your organization using Docker Hub or the Docker Admin Console. +Learn how to onboard your organization using the Admin Console or Docker Hub. -Onboarding your organization lets administrators gain visibility into user activity and enforce security settings. In addition, members of your organization receive increased pull limits and other organization wide benefits. For more details, see [Docker subscriptions and features](../../subscription/details.md). +Onboarding your organization includes: -In this guide, you'll learn how to do the following: - -- Identify your users to help you efficiently allocate your subscription seats +- Identifying users to help you allocate your subscription seats - Invite members and owners to your organization -- Secure authentication and authorization for your organization using Single Sign-On (SSO) and System for Cross-domain Identity Management (SCIM) -- Enforce sign-on for Docker Desktop to ensure security best practices +- Secure authentication and authorization for your organization +- Enforce sign-in for Docker Desktop to ensure security best practices + +These actions help administrators gain visibility into user activity and +enforce security settings. Organization memebers also receive increased pull +limits and other benefits when they are signed in. ## Prerequisites -Before you start onboarding your organization, ensure that you: +Before you start onboarding your organization, ensure you: -- Have a Docker Team or Business subscription. See [Docker Pricing](https://www.docker.com/pricing/) for details. +- Have a Docker Team or Business subscription. For more details, see +[Docker subscriptions and features](/manuals/subscription/details.md). > [!NOTE] > - > When purchasing a self-serve subscription, the on-screen instructions guide you through creating an organization. If you have purchased a subscription through Docker Sales and you have not yet created an organization, see [Create an organization](/admin/organization/orgs). + > When purchasing a self-serve subscription, the on-screen instructions + guide you through creating an organization. If you have purchased a + subscription through Docker Sales and you have not yet created an + organization, see [Create an organization](/manuals/admin/organization/orgs.md). -- Familiarize yourself with Docker concepts and terminology in the [administration overview](../_index.md) and [FAQs](/faq/admin/general-faqs/). +- Familiarize yourself with Docker concepts and terminology in +the [administration overview](../_index.md). ## Onboard with guided setup -The Admin Console has a guided setup to help you easily -onboard your organization. The guided setup steps consist of basic onboarding +The Admin Console has a guided setup to help you +onboard your organization. The guided setup's steps consist of basic onboarding tasks. If you want to onboard outside of the guided setup, see [Recommended onboarding steps](/manuals/admin/organization/onboard.md#recommended-onboarding-steps). @@ -52,8 +59,8 @@ The guided setup walks you through the following onboarding steps: - **Invite your team**: Invite owners and members. - **Manage user access**: Add and verify a domain, manage users with SSO, and enforce Docker Desktop sign-in. -- **Docker Desktop security**: Configure image access management, registry access -management, and settings management. +- **Docker Desktop security**: Configure image access management, registry +access management, and settings management. ## Recommended onboarding steps @@ -63,56 +70,93 @@ Identifying your users helps you allocate seats efficiently and ensures they receive your Docker subscription benefits. 1. Identify the Docker users in your organization. - - If your organization uses device management software, like MDM or Jamf, you can use the device management software to help identify Docker users. See your device management software's documentation for details. You can identify Docker users by checking if Docker Desktop is installed at the following location on each user's machine: + - If your organization uses device management software, like MDM or Jamf, + you can use the device management software to help identify Docker users. + See your device management software's documentation for details. You can + identify Docker users by checking if Docker Desktop is installed at the + following location on each user's machine: - Mac: `/Applications/Docker.app` - Windows: `C:\Program Files\Docker\Docker` - Linux: `/opt/docker-desktop` - - If your organization doesn't use device management software or your users haven't installed Docker Desktop yet, you can survey your users. -2. Ask users to update their Docker account email to one in your organization’s domain, or create a new account with that email. - - To update an account's email address, instruct your users to sign in to [Docker Hub](https://hub.docker.com), and update the email address to their email address in your organization's domain. - - To create a new account, instruct your users to go [sign up](https://hub.docker.com/signup) using their email address in your organization's domain. -3. Ask your Docker sales representative or [contact sales](https://www.docker.com/pricing/contact-sales/) to get a list of Docker accounts that use an email address in your organization's domain. + - If your organization doesn't use device management software or your + users haven't installed Docker Desktop yet, you can survey your users to + identify who is using Docker Desktop. +1. Ask users to update their Docker account's email address to one associated +with your organization's domain, or create a new account with that email. + - To update an account's email address, instruct your users to sign in + to [Docker Hub](https://hub.docker.com), and update the email address to + their email address in your organization's domain. + - To create a new account, instruct your users to + [sign up](https://hub.docker.com/signup) using their email address associated + with your organization's