From 918e46be0e3491c1f14744f16539f5cd783cbdb3 Mon Sep 17 00:00:00 2001
From: LP B <xAt0mZ@users.noreply.github.com>
Date: Mon, 17 May 2021 17:43:22 +0200
Subject: [PATCH] feat(app): backport private registries frontend changes
 (#5056)

* feat(app/docker): backport docker/components changes

* feat(app/docker): backport docker/helpers changes

* feat(app/docker): backport docker/views/container changes

* feat(app/docker): backport docker/views/images changes

* feat(app/docker): backport docker/views/registries changes

* feat(app/docker): backport docker/views/services changes

* feat(app/docker): backport docker changes

* feat(app/kubernetes): backport kubernetes/components changes

* feat(app/kubernetes): backport kubernetes/converters changes

* feat(app/kubernetes): backport kubernetes/models changes

* feat(app/kubernetes): backport kubernetes/registries changes

* feat(app/kubernetes): backport kubernetes/services changes

* feat(app/kubernetes): backport kubernetes/views/applications changes

* feat(app/kubernetes): backport kubernetes/views/configurations changes

* feat(app/kubernetes): backport kubernetes/views/configure changes

* feat(app/kubernetes): backport kubernetes/views/resource-pools changes

* feat(app/kubernetes): backport kubernetes/views changes

* feat(app/portainer): backport portainer/components/accessManagement changes

* feat(app/portainer): backport portainer/components/datatables changes

* feat(app/portainer): backport portainer/components/forms changes

* feat(app/portainer): backport portainer/components/registry-details changes

* feat(app/portainer): backport portainer/models changes

* feat(app/portainer): backport portainer/rest changes

* feat(app/portainer): backport portainer/services changes

* feat(app/portainer): backport portainer/views changes

* feat(app/portainer): backport portainer changes

* feat(app): backport app changes

* config(project): gitignore + jsconfig changes

gitignore all files under api/cmd/portainer but main.go and enable Code Editor autocomplete on import ... from '@/...'
---
 .gitignore                                    |    3 +-
 app/constants.js                              |    1 -
 app/docker/__module.js                        |   22 +
 .../dockerSidebarContent.html                 |   21 +-
 .../por-image-registry.controller.js          |   65 +-
 .../imageRegistry/por-image-registry.html     |    3 +-
 .../imageRegistry/por-image-registry.js       |    2 +
 app/docker/helpers/imageHelper.js             |  140 +-
 .../create/createContainerController.js       | 1841 ++++++++---------
 .../containers/create/createcontainer.html    |    3 +-
 .../views/containers/edit/container.html      |    2 +-
 .../containers/edit/containerController.js    |    3 +-
 app/docker/views/images/edit/image.html       |    2 +-
 .../views/images/edit/imageController.js      |    5 +-
 app/docker/views/images/images.html           |    1 +
 .../registries/access/registryAccess.html     |   16 +
 .../views/registries/access/registryAccess.js |    7 +
 .../access/registryAccessController.js        |   48 +
 .../views/services/create/createservice.html  |    1 +
 .../views/services/edit/includes/image.html   |    1 +
 .../views/services/edit/serviceController.js  |    6 +-
 app/kubernetes/__module.js                    |   26 +-
 .../kubernetesSidebarContent.html             |   14 +-
 app/kubernetes/converters/application.js      |   11 +-
 app/kubernetes/converters/daemonSet.js        |   12 +-
 app/kubernetes/converters/deployment.js       |    8 +-
 app/kubernetes/converters/resourcePool.js     |   11 +-
 app/kubernetes/converters/statefulSet.js      |   10 +-
 .../models/application/formValues.js          |   55 +-
 app/kubernetes/models/daemon-set/models.js    |    2 +-
 app/kubernetes/models/deployment/models.js    |    2 +-
 .../models/resource-pool/formValues.js        |    2 +
 app/kubernetes/models/stateful-set/models.js  |    2 +-
 app/kubernetes/registries/index.js            |    5 +
 .../kube-registry-access-view/index.js        |    9 +
 .../kube-registry-access-view.controller.js   |   71 +
 .../kube-registry-access-view.html            |   72 +
 .../services/resourcePoolService.js           |   24 +-
 app/kubernetes/services/statefulSetService.js |    1 +
 .../create/createApplication.html             |   80 +-
 .../applications/create/createApplication.js  |    1 -
 .../create/createApplicationController.js     |  137 +-
 .../edit/configurationController.js           |   17 +-
 .../views/configure/configureController.js    |   13 +-
 .../create/createResourcePool.html            |  122 +-
 .../create/createResourcePool.js              |    9 +-
 .../create/createResourcePoolController.js    |  196 +-
 .../resource-pools/edit/resourcePool.html     |   44 +
 .../views/resource-pools/edit/resourcePool.js |    2 +-
 .../edit/resourcePoolController.js            |  207 +-
 app/portainer/__module.js                     |   17 +-
 .../accessManagement/por-access-management.js |    1 +
 .../porAccessManagementController.js          |   15 +
 .../registriesDatatable.html                  |   31 +-
 .../registriesDatatable.js                    |    5 +-
 .../registriesDatatableController.js          |   85 +
 .../datatables/strings-datatable/index.js     |   20 +
 .../strings-datatable/strings-datatable.html  |   65 +
 .../registry-form-dockerhub.html              |   64 +
 .../registry-form-dockerhub.js                |    9 +
 .../forms/template-form/template-form.js      |   13 -
 .../forms/template-form/templateForm.html     |  580 ------
 .../template-form/templateFormController.js   |   55 -
 .../components/registry-details/index.js      |   10 +
 .../registry-details/registry-details.html    |   25 +
 app/portainer/models/dockerhub.js             |   12 +-
 app/portainer/models/registry.js              |    7 +-
 app/portainer/models/registryTypes.js         |    2 +
 app/portainer/rest/dockerhub.js               |   15 -
 app/portainer/rest/endpoint.js                |    2 +
 app/portainer/rest/registry.js                |    3 +-
 app/portainer/services/api/accessService.js   |   15 +-
 .../services/api/dockerhubService.js          |   51 -
 app/portainer/services/api/endpointService.js |   10 +
 app/portainer/services/api/registryService.js |   92 +-
 app/portainer/services/api/templateService.js |  152 +-
 .../views/endpoint-registries/registries.html |   21 +
 .../views/endpoint-registries/registries.js   |    7 +
 .../registriesController.js                   |   51 +
 .../views/init/admin/initAdminController.js   |    3 +-
 .../registries/access/registryAccess.html     |   35 -
 .../access/registryAccessController.js        |   34 -
 ...reateregistry.html => createRegistry.html} |   74 +-
 .../views/registries/create/createRegistry.js |   10 +
 .../create/createRegistryController.js        |  196 +-
 .../registries/edit/registryController.js     |    6 +-
 .../views/registries/registries.html          |   74 -
 .../views/registries/registriesController.js  |   34 +-
 app/portainer/views/sidebar/sidebar.html      |    4 +-
 .../views/sidebar/sidebarController.js        |   25 +-
 jsconfig.json                                 |    3 +-
 91 files changed, 2649 insertions(+), 2642 deletions(-)
 create mode 100644 app/docker/views/registries/access/registryAccess.html
 create mode 100644 app/docker/views/registries/access/registryAccess.js
 create mode 100644 app/docker/views/registries/access/registryAccessController.js
 create mode 100644 app/kubernetes/registries/index.js
 create mode 100644 app/kubernetes/registries/kube-registry-access-view/index.js
 create mode 100644 app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.controller.js
 create mode 100644 app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.html
 create mode 100644 app/portainer/components/datatables/registries-datatable/registriesDatatableController.js
 create mode 100644 app/portainer/components/datatables/strings-datatable/index.js
 create mode 100644 app/portainer/components/datatables/strings-datatable/strings-datatable.html
 create mode 100644 app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.html
 create mode 100644 app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.js
 delete mode 100644 app/portainer/components/forms/template-form/template-form.js
 delete mode 100644 app/portainer/components/forms/template-form/templateForm.html
 delete mode 100644 app/portainer/components/forms/template-form/templateFormController.js
 create mode 100644 app/portainer/components/registry-details/index.js
 create mode 100644 app/portainer/components/registry-details/registry-details.html
 delete mode 100644 app/portainer/rest/dockerhub.js
 delete mode 100644 app/portainer/services/api/dockerhubService.js
 create mode 100644 app/portainer/views/endpoint-registries/registries.html
 create mode 100644 app/portainer/views/endpoint-registries/registries.js
 create mode 100644 app/portainer/views/endpoint-registries/registriesController.js
 delete mode 100644 app/portainer/views/registries/access/registryAccess.html
 delete mode 100644 app/portainer/views/registries/access/registryAccessController.js
 rename app/portainer/views/registries/create/{createregistry.html => createRegistry.html} (51%)
 create mode 100644 app/portainer/views/registries/create/createRegistry.js

