Securing Docker in shared environments?

Hi Everyone,

I’m an IT admin for an educational institution with not a lot of exposure previously to Docker Desktop for Windows.

We’re looking to provide Docker for classes in our PC training venues, but I’m concerned about the ability for users to download and run their own containers/images for less than legitimate uses circumventing our AV/management policies (e.g. not the first time we’ve found bitcoin mining software running on 100 computers in a room).

I’ve been trying to read through the documentation, but I’m wondering broadly speaking whether there is a way to restrict docker to only run certain images/containers that we choose on our managed PCs?

Thanks in Advance.

You might want to look at open policy agent:

Thanks for the tip! That looks pretty close to what we’re chasing.