I want only the CI tools or dedicated users to have write access to the Bluemix Docker registry. Developer or cloud admin accounts should not have write access to the registry. How can this be done?
You can now issue read-only or read-write tokens for IBM Bluemix Container Registry using the container-registry plugin for the bx command.
Tokens can either be non-expiring (unless revoked) or expire after 24 hours.
The use case of automating access is well covered by the documentation.