diff --git a/.gitignore b/.gitignore
index 6f3dc2d33..7ffa4841b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,7 +2,8 @@ node_modules
 bower_components
 dist
 portainer-checksum.txt
-api/cmd/portainer/portainer*
+api/cmd/portainer/*
+!api/cmd/portainer/main.go
 .tmp
 **/.vscode/settings.json
 **/.vscode/tasks.json
diff --git a/app/constants.js b/app/constants.js
index cb0e8f17f..a2003ed1c 100644
--- a/app/constants.js
+++ b/app/constants.js
@@ -1,7 +1,6 @@
 angular
   .module('portainer')
   .constant('API_ENDPOINT_AUTH', 'api/auth')
-  .constant('API_ENDPOINT_DOCKERHUB', 'api/dockerhub')
   .constant('API_ENDPOINT_CUSTOM_TEMPLATES', 'api/custom_templates')
   .constant('API_ENDPOINT_EDGE_GROUPS', 'api/edge_groups')
   .constant('API_ENDPOINT_EDGE_JOBS', 'api/edge_jobs')
diff --git a/app/docker/__module.js b/app/docker/__module.js
index 516134d7d..83b0763a5 100644
--- a/app/docker/__module.js
+++ b/app/docker/__module.js
@@ -591,6 +591,26 @@ angular.module('portainer.docker', ['portainer.app']).config([
       },
     };
 
+    const registries = {
+      name: 'docker.registries',
+      url: '/registries',
+      views: {
+        'content@': {
+          component: 'endpointRegistriesView',
+        },
+      },
+    };
+
+    const registryAccess = {
+      name: 'docker.registries.access',
+      url: '/:id/access',
+      views: {
+        'content@': {
+          component: 'dockerRegistryAccessView',
+        },
+      },
+    };
+
     $stateRegistryProvider.register(configs);
     $stateRegistryProvider.register(config);
     $stateRegistryProvider.register(configCreation);
@@ -641,5 +661,7 @@ angular.module('portainer.docker', ['portainer.app']).config([
     $stateRegistryProvider.register(volumeBrowse);
     $stateRegistryProvider.register(volumeCreation);
     $stateRegistryProvider.register(dockerFeaturesConfiguration);
+    $stateRegistryProvider.register(registries);
+    $stateRegistryProvider.register(registryAccess);
   },
 ]);
diff --git a/app/docker/components/dockerSidebarContent/dockerSidebarContent.html b/app/docker/components/dockerSidebarContent/dockerSidebarContent.html
index 484451142..b8999f509 100644
--- a/app/docker/components/dockerSidebarContent/dockerSidebarContent.html
+++ b/app/docker/components/dockerSidebarContent/dockerSidebarContent.html
@@ -35,17 +35,20 @@
 <li class="sidebar-list" ng-if="$ctrl.standaloneManagement && $ctrl.adminAccess && !$ctrl.offlineMode">
   <a ui-sref="docker.events({endpointId: $ctrl.endpointId})" ui-sref-active="active">Events <span class="menu-icon fa fa-history fa-fw"></span></a>
 </li>
-<li class="sidebar-list" ng-if="$ctrl.swarmManagement">
-  <a ui-sref="docker.swarm({endpointId: $ctrl.endpointId})" ui-sref-active="active">Swarm <span class="menu-icon fa fa-object-group fa-fw"></span></a>
+<li class="sidebar-list">
+  <a ng-if="$ctrl.standaloneManagement" ui-sref="docker.host({endpointId: $ctrl.endpointId})" ui-sref-active="active">Host <span class="menu-icon fa fa-th fa-fw"></span></a>
+  <a ng-if="$ctrl.swarmManagement" ui-sref="docker.swarm({endpointId: $ctrl.endpointId})" ui-sref-active="active">Swarm <span class="menu-icon fa fa-object-group fa-fw"></span></a>
 
-  <div class="sidebar-sublist" ng-if="$ctrl.adminAccess && ['docker.featuresConfiguration', 'docker.swarm'].includes($ctrl.currentRouteName)">
+  <div
+    class="sidebar-sublist"
+    ng-if="$ctrl.adminAccess && ['docker.swarm', 'docker.host', 'docker.registries', 'docker.registries.access', 'docker.featuresConfiguration'].includes($ctrl.currentRouteName)"
+  >
     <a ui-sref="docker.featuresConfiguration({endpointId: $ctrl.endpointId})" ui-sref-active="active">Setup</a>
   </div>
-</li>
-<li class="sidebar-list" ng-if="$ctrl.standaloneManagement">
-  <a ui-sref="docker.host({endpointId: $ctrl.endpointId})" ui-sref-active="active">Host <span class="menu-icon fa fa-th fa-fw"></span></a>
-
-  <div class="sidebar-sublist" ng-if="$ctrl.adminAccess && ['docker.featuresConfiguration', 'docker.host'].includes($ctrl.currentRouteName)">
-    <a ui-sref="docker.featuresConfiguration({endpointId: $ctrl.endpointId})" ui-sref-active="active">Setup</a>
+  <div
+    class="sidebar-sublist"
+    ng-if="$ctrl.adminAccess && ['docker.swarm', 'docker.host', 'docker.registries', 'docker.registries.access', 'docker.featuresConfiguration'].includes($ctrl.currentRouteName)"
+  >
+    <a ui-sref="docker.registries({endpointId: $ctrl.endpointId})" ui-sref-active="active">Registries</a>
   </div>
 </li>
diff --git a/app/docker/components/imageRegistry/por-image-registry.controller.js b/app/docker/components/imageRegistry/por-image-registry.controller.js
index edf570f8b..b5515228e 100644
--- a/app/docker/components/imageRegistry/por-image-registry.controller.js
+++ b/app/docker/components/imageRegistry/por-image-registry.controller.js
@@ -5,18 +5,21 @@ import { RegistryTypes } from '@/portainer/models/registryTypes';
 
 class porImageRegistryController {
   /* @ngInject */
-  constructor($async, $scope, ImageHelper, RegistryService, DockerHubService, ImageService, Notifications) {
+  constructor($async, $scope, ImageHelper, RegistryService, EndpointService, ImageService, Notifications) {
     this.$async = $async;
     this.$scope = $scope;
     this.ImageHelper = ImageHelper;
     this.RegistryService = RegistryService;
-    this.DockerHubService = DockerHubService;
+    this.EndpointService = EndpointService;
     this.ImageService = ImageService;
     this.Notifications = Notifications;
 
-    this.onInit = this.onInit.bind(this);
     this.onRegistryChange = this.onRegistryChange.bind(this);
 
+    this.registries = [];
+    this.images = [];
+    this.defaultRegistry = new DockerHubViewModel();
+
     this.$scope.$watch(() => this.model.Registry, this.onRegistryChange);
   }
 
@@ -40,7 +43,7 @@ class porImageRegistryController {
       const registryImages = _.filter(this.images, (image) => _.includes(image, url));
       images = _.map(registryImages, (image) => _.replace(image, new RegExp(url + '/?'), ''));
     } else {
-      const registries = _.filter(this.availableRegistries, (reg) => this.isKnownRegistry(reg));
+      const registries = _.filter(this.registries, (reg) => this.isKnownRegistry(reg));
       const registryImages = _.flatMap(registries, (registry) => _.filter(this.images, (image) => _.includes(image, registry.URL)));
       const imagesWithoutKnown = _.difference(this.images, registryImages);
       images = _.filter(imagesWithoutKnown, (image) => !this.ImageHelper.imageContainsURL(image));
@@ -63,29 +66,49 @@ class porImageRegistryController {
     return this.getRegistryURL(this.model.Registry) || 'docker.io';
   }
 
-  async onInit() {
-    try {
-      const [registries, dockerhub, images] = await Promise.all([
-        this.RegistryService.registries(),
-        this.DockerHubService.dockerhub(),
-        this.autoComplete ? this.ImageService.images() : [],
-      ]);
-      this.images = this.ImageService.getUniqueTagListFromImages(images);
-      this.availableRegistries = _.concat(dockerhub, registries);
+  async reloadRegistries() {
+    return this.$async(async () => {
+      try {
+        const registries = await this.EndpointService.registries(this.endpointId, this.namespace);
+        this.registries = _.concat(this.defaultRegistry, registries);
 