domain. +1. Identify Docker accounts associated with your organization's domain: + - Ask your Docker sales representative or + [contact sales](https://www.docker.com/pricing/contact-sales/) to get a list + of Docker accounts that use an email address in your organization's domain. + - Use [domain audit](/manuals/security/for-admins/domain-audit.md) to + identify uncapture users in your organization. ### Step two: Invite owners -When you create an organization, you are the only owner. It is optional to add additional owners. Owners can help you onboard and manage your organization. +Owners can help you onboard and manage your organization. + +When you create an organization, you are the only owner. It is optional to +add additional owners. -To add an owner, invite a user and assign them the owner role. For more details, see [Invite members](/admin/organization/members/). +To add an owner, invite a user and assign them the owner role. For more +details, see [Invite members](/manuals/admin/organization/members.md) and +[Roles and permissions](/manuals/security/for-admins/roles-and-permissions.md). ### Step three: Invite members -When you add users to your organization, you gain visibility into their activity and you can enforce security settings. In addition, members of your organization receive increased pull limits and other organization wide benefits. +When you add users to your organization, you gain visibility into their +activity and you can enforce security settings. Your members also +receive increased pull limits and other organization wide benefits when +they are signed in. -To add a member, invite a user and assign them the member role. For more details, see [Invite members](/admin/organization/members/). +To add a member, invite a user and assign them the member role. +For more details, see [Invite members](/manuals/admin/organization/members.md) and +[Roles and permissions](/manuals/security/for-admins/roles-and-permissions.md). ### Step four: Manage user access with SSO and SCIM -Configuring SSO and SCIM is optional and only available to Docker Business subscribers. To upgrade a Docker Team subscription to a Docker Business subscription, see [Upgrade your subscription](/subscription/upgrade/). +Configuring SSO and SCIM is optional and only available to Docker Business +subscribers. To upgrade a Docker Team subscription to a Docker Business +subscription, see [Change your subscription](/manuals/subscription/change.md). Use your identity provider (IdP) to manage members and provision them to Docker automatically via SSO and SCIM. See the following for more details: - - [Configure SSO](/manuals/security/for-admins/single-sign-on/configure.md) to authenticate and add members when they sign in to Docker through your identity provider. - - Optional. [Enforce SSO](/manuals/security/for-admins/single-sign-on/connect.md) to ensure that when users sign in to Docker, they must use SSO. + - [Configure SSO](/manuals/security/for-admins/single-sign-on/configure.md) + to authenticate and add members when they sign in to Docker through your + identity provider. + - Optional. + [Enforce SSO](/manuals/security/for-admins/single-sign-on/connect.md) to + ensure that when users sign in to Docker, they must use SSO. > [!NOTE] > > Enforcing single sign-on (SSO) and enforcing Docker Desktop sign in are different features. For more details, see - > [Enforcing sign-in versus enforcing single sign-on (SSO)](/security/for-admins/enforce-sign-in/#enforcing-sign-in-versus-enforcing-single-sign-on-sso). + > [Enforcing sign-in versus enforcing single sign-on (SSO)](/manuals/security/for-admins/enforce-sign-in.md#enforcing-sign-in-versus-enforcing-single-sign-on-sso). - - [Configure SCIM](/security/for-admins/provisioning/scim/) to automatically provision, add, and de-provision members to Docker through your identity provider. + - [Configure SCIM](/manuals/security/for-admins/provisioning/scim.md) to + automatically provision, add, and de-provision members to Docker through + your identity provider. ### Step five: Enforce sign-in for Docker Desktop By default, members of your organization can use Docker Desktop without signing in. When users don’t sign in as a member of your organization, they don’t -receive the [benefits of your organization’s subscription](../../subscription/details.md) and they can circumvent [Docker’s security features](/security/for-admins/hardened-desktop/). +receive the +[benefits of your organization’s subscription](../../subscription/details.md) +and they can circumvent [Docker’s security features](/manuals/security/for-admins/hardened-desktop/_index.md). -There are multiple ways you can enforce sign-in, depending on your company's setup and preferences: -- [Registry key method (Windows only)](/security/for-admins/enforce-sign-in/methods/#registry-key-method-windows-only) -- [`.plist` method (Mac only)](/security/for-admins/enforce-sign-in/methods/#plist-method-mac-only) -- [`registry.json` method (All)](/security/for-admins/enforce-sign-in/methods/#registryjson-method-all) +There are multiple ways you can enforce sign-in, depending on your organization's +Docker configuration: +- [Registry key method (Windows only)](/manuals/security/for-admins/enforce-sign-in/methods.md#registry-key-method-windows-only) +- [`.plist` method (Mac only)](/manuals/security/for-admins/enforce-sign-in/methods.md#plist-method-mac-only) +- [`registry.json` method (All)](/manuals/security/for-admins/enforce-sign-in/methods.md#registryjson-method-all) ### Step six: Manage Docker Desktop security @@ -129,4 +173,5 @@ security posture: - Configure [Hardened Docker Desktop](/desktop/hardened-desktop/) to improve your organization’s security posture for containerized development. - [Manage your domains](/manuals/security/for-admins/domain-management.md) to ensure that all Docker users in your domain are part of your organization. -Your Docker subscription provides many more additional features. To learn more, see [Docker subscriptions and