Authorization in UCP gives you fine-grained access control over all the Docker resources. RBAC in UCP is defined by creating a grant for a subject to access a resource set. The subject of a grant can be an individual user, a team of users, or an organization containing many teams. A resource set could be an individual resource, such as a Docker Swarm service, or a set of resources, such as all the Windows nodes in the cluster. The grant defines the level of access, from no access to full control.

It's a very flexible approach to security, because it allows you to enforce security rules at whatever level makes sense for your company. I can use an application-first approach, where I have a resource collection called nerd-dinner that represents ...

Get Docker on Windows - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.