-      const id = this.model.Registry.Id;
-      if (!id) {
-        this.model.Registry = dockerhub;
-      } else {
-        this.model.Registry = _.find(this.availableRegistries, { Id: id });
+        const id = this.model.Registry.Id;
+        const registry = _.find(this.registries, { Id: id });
+        if (!registry) {
+          this.model.Registry = this.defaultRegistry;
+        }
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registries');
       }
-    } catch (err) {
-      this.Notifications.error('Failure', err, 'Unable to retrieve registries');
+    });
+  }
+
+  async loadImages() {
+    return this.$async(async () => {
+      try {
+        if (!this.autoComplete) {
+          this.images = [];
+          return;
+        }
+
+        const images = await this.ImageService.images();
+        this.images = this.ImageService.getUniqueTagListFromImages(images);
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve images');
+      }
+    });
+  }
+
+  $onChanges({ namespace, endpointId }) {
+    if ((namespace || endpointId) && this.endpointId) {
+      this.reloadRegistries();
     }
   }
 
   $onInit() {
-    return this.$async(this.onInit);
+    return this.$async(async () => {
+      await this.loadImages();
+    });
   }
 }
 
diff --git a/app/docker/components/imageRegistry/por-image-registry.html b/app/docker/components/imageRegistry/por-image-registry.html
index 77ca79c82..51b7cf397 100644
--- a/app/docker/components/imageRegistry/por-image-registry.html
+++ b/app/docker/components/imageRegistry/por-image-registry.html
@@ -6,10 +6,9 @@
     </label>
     <div ng-class="$ctrl.inputClass">
       <select
-        ng-options="registry as registry.Name for registry in $ctrl.availableRegistries track by registry.Name"
+        ng-options="registry as registry.Name for registry in $ctrl.registries track by registry.Name"
         ng-model="$ctrl.model.Registry"
         id="image_registry"
-        selected-item-id="ctrl.selectedItemId"
         class="form-control"
       ></select>
     </div>
diff --git a/app/docker/components/imageRegistry/por-image-registry.js b/app/docker/components/imageRegistry/por-image-registry.js
index 52b001db0..721cd1fd7 100644
--- a/app/docker/components/imageRegistry/por-image-registry.js
+++ b/app/docker/components/imageRegistry/por-image-registry.js
@@ -12,6 +12,8 @@ angular.module('portainer.docker').component('porImageRegistry', {
     checkRateLimits: '<',
     onImageChange: '&',
     setValidity: '<',
+    endpointId: '<',
+    namespace: '<',
   },
   require: {
     form: '^form',
diff --git a/app/docker/helpers/imageHelper.js b/app/docker/helpers/imageHelper.js
index af50cea4b..67529a10e 100644
--- a/app/docker/helpers/imageHelper.js
+++ b/app/docker/helpers/imageHelper.js
@@ -1,77 +1,85 @@
 import _ from 'lodash-es';
-import { RegistryTypes } from '@/portainer/models/registryTypes';
+import { RegistryTypes } from 'Portainer/models/registryTypes';
 
-angular.module('portainer.docker').factory('ImageHelper', [
-  function ImageHelperFactory() {
-    'use strict';
+angular.module('portainer.docker').factory('ImageHelper', ImageHelperFactory);
+function ImageHelperFactory() {
+  return {
+    isValidTag,
+    createImageConfigForContainer,
+    getImagesNamesForDownload,
+    removeDigestFromRepository,
+    imageContainsURL,
+  };
 
-    var helper = {};
+  function isValidTag(tag) {
+    return tag.match(/^(?![\.\-])([a-zA-Z0-9\_\.\-])+$/g);
+  }
 
-    helper.isValidTag = isValidTag;
-    helper.createImageConfigForContainer = createImageConfigForContainer;
-    helper.getImagesNamesForDownload = getImagesNamesForDownload;
-    helper.removeDigestFromRepository = removeDigestFromRepository;
-    helper.imageContainsURL = imageContainsURL;
+  function getImagesNamesForDownload(images) {
+    var names = images.map(function (image) {
+      return image.RepoTags[0] !== '<none>:<none>' ? image.RepoTags[0] : image.Id;
+    });
+    return {
+      names: names,
+    };
+  }
 
-    function isValidTag(tag) {
-      return tag.match(/^(?![\.\-])([a-zA-Z0-9\_\.\-])+$/g);
+  /**
+   *
+   * @param {PorImageRegistryModel} registry
+   */
+  function createImageConfigForContainer(imageModel) {
+    return {
+      fromImage: buildImageFullURI(imageModel),
+    };
+  }
+
+  function imageContainsURL(image) {
+    const split = _.split(image, '/');
+    const url = split[0];
+    if (split.length > 1) {
+      return _.includes(url, '.') || _.includes(url, ':');
     }
+    return false;
+  }
 
-    function getImagesNamesForDownload(images) {
-      var names = images.map(function (image) {
-        return image.RepoTags[0] !== '<none>:<none>' ? image.RepoTags[0] : image.Id;
-      });
-      return {
-        names: names,
-      };
-    }
+  function removeDigestFromRepository(repository) {
+    return repository.split('@sha')[0];
+  }
+}
+/**
+ * builds the complete uri for an image based on its registry
+ * @param {PorImageRegistryModel} imageModel
+ */
+export function buildImageFullURI(imageModel) {
+  if (!imageModel.UseRegistry) {
+    return imageModel.Image;
+  }
 
-    /**
-     *
-     * @param {PorImageRegistryModel} registry
-     */
-    function createImageConfigForContainer(registry) {
-      const data = {
-        fromImage: '',
-      };
-      let fullImageName = '';
+  let fullImageName = '';
 
-      if (registry.UseRegistry) {
-        if (registry.Registry.Type === RegistryTypes.GITLAB) {
-          const slash = _.startsWith(registry.Image, ':') ? '' : '/';
-          fullImageName = registry.Registry.URL + '/' + registry.Registry.Gitlab.ProjectPath + slash + registry.Image;
-        } else if (registry.Registry.Type === RegistryTypes.QUAY) {
-          const name = registry.Registry.Quay.UseOrganisation ? registry.Registry.Quay.OrganisationName : registry.Registry.Username;
-          const url = registry.Registry.URL ? registry.Registry.URL + '/' : '';
-          fullImageName = url + name + '/' + registry.Image;
-        } else {
-          const url = registry.Registry.URL ? registry.Registry.URL + '/' : '';
-          fullImageName = url + registry.Image;
-        }
-        if (!_.includes(registry.Image, ':')) {
-          fullImageName += ':latest';
-        }
-      } else {
-        fullImageName = registry.Image;
-      }
+  switch (imageModel.Registry.Type) {
+    case RegistryTypes.GITLAB:
+      fullImageName = imageModel.Registry.URL + '/' + imageModel.Registry.Gitlab.ProjectPath + (imageModel.Image.startsWith(':') ? '' : '/') + imageModel.Image;
+      break;
+    case RegistryTypes.ANONYMOUS:
+      fullImageName = imageModel.Image;
+      break;
+    case RegistryTypes.QUAY:
+      fullImageName =
+        (imageModel.Registry.URL ? imageModel.Registry.URL + '/' : '') +
+        (imageModel.Registry.Quay.UseOrganisation ? imageModel.Registry.Quay.OrganisationName : imageModel.Registry.Username) +
+        '/' +
+        imageModel.Image;
+      break;
+    default:
+      fullImageName = imageModel.Registry.URL + '/' + imageModel.Image;
+      break;
+  }
 
-      data.fromImage = fullImageName;
-      return data;
-    }
+  if (!imageModel.Image.includes(':')) {
+    fullImageName += ':latest';
+  }
 
-    function imageContainsURL(image) {
-      const split = _.split(image, '/');
-      const url = split[0];
-      if (split.length > 1) {
-        return _.includes(url, '.') || _.includes(url, ':');
-      }
-      return false;
-    }
-
-    function removeDigestFromRepository(repository) {
-      return repository.split('@sha')[0];
-    }
-
-    return helper;
-  },
-]);
+  return fullImageName;
+}
diff --git a/app/docker/views/containers/create/createContainerController.js b/app/docker/views/containers/create/createContainerController.js
index 768d1e589..a2b082bef 100644
--- a/app/docker/views/containers/create/createContainerController.js
+++ b/app/docker/views/containers/create/createContainerController.js
@@ -4,983 +4,958 @@ import { ContainerCapabilities, ContainerCapability } from '../../../models/cont
 import { AccessControlFormData } from '../../../../portainer/components/accessControlForm/porAccessControlFormModel';
 import { ContainerDetailsViewModel } from '../../../models/container';
 
