Configuring access control and visibility for container images

Choose who has read, write, or admin access to your container image and the visibility of your container images on GitHub.

GitHub Packages is available with GitHub Free, GitHub Pro, GitHub Free for organizations, GitHub Team, GitHub Enterprise Cloud, GitHub Enterprise Server 2.22, and GitHub One.


GitHub Packages is not available for private repositories owned by accounts using legacy per-repository plans. Also, accounts using legacy per-repository plans cannot access GitHub Container Registry since these accounts are billed by repository. For more information, see "GitHub's products."

In this article

Did this doc help you?

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.

Note: GitHub Container Registry is currently in public beta and subject to change. Currently, GitHub Container Registry only supports Docker image formats. During the beta, storage and bandwidth is free. For more information, see "About GitHub Container Registry."

Configuring access to container images for your personal account

If you have admin permissions to a user-account owned container image, you can assign read, write, or admin roles to other users. For more information about these permission roles, see "Visibility and access permissions for container images."

  1. On GitHub, navigate to the main page of your user account.
  2. In the top right corner of GitHub, click your profile photo, then click Your profile.
    Profile photo
  3. On your profile page, in the top right, click Packages.
    Packages option on profile page
  4. Search for and select your package.
  5. In the top right of your container image's landing page, click Package settings.
    Package settings button
  6. On the package settings page, click Invite teams or people and enter the name, username, or email of the person you want to give access. Teams cannot be given access to a container image owned by a user account.
    Container access invite button
  7. Next to the username or team name, use the "Role" drop-down menu to select a desired permission level.
    Container access options

The selected users will automatically be given access and don't need to accept an invitation first.

Configuring access to container images for an organization

If you have admin permissions to an organization-owned container image, you can assign read, write, or admin roles to other users and teams. For more information about these permission roles, see "Visibility and access permissions for container images."

If your package is owned by an organization and private, then you can only give access to other organization members or teams.

For organization image containers, organizations admins must enable packages before you can set the visibility to public. For more information, see "Enabling GitHub Container Registry for your organization."

  1. On GitHub, navigate to the main page of your organization.
  2. Under your organization name, click Packages.
    Container access invite button
  3. Search for and select your package.
  4. In the top right of your container image's landing page, click Package settings.
    Package settings button
  5. On the package settings page, click Invite teams or people and enter the name, username, or email of the person you want to give access. You can also enter a team name from the organization to give all team members access.
    Container access invite button
  6. Next to the username or team name, use the "Role" drop-down menu to select a desired permission level.
    Container access options

The selected users or teams will automatically be given access and don't need to accept an invitation first.

Configuring visibility of container images for your personal account

When you first publish a package, the default visibility is private and only you can see the package. You can modify a private or public container image's access by changing the access settings.

A public package can be accessed anonymously without authentication. Once you make your package public, you cannot make your package private again.

  1. On GitHub, navigate to the main page of your user account.

  2. In the top right corner of GitHub, click your profile photo, then click Your profile.

    Profile photo

  3. On your profile page, in the top right, click Packages.

    Packages option on profile page

  4. Search for and select your package.

  5. In the top right of your container image's landing page, click Package settings.

    Package settings button

  6. Under "Danger Zone", choose a visibility setting:

    • To make the container image visible to anyone, click Make public.

      Warning: Once you make a package public, you cannot make it private again.

    • To make the container image visible to a custom selection of people, click Make private.

      Container visibility options

Configuring visibility of container images for an organization

When you first publish a package, the default visibility is private and only you can see the package. You can grant users or teams different access roles for your container image through the access settings.

A public package can be accessed anonymously without authentication. Once you make your package public, you cannot make your package private again.

For organization image containers, organizations admins must enable public packages before you can set the visibility to public. For more information, see "Enabling GitHub Container Registry for your organization."

  1. On GitHub, navigate to the main page of your organization.

  2. Under your organization name, click Packages.

    Container access invite button

  3. Search for and select your package.

  4. In the top right of your container image's landing page, click Package settings.

    Package settings button

  5. Under "Danger Zone", choose a visibility setting:

    • To make the container image visible to anyone, click Make public.

      Warning: Once you make a package public, you cannot make it private again.

    • To make the container image visible to a custom selection of people, click Make private.

      Container visibility options

Did this doc help you?

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.