Hi,

I’m new to docker and was wondering what the best practice is around limiting who can use your docker container.

My company is currently developing a solution which involves creating an azure marketplace offer that automatically sets up a service fabric instance running a docker container, unfortunately to pull in the docker image the credentials for our private repo will be exposed on the underlying virtual machine scale set (the credentials can be encrypted but the certificate is on the machine so it can be decrypted easily).

What is the best way to ensure that even if someone gets access to the container and downloads it without permission they can’t active it? We are thinking about putting in an embededed call into the container which will check if the container instance has been authorized. I’m not sure if docker has some built in functionality to deal with this kind of situation.