-angular.module('portainer.docker').controller('CreateContainerController', [
-  '$q',
-  '$scope',
-  '$async',
-  '$state',
-  '$timeout',
-  '$transition$',
-  '$filter',
-  'Container',
-  'ContainerHelper',
-  'Image',
-  'ImageHelper',
-  'Volume',
-  'NetworkService',
-  'ResourceControlService',
-  'Authentication',
-  'Notifications',
-  'ContainerService',
-  'ImageService',
-  'FormValidator',
-  'ModalService',
-  'RegistryService',
-  'SystemService',
-  'PluginService',
-  'HttpRequestHelper',
-  'endpoint',
-  function (
-    $q,
-    $scope,
-    $async,
-    $state,
-    $timeout,
-    $transition$,
-    $filter,
-    Container,
-    ContainerHelper,
-    Image,
-    ImageHelper,
-    Volume,
-    NetworkService,
-    ResourceControlService,
-    Authentication,
-    Notifications,
-    ContainerService,
-    ImageService,
-    FormValidator,
-    ModalService,
-    RegistryService,
-    SystemService,
-    PluginService,
-    HttpRequestHelper,
-    endpoint
-  ) {
-    $scope.create = create;
-    $scope.endpoint = endpoint;
+angular.module('portainer.docker').controller('CreateContainerController', CreateContainerController);
 
-    $scope.formValues = {
-      alwaysPull: true,
-      Console: 'none',
-      Volumes: [],
-      NetworkContainer: null,
-      Labels: [],
+/* @ngInject */
+function CreateContainerController(
+  $q,
+  $scope,
+  $async,
+  $state,
+  $timeout,
+  $transition$,
+  $filter,
+  Container,
+  ContainerHelper,
+  ImageHelper,
+  Volume,
+  NetworkService,
+  ResourceControlService,
+  Authentication,
+  Notifications,
+  ContainerService,
+  ImageService,
+  FormValidator,
+  ModalService,
+  RegistryService,
+  SystemService,
+  PluginService,
+  HttpRequestHelper,
+  endpoint
+) {
+  $scope.create = create;
+  $scope.endpoint = endpoint;
+
+  $scope.formValues = {
+    alwaysPull: true,
+    Console: 'none',
+    Volumes: [],
+    NetworkContainer: null,
+    Labels: [],
+    ExtraHosts: [],
+    MacAddress: '',
+    IPv4: '',
+    IPv6: '',
+    DnsPrimary: '',
+    DnsSecondary: '',
+    AccessControlData: new AccessControlFormData(),
+    CpuLimit: 0,
+    MemoryLimit: 0,
+    MemoryReservation: 0,
+    CmdMode: 'default',
+    EntrypointMode: 'default',
+    NodeName: null,
+    capabilities: [],
+    Sysctls: [],
+    LogDriverName: '',
+    LogDriverOpts: [],
+    RegistryModel: new PorImageRegistryModel(),
+  };
+
+  $scope.extraNetworks = {};
+
+  $scope.state = {
+    formValidationError: '',
+    actionInProgress: false,
+    mode: '',
+    pullImageValidity: true,
+  };
+
+  $scope.refreshSlider = function () {
+    $timeout(function () {
+      $scope.$broadcast('rzSliderForceRender');
+    });
+  };
+
+  $scope.onImageNameChange = function () {
+    $scope.formValues.CmdMode = 'default';
+    $scope.formValues.EntrypointMode = 'default';
+  };
+
+  $scope.setPullImageValidity = setPullImageValidity;
+  function setPullImageValidity(validity) {
+    if (!validity) {
+      $scope.formValues.alwaysPull = false;
+    }
+    $scope.state.pullImageValidity = validity;
+  }
+
+  $scope.config = {
+    Image: '',
+    Env: [],
+    Cmd: '',
+    MacAddress: '',
+    ExposedPorts: {},
+    Entrypoint: '',
+    HostConfig: {
+      RestartPolicy: {
+        Name: 'no',
+      },
+      PortBindings: [],
+      PublishAllPorts: false,
+      Binds: [],
+      AutoRemove: false,
+      NetworkMode: 'bridge',
+      Privileged: false,
+      Init: false,
+      Runtime: null,
       ExtraHosts: [],
-      MacAddress: '',
-      IPv4: '',
-      IPv6: '',
-      DnsPrimary: '',
-      DnsSecondary: '',
-      AccessControlData: new AccessControlFormData(),
-      CpuLimit: 0,
-      MemoryLimit: 0,
-      MemoryReservation: 0,
-      CmdMode: 'default',
-      EntrypointMode: 'default',
-      NodeName: null,
-      capabilities: [],
-      Sysctls: [],
-      LogDriverName: '',
-      LogDriverOpts: [],
-      RegistryModel: new PorImageRegistryModel(),
-    };
+      Devices: [],
+      CapAdd: [],
+      CapDrop: [],
+      Sysctls: {},
+    },
+    NetworkingConfig: {
+      EndpointsConfig: {},
+    },
+    Labels: {},
+  };
 
-    $scope.extraNetworks = {};
+  $scope.addVolume = function () {
+    $scope.formValues.Volumes.push({ name: '', containerPath: '', readOnly: false, type: 'volume' });
+  };
 
-    $scope.state = {
-      formValidationError: '',
-      actionInProgress: false,
-      mode: '',
-      pullImageValidity: true,
-    };
+  $scope.removeVolume = function (index) {
+    $scope.formValues.Volumes.splice(index, 1);
+  };
 
-    $scope.refreshSlider = function () {
-      $timeout(function () {
-        $scope.$broadcast('rzSliderForceRender');
-      });
-    };
+  $scope.addEnvironmentVariable = function () {
+    $scope.config.Env.push({ name: '', value: '' });
+  };
 
-    $scope.onImageNameChange = function () {
-      $scope.formValues.CmdMode = 'default';
-      $scope.formValues.EntrypointMode = 'default';
-    };
+  $scope.removeEnvironmentVariable = function (index) {
+    $scope.config.Env.splice(index, 1);
+  };
 
-    $scope.setPullImageValidity = setPullImageValidity;
-    function setPullImageValidity(validity) {
-      if (!validity) {
-        $scope.formValues.alwaysPull = false;
+  $scope.addPortBinding = function () {
+    $scope.config.HostConfig.PortBindings.push({ hostPort: '', containerPort: '', protocol: 'tcp' });
+  };
+
+  $scope.removePortBinding = function (index) {
+    $scope.config.HostConfig.PortBindings.splice(index, 1);
+  };
+
+  $scope.addLabel = function () {
+    $scope.formValues.Labels.push({ name: '', value: '' });
+  };
+
+  $scope.removeLabel = function (index) {
+    $scope.formValues.Labels.splice(index, 1);
+  };
+
+  $scope.addExtraHost = function () {
+    $scope.formValues.ExtraHosts.push({ value: '' });
+  };
+
+  $scope.removeExtraHost = function (index) {
+    $scope.formValues.ExtraHosts.splice(index, 1);
+  };
+
+  $scope.addDevice = function () {
+    $scope.config.HostConfig.Devices.push({ pathOnHost: '', pathInContainer: '' });
+  };
+
+  $scope.removeDevice = function (index) {
+    $scope.config.HostConfig.Devices.splice(index, 1);
+  };
+
+  $scope.addSysctl = function () {
+    $scope.formValues.Sysctls.push({ name: '', value: '' });
+  };
+
+  $scope.removeSysctl = function (index) {
+    $scope.formValues.Sysctls.splice(index, 1);
+  };
+
+  $scope.addLogDriverOpt = function () {
+    $scope.formValues.LogDriverOpts.push({ name: '', value: '' });
+  };
+
+  $scope.removeLogDriverOpt = function (index) {
+    $scope.formValues.LogDriverOpts.splice(index, 1);
+  };
+
+  $scope.fromContainerMultipleNetworks = false;
+
+  function prepareImageConfig(config) {
+    const imageConfig = ImageHelper.createImageConfigForContainer($scope.formValues.RegistryModel);
+    config.Image = imageConfig.fromImage;
+  }
+
+  function preparePortBindings(config) {
+    const bindings = ContainerHelper.preparePortBindings(config.HostConfig.PortBindings);
+    config.ExposedPorts = {};
+    _.forEach(bindings, (_, key) => (config.ExposedPorts[key] = {}));
+    config.HostConfig.PortBindings = bindings;
+  }
+
+  function prepareConsole(config) {
+    var value = $scope.formValues.Console;
+    var openStdin = true;
+    var tty = true;
+    if (value === 'tty') {
+      openStdin = false;
+    } else if (value === 'interactive') {
+      tty = false;
+    } else if (value === 'none') {
+      openStdin = false;
+      tty = false;
+    }
+    config.OpenStdin = openStdin;
+    config.Tty = tty;
+  }
+
+  function prepareCmd(config) {
+    if (_.isEmpty(config.Cmd) || $scope.formValues.CmdMode == 'default') {
+      delete config.Cmd;
+    } else {
+      config.Cmd = ContainerHelper.commandStringToArray(config.Cmd);
+    }
+  }
+
+  function prepareEntrypoint(config) {
+    if ($scope.formValues.EntrypointMode == 'default' || (_.isEmpty(config.Cmd) && _.isEmpty(config.Entrypoint))) {
+      config.Entrypoint = null;
+    }
+  }
+
+  function prepareEnvironmentVariables(config) {
+    var env = [];
+    config.Env.forEach(function (v) {
+      if (v.name && v.value) {
+        env.push(v.name + '=' + v.value);
       }
-      $scope.state.pullImageValidity = validity;
-    }
+    });
+    config.Env = env;
+  }
 