features](/subscription/details/). \ No newline at end of file +Your Docker subscription provides many more additional features. To learn more, +see [Docker subscriptions and features](/subscription/details/). diff --git a/content/manuals/admin/organization/orgs.md b/content/manuals/admin/organization/orgs.md index 9115918628f9..e9d9ea6fb634 100644 --- a/content/manuals/admin/organization/orgs.md +++ b/content/manuals/admin/organization/orgs.md @@ -2,23 +2,29 @@ title: Create your organization weight: 10 description: Learn how to create an organization. -keywords: Docker, docker, registry, teams, organizations, plans, Dockerfile, Docker - Hub, docs, documentation +keywords: docker organizations, organization, create organization, docker teams, docker admin console, organization management aliases: -- /docker-hub/orgs/ + - /docker-hub/orgs/ --- {{< summary-bar feature_name="Admin orgs" >}} -This section describes how to create an organization. Before you begin: +This page describes how to create an organization. + +## Prerequisites + +Before you begin creating an organization: - You need a [Docker ID](/accounts/create-account/) -- Review the [Docker subscriptions and features](../../subscription/details.md) to determine what subscription to choose for your organization +- Review the [Docker subscriptions and features](../../subscription/details.md) + to determine what subscription to choose for your organization ## Create an organization There are multiple ways to create an organization. You can either: -- Create a new organization using the **Create Organization** option in Docker Hub + +- Create a new organization using the **Create Organization** option in the +Admin Console or Docker Hub - Convert an existing user account to an organization The following section contains instructions on how to create a new organization. For prerequisites and @@ -105,7 +111,8 @@ configure your organization. To view an organization: -1. Sign in to [Docker Hub](https://hub.docker.com) with a user account that is a member of any team in the organization. +1. Sign in to [Docker Hub](https://hub.docker.com) with a user account that is + a member of any team in the organization. > [!NOTE] > @@ -139,10 +146,9 @@ configure your organization. - **Settings**: Displays information about your organization, and you to view and change your repository privacy settings, configure org permissions such as - [Image Access Management](/manuals/security/for-admins/hardened-desktop/image-access-management.md), configure notification settings, and [deactivate](/manuals/admin/organization/deactivate-account.md#deactivate-an-organization) You can also update your organization name and company name that appear on your organization landing page. You must be an owner to access the - organization's **Settings** page. + [Image Access Management](/manuals/security/for-admins/hardened-desktop/image-access-management.md), configure notification settings, and [deactivate](/manuals/admin/organization/deactivate-account.md#deactivate-an-organization) You can also update your organization name and company name that appear on your organization landing page. You must be an owner to access the organization's **Settings** page. - **Billing**: Displays information about your existing -[Docker subscription](../../subscription/_index.md), including the number of seats and next payment due date. For how to access the billing history and payment methods for your organization, see [View billing history](../../billing/history.md). + [Docker subscription](../../subscription/_index.md), including the number of seats and next payment due date. For how to access the billing history and payment methods for your organization, see [View billing history](../../billing/history.md). {{< /tab >}} {{< /tabs >}} @@ -151,12 +157,13 @@ configure your organization. > [!WARNING] > -> If you are merging organizations, it is recommended to do so at the *end* of +> If you are merging organizations, it is recommended to do so at the _end_ of > your billing cycle. When you merge an organization and downgrade another, you > will lose seats on your downgraded organization. Docker does not offer > refunds for downgrades. -If you have multiple organizations that you want to merge into one, complete the following: +If you have multiple organizations that you want to merge into one, complete +the following steps: 1. Based on the number of seats from the secondary organization, [purchase additional seats](../../subscription/manage-seats.md) for the primary organization account that you want to keep. 1. Manually add users to the primary organization and remove existing users from the secondary organization. @@ -165,7 +172,8 @@ If you have multiple organizations that you want to merge into one, complete the > [!TIP] > -> If your organization has a Docker Business subscription with a purchase order, contact Support or your Account Manager at Docker. +> If your organization has a Docker Business subscription with a purchase +order, contact Support or your Account Manager at Docker. ## More resources From 531ca5e251148936b5486fd7cb6da6d29dd8a14b Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Mon, 7 Jul 2025 10:41:47 -0400 Subject: [PATCH 5/5] Fix broken link --- content/manuals/admin/organization/onboard.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/manuals/admin/organization/onboard.md b/content/manuals/admin/organization/onboard.md index ac7659dcf708..392f26861e7b 100644 --- a/content/manuals/admin/organization/onboard.md +++ b/content/manuals/admin/organization/onboard.md @@ -93,8 +93,6 @@ with your organization's domain, or create a new account with that email. - Ask your Docker sales representative or [contact sales](https://www.docker.com/pricing/contact-sales/) to get a list of Docker accounts that use an email address in your organization's domain. - - Use [domain audit](/manuals/security/for-admins/domain-audit.md) to - identify uncapture users in your organization. ### Step two: Invite owners