-    $scope.config = {
-      Image: '',
-      Env: [],
-      Cmd: '',
-      MacAddress: '',
-      ExposedPorts: {},
-      Entrypoint: '',
-      HostConfig: {
-        RestartPolicy: {
-          Name: 'no',
-        },
-        PortBindings: [],
-        PublishAllPorts: false,
-        Binds: [],
-        AutoRemove: false,
-        NetworkMode: 'bridge',
-        Privileged: false,
-        Init: false,
-        Runtime: null,
-        ExtraHosts: [],
-        Devices: [],
-        CapAdd: [],
-        CapDrop: [],
-        Sysctls: {},
-      },
-      NetworkingConfig: {
-        EndpointsConfig: {},
-      },
-      Labels: {},
-    };
+  function prepareVolumes(config) {
+    var binds = [];
+    var volumes = {};
 
-    $scope.addVolume = function () {
-      $scope.formValues.Volumes.push({ name: '', containerPath: '', readOnly: false, type: 'volume' });
-    };
-
-    $scope.removeVolume = function (index) {
-      $scope.formValues.Volumes.splice(index, 1);
-    };
-
-    $scope.addEnvironmentVariable = function () {
-      $scope.config.Env.push({ name: '', value: '' });
-    };
-
-    $scope.removeEnvironmentVariable = function (index) {
-      $scope.config.Env.splice(index, 1);
-    };
-
-    $scope.addPortBinding = function () {
-      $scope.config.HostConfig.PortBindings.push({ hostPort: '', containerPort: '', protocol: 'tcp' });
-    };
-
-    $scope.removePortBinding = function (index) {
-      $scope.config.HostConfig.PortBindings.splice(index, 1);
-    };
-
-    $scope.addLabel = function () {
-      $scope.formValues.Labels.push({ name: '', value: '' });
-    };
-
-    $scope.removeLabel = function (index) {
-      $scope.formValues.Labels.splice(index, 1);
-    };
-
-    $scope.addExtraHost = function () {
-      $scope.formValues.ExtraHosts.push({ value: '' });
-    };
-
-    $scope.removeExtraHost = function (index) {
-      $scope.formValues.ExtraHosts.splice(index, 1);
-    };
-
-    $scope.addDevice = function () {
-      $scope.config.HostConfig.Devices.push({ pathOnHost: '', pathInContainer: '' });
-    };
-
-    $scope.removeDevice = function (index) {
-      $scope.config.HostConfig.Devices.splice(index, 1);
-    };
-
-    $scope.addSysctl = function () {
-      $scope.formValues.Sysctls.push({ name: '', value: '' });
-    };
-
-    $scope.removeSysctl = function (index) {
-      $scope.formValues.Sysctls.splice(index, 1);
-    };
-
-    $scope.addLogDriverOpt = function () {
-      $scope.formValues.LogDriverOpts.push({ name: '', value: '' });
-    };
-
-    $scope.removeLogDriverOpt = function (index) {
-      $scope.formValues.LogDriverOpts.splice(index, 1);
-    };
-
-    $scope.fromContainerMultipleNetworks = false;
-
-    function prepareImageConfig(config) {
-      const imageConfig = ImageHelper.createImageConfigForContainer($scope.formValues.RegistryModel);
-      config.Image = imageConfig.fromImage;
-    }
-
-    function preparePortBindings(config) {
-      const bindings = ContainerHelper.preparePortBindings(config.HostConfig.PortBindings);
-      config.ExposedPorts = {};
-      _.forEach(bindings, (_, key) => (config.ExposedPorts[key] = {}));
-      config.HostConfig.PortBindings = bindings;
-    }
-
-    function prepareConsole(config) {
-      var value = $scope.formValues.Console;
-      var openStdin = true;
-      var tty = true;
-      if (value === 'tty') {
-        openStdin = false;
-      } else if (value === 'interactive') {
-        tty = false;
-      } else if (value === 'none') {
-        openStdin = false;
-        tty = false;
-      }
-      config.OpenStdin = openStdin;
-      config.Tty = tty;
-    }
-
-    function prepareCmd(config) {
-      if (_.isEmpty(config.Cmd) || $scope.formValues.CmdMode == 'default') {
-        delete config.Cmd;
-      } else {
-        config.Cmd = ContainerHelper.commandStringToArray(config.Cmd);
-      }
-    }
-
-    function prepareEntrypoint(config) {
-      if ($scope.formValues.EntrypointMode == 'default' || (_.isEmpty(config.Cmd) && _.isEmpty(config.Entrypoint))) {
-        config.Entrypoint = null;
-      }
-    }
-
-    function prepareEnvironmentVariables(config) {
-      var env = [];
-      config.Env.forEach(function (v) {
-        if (v.name && v.value) {
-          env.push(v.name + '=' + v.value);
+    $scope.formValues.Volumes.forEach(function (volume) {
+      var name = volume.name;
+      var containerPath = volume.containerPath;
+      if (name && containerPath) {
+        var bind = name + ':' + containerPath;
+        volumes[containerPath] = {};
+        if (volume.readOnly) {
+          bind += ':ro';
         }
+        binds.push(bind);
+      }
+    });
+    config.HostConfig.Binds = binds;
+    config.Volumes = volumes;
+  }
+
+  function prepareNetworkConfig(config) {
+    var mode = config.HostConfig.NetworkMode;
+    var container = $scope.formValues.NetworkContainer;
+    var containerName = container;
+    if (container && typeof container === 'object') {
+      containerName = $filter('trimcontainername')(container.Names[0]);
+    }
+    var networkMode = mode;
+    if (containerName) {
+      networkMode += ':' + containerName;
+      config.Hostname = '';
+    }
+    config.HostConfig.NetworkMode = networkMode;
+    config.MacAddress = $scope.formValues.MacAddress;
+
+    config.NetworkingConfig.EndpointsConfig[networkMode] = {
+      IPAMConfig: {
+        IPv4Address: $scope.formValues.IPv4,
+        IPv6Address: $scope.formValues.IPv6,
+      },
+    };
+
+    if (networkMode && _.get($scope.config.NetworkingConfig.EndpointsConfig[networkMode], 'Aliases')) {
+      var aliases = $scope.config.NetworkingConfig.EndpointsConfig[networkMode].Aliases;
+      config.NetworkingConfig.EndpointsConfig[networkMode].Aliases = _.filter(aliases, (o) => {
+        return !_.startsWith($scope.fromContainer.Id, o);
       });
-      config.Env = env;
     }
 
-    function prepareVolumes(config) {
-      var binds = [];
-      var volumes = {};
+    var dnsServers = [];
+    if ($scope.formValues.DnsPrimary) {
+      dnsServers.push($scope.formValues.DnsPrimary);
+    }
+    if ($scope.formValues.DnsSecondary) {
+      dnsServers.push($scope.formValues.DnsSecondary);
+    }
+    config.HostConfig.Dns = dnsServers;
 
-      $scope.formValues.Volumes.forEach(function (volume) {
-        var name = volume.name;
-        var containerPath = volume.containerPath;
-        if (name && containerPath) {
-          var bind = name + ':' + containerPath;
-          volumes[containerPath] = {};
-          if (volume.readOnly) {
-            bind += ':ro';
+    config.HostConfig.ExtraHosts = _.map(
+      _.filter($scope.formValues.ExtraHosts, (v) => v.value),
+      'value'
+    );
+  }
+
+  function prepareLabels(config) {
+    var labels = {};
+    $scope.formValues.Labels.forEach(function (label) {
+      if (label.name) {
+        if (label.value) {
+          labels[label.name] = label.value;
+        } else {
+          labels[label.name] = '';
+        }
+      }
+    });
+    config.Labels = labels;
+  }
+
+  function prepareDevices(config) {
+    var path = [];
+    config.HostConfig.Devices.forEach(function (p) {
+      if (p.pathOnHost) {
+        if (p.pathInContainer === '') {
+          p.pathInContainer = p.pathOnHost;
+        }
+        path.push({ PathOnHost: p.pathOnHost, PathInContainer: p.pathInContainer, CgroupPermissions: 'rwm' });
+      }
+    });
+    config.HostConfig.Devices = path;
+  }
+
+  function prepareSysctls(config) {
+    var sysctls = {};
+    $scope.formValues.Sysctls.forEach(function (sysctl) {
+      if (sysctl.name && sysctl.value) {
+        sysctls[sysctl.name] = sysctl.value;
+      }
+    });
+    config.HostConfig.Sysctls = sysctls;
+  }
+
+  function prepareResources(config) {
+    // Memory Limit - Round to 0.125
+    if ($scope.formValues.MemoryLimit >= 0) {
+      var memoryLimit = (Math.round($scope.formValues.MemoryLimit * 8) / 8).toFixed(3);
+      memoryLimit *= 1024 * 1024;
+      config.HostConfig.Memory = memoryLimit;
+    }
+
+    // Memory Resevation - Round to 0.125
+    if ($scope.formValues.MemoryReservation >= 0) {
+      var memoryReservation = (Math.round($scope.formValues.MemoryReservation * 8) / 8).toFixed(3);
+      memoryReservation *= 1024 * 1024;
+      config.HostConfig.MemoryReservation = memoryReservation;
+    }
+
+    // CPU Limit
+    if ($scope.formValues.CpuLimit >= 0) {
+      config.HostConfig.NanoCpus = $scope.formValues.CpuLimit * 1000000000;
+    }
+  }
+
+  function prepareLogDriver(config) {
+    var logOpts = {};
+    if ($scope.formValues.LogDriverName) {
+      config.HostConfig.LogConfig = { Type: $scope.formValues.LogDriverName };
+      if ($scope.formValues.LogDriverName !== 'none') {
+        $scope.formValues.LogDriverOpts.forEach(function (opt) {
+          if (opt.name) {
+            logOpts[opt.name] = opt.value;
           }
-          binds.push(bind);
-        }
-      });
-      config.HostConfig.Binds = binds;
-      config.Volumes = volumes;
-    }
-
-    function prepareNetworkConfig(config) {
-      var mode = config.HostConfig.NetworkMode;
-      var container = $scope.formValues.NetworkContainer;
-      var containerName = container;
-      if (container && typeof container === 'object') {
-        containerName = $filter('trimcontainername')(container.Names[0]);
-      }
-      var networkMode = mode;
-      if (containerName) {
-        networkMode += ':' + containerName;
-        config.Hostname = '';
-      }
-      config.HostConfig.NetworkMode = networkMode;
-      config.MacAddress = $scope.formValues.MacAddress;
-
-      config.NetworkingConfig.EndpointsConfig[networkMode] = {
-        IPAMConfig: {
-          IPv4Address: $scope.formValues.IPv4,
-          IPv6Address: $scope.formValues.IPv6,
-        },
-      };
-
-      if (networkMode && _.get($scope.config.NetworkingConfig.EndpointsConfig[networkMode], 'Aliases')) {
-        var aliases = $scope.config.NetworkingConfig.EndpointsConfig[networkMode].Aliases;
-        config.NetworkingConfig.EndpointsConfig[networkMode].Aliases = _.filter(aliases, (o) => {
-          return !_.startsWith($scope.fromContainer.Id, o);
         });
-      }
-
-      var dnsServers = [];
-      if ($scope.formValues.DnsPrimary) {
-        dnsServers.push($scope.formValues.DnsPrimary);
-      }
-      if ($scope.formValues.DnsSecondary) {
-        dnsServers.push($scope.formValues.DnsSecondary);
-      }
-      config.HostConfig.Dns = dnsServers;
-
-      config.HostConfig.ExtraHosts = _.map(
-        _.filter($scope.formValues.ExtraHosts, (v) => v.value),
-        'value'
-      );
-    }
-
-    function prepareLabels(config) {
-      var labels = {};
-      $scope.formValues.Labels.forEach(function (label) {
-        if (label.name) {
-          if (label.value) {
-            labels[label.name] = label.value;
-          } else {
-            labels[label.name] = '';
-          }
-        }
-      });
-      config.Labels = labels;
-    }
-
-    function prepareDevices(config) {
-      var path = [];
-      config.HostConfig.Devices.forEach(function (p) {
-        if (p.pathOnHost) {
-          if (p.pathInContainer === '') {
-            p.pathInContainer = p.pathOnHost;
-          }
-          path.push({ PathOnHost: p.pathOnHost, PathInContainer: p.pathInContainer, CgroupPermissions: 'rwm' });
-        }
-      });
-      config.HostConfig.Devices = path;
-    }
-
-    function prepareSysctls(config) {
-      var sysctls = {};
-      $scope.formValues.Sysctls.forEach(function (sysctl) {
-        if (sysctl.name && sysctl.value) {
-          sysctls[sysctl.name] = sysctl.value;
-        }
-      });
-      config.HostConfig.Sysctls = sysctls;
-    }
-
-    function prepareResources(config) {
-      // Memory Limit - Round to 0.125
-      if ($scope.formValues.MemoryLimit >= 0) {
-        var memoryLimit = (Math.round($scope.formValues.MemoryLimit * 8) / 8).toFixed(3);
-        memoryLimit *= 1024 * 1024;
-        config.HostConfig.Memory = memoryLimit;
-      }
-
-      // Memory Resevation - Round to 0.125
-      if ($scope.formValues.MemoryReservation >= 0) {
-        var memoryReservation = (Math.round($scope.formValues.MemoryReservation * 8) / 8).toFixed(3);
-        memoryReservation *= 1024 * 1024;
-        config.HostConfig.MemoryReservation = memoryReservation;
-      }
-
-      // CPU Limit
-      if ($scope.formValues.CpuLimit >= 0) {
-        config.HostConfig.NanoCpus = $scope.formValues.CpuLimit * 1000000000;
-      }
-    }
-
-    function prepareLogDriver(config) {
-      var logOpts = {};
-      if ($scope.formValues.LogDriverName) {
-        config.HostConfig.LogConfig = { Type: $scope.formValues.LogDriverName };
-        if ($scope.formValues.LogDriverName !== 'none') {
-          $scope.formValues.LogDriverOpts.forEach(function (opt) {
-            if (opt.name) {
-              logOpts[opt.name] = opt.value;
-            }
-          });
-          if (Object.keys(logOpts).length !== 0 && logOpts.constructor === Object) {
-            config.HostConfig.LogConfig.Config = logOpts;
-          }
+        if (Object.keys(logOpts).length !== 0 && logOpts.constructor === Object) {
+          config.HostConfig.LogConfig.Config = logOpts;
         }
       }
     }
+  }
 
-    function prepareCapabilities(config) {
-      var allowed = $scope.formValues.capabilities.filter(function (item) {
-        return item.allowed === true;
-      });
-      var notAllowed = $scope.formValues.capabilities.filter(function (item) {
-        return item.allowed === false;
-      });
+  function prepareCapabilities(config) {
+    var allowed = $scope.formValues.capabilities.filter(function (item) {
+      return item.allowed === true;
+    });
+    var notAllowed = $scope.formValues.capabilities.filter(function (item) {
+      return item.allowed === false;
+    });
 
-      var getCapName = function (item) {
-        return item.capability;
-      };
-      config.HostConfig.CapAdd = allowed.map(getCapName);
-      config.HostConfig.CapDrop = notAllowed.map(getCapName);
-    }
-
-    function prepareConfiguration() {
-      var config = angular.copy($scope.config);
-      prepareCmd(config);
-      prepareEntrypoint(config);
-      prepareNetworkConfig(config);
-      prepareImageConfig(config);
-      preparePortBindings(config);
-      prepareConsole(config);
-      prepareEnvironmentVariables(config);
-      prepareVolumes(config);
-      prepareLabels(config);
-      prepareDevices(config);
-      prepareResources(config);
-      prepareLogDriver(config);
-      prepareCapabilities(config);
-      prepareSysctls(config);
-      return config;
-    }
-
-    function loadFromContainerCmd() {
-      if ($scope.config.Cmd) {
-        $scope.config.Cmd = ContainerHelper.commandArrayToString($scope.config.Cmd);
-        $scope.formValues.CmdMode = 'override';
-      }
-    }
-
-    function loadFromContainerEntrypoint() {
-      if (_.has($scope.config, 'Entrypoint')) {
-        if ($scope.config.Entrypoint == null) {
-          $scope.config.Entrypoint = '';
-        }
-        $scope.formValues.EntrypointMode = 'override';
-      }
-    }
-
-    function loadFromContainerPortBindings() {
-      const bindings = ContainerHelper.sortAndCombinePorts($scope.config.HostConfig.PortBindings);
-      $scope.config.HostConfig.PortBindings = bindings;
-    }
-
-    function loadFromContainerVolumes(d) {
-      for (var v in d.Mounts) {
-        if ({}.hasOwnProperty.call(d.Mounts, v)) {
-          var mount = d.Mounts[v];
-          var volume = {
-            type: mount.Type,
-            name: mount.Name || mount.Source,
-            containerPath: mount.Destination,
-            readOnly: mount.RW === false,
-          };
-          $scope.formValues.Volumes.push(volume);
-        }
-      }
-    }
-
-    $scope.resetNetworkConfig = function () {
-      $scope.config.NetworkingConfig = {
-        EndpointsConfig: {},
-      };
+    var getCapName = function (item) {
+      return item.capability;
     };
+    config.HostConfig.CapAdd = allowed.map(getCapName);
+    config.HostConfig.CapDrop = notAllowed.map(getCapName);
+  }
 
-    function loadFromContainerNetworkConfig(d) {
-      $scope.config.NetworkingConfig = {
-        EndpointsConfig: {},
+  function prepareConfiguration() {
+    var config = angular.copy($scope.config);
+    prepareCmd(config);
+    prepareEntrypoint(config);
+    prepareNetworkConfig(config);
+    prepareImageConfig(config);
+    preparePortBindings(config);
+    prepareConsole(config);
+    prepareEnvironmentVariables(config);
+    prepareVolumes(config);
+    prepareLabels(config);
+    prepareDevices(config);
+    prepareResources(config);
+    prepareLogDriver(config);
+    prepareCapabilities(config);
+    prepareSysctls(config);
+    return config;
+  }
+
+  function loadFromContainerCmd() {
+    if ($scope.config.Cmd) {
+      $scope.config.Cmd = ContainerHelper.commandArrayToString($scope.config.Cmd);
+      $scope.formValues.CmdMode = 'override';
+    }
+  }
+
+  function loadFromContainerEntrypoint() {
+    if (_.has($scope.config, 'Entrypoint')) {
+      if ($scope.config.Entrypoint == null) {
+        $scope.config.Entrypoint = '';
+      }
+      $scope.formValues.EntrypointMode = 'override';
+    }
+  }
+
+  function loadFromContainerPortBindings() {
+    const bindings = ContainerHelper.sortAndCombinePorts($scope.config.HostConfig.PortBindings);
+    $scope.config.HostConfig.PortBindings = bindings;
+  }
+
+  function loadFromContainerVolumes(d) {
+    for (var v in d.Mounts) {
+      if ({}.hasOwnProperty.call(d.Mounts, v)) {
+        var mount = d.Mounts[v];
+        var volume = {
+          type: mount.Type,
+          name: mount.Name || mount.Source,
+          containerPath: mount.Destination,
+          readOnly: mount.RW === false,
+        };
+        $scope.formValues.Volumes.push(volume);
+      }
+    }
+  }
+
+  $scope.resetNetworkConfig = function () {
+    $scope.config.NetworkingConfig = {
+      EndpointsConfig: {},
+    };
+  };
+
+  function loadFromContainerNetworkConfig(d) {
+    $scope.config.NetworkingConfig = {
+      EndpointsConfig: {},
+    };
+    var networkMode = d.HostConfig.NetworkMode;
+    if (networkMode === 'default') {
+      $scope.config.HostConfig.NetworkMode = 'bridge';
+      if (!_.find($scope.availableNetworks, { Name: 'bridge' })) {
+        $scope.config.HostConfig.NetworkMode = 'nat';
+      }
+    }
+    if ($scope.config.HostConfig.NetworkMode.indexOf('container:') === 0) {
+      var netContainer = $scope.config.HostConfig.NetworkMode.split(/^container:/)[1];
+      $scope.config.HostConfig.NetworkMode = 'container';
+      for (var c in $scope.runningContainers) {
+        if ($scope.runningContainers[c].Id == netContainer) {
+          $scope.formValues.NetworkContainer = $scope.runningContainers[c];
+        }
+      }
+    }
+    $scope.fromContainerMultipleNetworks = Object.keys(d.NetworkSettings.Networks).length >= 2;
+    if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode]) {
+      if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig) {
+        if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv4Address) {
+          $scope.formValues.IPv4 = d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv4Address;
+        }
+        if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv6Address) {
+          $scope.formValues.IPv6 = d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv6Address;
+        }
+      }
+    }
+    $scope.config.NetworkingConfig.EndpointsConfig[$scope.config.HostConfig.NetworkMode] = d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode];
+    if (Object.keys(d.NetworkSettings.Networks).length > 1) {
+      var firstNetwork = d.NetworkSettings.Networks[Object.keys(d.NetworkSettings.Networks)[0]];
+      $scope.config.NetworkingConfig.EndpointsConfig[$scope.config.HostConfig.NetworkMode] = firstNetwork;
+      $scope.extraNetworks = angular.copy(d.NetworkSettings.Networks);
+      delete $scope.extraNetworks[Object.keys(d.NetworkSettings.Networks)[0]];
+    }
+    $scope.formValues.MacAddress = d.Config.MacAddress;
+
+    if (d.HostConfig.Dns && d.HostConfig.Dns[0]) {
+      $scope.formValues.DnsPrimary = d.HostConfig.Dns[0];
+      if (d.HostConfig.Dns[1]) {
+        $scope.formValues.DnsSecondary = d.HostConfig.Dns[1];
+      }
+    }
+
+    // ExtraHosts
+    if ($scope.config.HostConfig.ExtraHosts) {
+      var extraHosts = $scope.config.HostConfig.ExtraHosts;
+      for (var i = 0; i < extraHosts.length; i++) {
+        var host = extraHosts[i];
+        $scope.formValues.ExtraHosts.push({ value: host });
+      }
+      $scope.config.HostConfig.ExtraHosts = [];
+    }
+  }
+
+  function loadFromContainerEnvironmentVariables() {
+    var envArr = [];
+    for (var e in $scope.config.Env) {
+      if ({}.hasOwnProperty.call($scope.config.Env, e)) {
+        var arr = $scope.config.Env[e].split(/\=(.*)/);
+        envArr.push({ name: arr[0], value: arr[1] });
+      }
+    }
+    $scope.config.Env = envArr;
+  }
+
+  function loadFromContainerLabels() {
+    for (var l in $scope.config.Labels) {
+      if ({}.hasOwnProperty.call($scope.config.Labels, l)) {
+        $scope.formValues.Labels.push({ name: l, value: $scope.config.Labels[l] });
+      }
+    }
+  }
+
+  function loadFromContainerConsole() {
+    if ($scope.config.OpenStdin && $scope.config.Tty) {
+      $scope.formValues.Console = 'both';
+    } else if (!$scope.config.OpenStdin && $scope.config.Tty) {
+      $scope.formValues.Console = 'tty';
+    } else if ($scope.config.OpenStdin && !$scope.config.Tty) {
+      $scope.formValues.Console = 'interactive';
+    } else if (!$scope.config.OpenStdin && !$scope.config.Tty) {
+      $scope.formValues.Console = 'none';
+    }
+  }
+
+  function loadFromContainerDevices() {
+    var path = [];
+    for (var dev in $scope.config.HostConfig.Devices) {
+      if ({}.hasOwnProperty.call($scope.config.HostConfig.Devices, dev)) {
+        var device = $scope.config.HostConfig.Devices[dev];
+        path.push({ pathOnHost: device.PathOnHost, pathInContainer: device.PathInContainer });
+      }
+    }
+    $scope.config.HostConfig.Devices = path;
+  }
+
+  function loadFromContainerSysctls() {
+    for (var s in $scope.config.HostConfig.Sysctls) {
+      if ({}.hasOwnProperty.call($scope.config.HostConfig.Sysctls, s)) {
+        $scope.formValues.Sysctls.push({ name: s, value: $scope.config.HostConfig.Sysctls[s] });
+      }
+    }
+  }
+
+  function loadFromContainerImageConfig() {
+    RegistryService.retrievePorRegistryModelFromRepository($scope.config.Image)
+      .then((model) => {
+        $scope.formValues.RegistryModel = model;
+      })
+      .catch(function error(err) {
+        Notifications.error('Failure', err, 'Unable to retrive registry');
+      });
+  }
+
+  function loadFromContainerResources(d) {
+    if (d.HostConfig.NanoCpus) {
+      $scope.formValues.CpuLimit = d.HostConfig.NanoCpus / 1000000000;
+    }
+    if (d.HostConfig.Memory) {
+      $scope.formValues.MemoryLimit = d.HostConfig.Memory / 1024 / 1024;
+    }
+    if (d.HostConfig.MemoryReservation) {
+      $scope.formValues.MemoryReservation = d.HostConfig.MemoryReservation / 1024 / 1024;
+    }
+  }
+
+  function loadFromContainerCapabilities(d) {
+    if (d.HostConfig.CapAdd) {
+      d.HostConfig.CapAdd.forEach(function (cap) {
+        $scope.formValues.capabilities.push(new ContainerCapability(cap, true));
+      });
+    }
+    if (d.HostConfig.CapDrop) {
+      d.HostConfig.CapDrop.forEach(function (cap) {
+        $scope.formValues.capabilities.push(new ContainerCapability(cap, false));
+      });
+    }
+
+    function hasCapability(item) {
+      return item.capability === cap.capability;
+    }
+
+    var capabilities = new ContainerCapabilities();
+    for (var i = 0; i < capabilities.length; i++) {
+      var cap = capabilities[i];
+      if (!_.find($scope.formValues.capabilities, hasCapability)) {
+        $scope.formValues.capabilities.push(cap);
+      }
+    }
+
+    $scope.formValues.capabilities.sort(function (a, b) {
+      return a.capability < b.capability ? -1 : 1;
+    });
+  }
+
+  function loadFromContainerSpec() {
+    // Get container
+    Container.get({ id: $transition$.params().from })
+      .$promise.then(function success(d) {
+        var fromContainer = new ContainerDetailsViewModel(d);
+        if (fromContainer.ResourceControl && fromContainer.ResourceControl.Public) {
+          $scope.formValues.AccessControlData.AccessControlEnabled = false;
+        }
+        $scope.fromContainer = fromContainer;
+        $scope.state.mode = 'duplicate';
+        $scope.config = ContainerHelper.configFromContainer(fromContainer.Model);
+        loadFromContainerCmd(d);
+        loadFromContainerEntrypoint(d);
+        loadFromContainerLogging(d);
+        loadFromContainerPortBindings(d);
+        loadFromContainerVolumes(d);
+        loadFromContainerNetworkConfig(d);
+        loadFromContainerEnvironmentVariables(d);
+        loadFromContainerLabels(d);
+        loadFromContainerConsole(d);
+        loadFromContainerDevices(d);
+        loadFromContainerImageConfig(d);
+        loadFromContainerResources(d);
+        loadFromContainerCapabilities(d);
+        loadFromContainerSysctls(d);
+      })
+      .catch(function error(err) {
+        Notifications.error('Failure', err, 'Unable to retrieve container');
+      });
+  }
+
+  function loadFromContainerLogging(config) {
+    var logConfig = config.HostConfig.LogConfig;
+    $scope.formValues.LogDriverName = logConfig.Type;
+    $scope.formValues.LogDriverOpts = _.map(logConfig.Config, function (value, name) {
+      return {
+        name: name,
+        value: value,
       };
-      var networkMode = d.HostConfig.NetworkMode;
-      if (networkMode === 'default') {
-        $scope.config.HostConfig.NetworkMode = 'bridge';
-        if (!_.find($scope.availableNetworks, { Name: 'bridge' })) {
+    });
+  }
+
+  async function initView() {
+    var nodeName = $transition$.params().nodeName;
+    $scope.formValues.NodeName = nodeName;
+    HttpRequestHelper.setPortainerAgentTargetHeader(nodeName);
+
+    $scope.isAdmin = Authentication.isAdmin();
+    $scope.showDeviceMapping = await shouldShowDevices();
+    $scope.showSysctls = await shouldShowSysctls();
+    $scope.areContainerCapabilitiesEnabled = await checkIfContainerCapabilitiesEnabled();
+    $scope.isAdminOrEndpointAdmin = Authentication.isAdmin();
+
+    Volume.query(
+      {},
+      function (d) {
+        $scope.availableVolumes = d.Volumes.sort((vol1, vol2) => {
+          return vol1.Name.localeCompare(vol2.Name);
+        });
+      },
+      function (e) {
+        Notifications.error('Failure', e, 'Unable to retrieve volumes');
+      }
+    );
+
+    var provider = $scope.applicationState.endpoint.mode.provider;
+    var apiVersion = $scope.applicationState.endpoint.apiVersion;
+    NetworkService.networks(provider === 'DOCKER_STANDALONE' || provider === 'DOCKER_SWARM_MODE', false, provider === 'DOCKER_SWARM_MODE' && apiVersion >= 1.25)
+      .then(function success(networks) {
+        networks.push({ Name: 'container' });
+        $scope.availableNetworks = networks.sort((a, b) => a.Name.localeCompare(b.Name));
+
+        if (_.find(networks, { Name: 'nat' })) {
           $scope.config.HostConfig.NetworkMode = 'nat';
         }
-      }
-      if ($scope.config.HostConfig.NetworkMode.indexOf('container:') === 0) {
-        var netContainer = $scope.config.HostConfig.NetworkMode.split(/^container:/)[1];
-        $scope.config.HostConfig.NetworkMode = 'container';
-        for (var c in $scope.runningContainers) {
-          if ($scope.runningContainers[c].Id == netContainer) {
-            $scope.formValues.NetworkContainer = $scope.runningContainers[c];
-          }
-        }
-      }
-      $scope.fromContainerMultipleNetworks = Object.keys(d.NetworkSettings.Networks).length >= 2;
-      if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode]) {
-        if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig) {
-          if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv4Address) {
-            $scope.formValues.IPv4 = d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv4Address;
-          }
-          if (d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv6Address) {
-            $scope.formValues.IPv6 = d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode].IPAMConfig.IPv6Address;
-          }
-        }
-      }
-      $scope.config.NetworkingConfig.EndpointsConfig[$scope.config.HostConfig.NetworkMode] = d.NetworkSettings.Networks[$scope.config.HostConfig.NetworkMode];
-      if (Object.keys(d.NetworkSettings.Networks).length > 1) {
-        var firstNetwork = d.NetworkSettings.Networks[Object.keys(d.NetworkSettings.Networks)[0]];
-        $scope.config.NetworkingConfig.EndpointsConfig[$scope.config.HostConfig.NetworkMode] = firstNetwork;
-        $scope.extraNetworks = angular.copy(d.NetworkSettings.Networks);
-        delete $scope.extraNetworks[Object.keys(d.NetworkSettings.Networks)[0]];
-      }
-      $scope.formValues.MacAddress = d.Config.MacAddress;
-
-      if (d.HostConfig.Dns && d.HostConfig.Dns[0]) {
-        $scope.formValues.DnsPrimary = d.HostConfig.Dns[0];
-        if (d.HostConfig.Dns[1]) {
-          $scope.formValues.DnsSecondary = d.HostConfig.Dns[1];
-        }
-      }
-
-      // ExtraHosts
-      if ($scope.config.HostConfig.ExtraHosts) {
-        var extraHosts = $scope.config.HostConfig.ExtraHosts;
-        for (var i = 0; i < extraHosts.length; i++) {
-          var host = extraHosts[i];
-          $scope.formValues.ExtraHosts.push({ value: host });
-        }
-        $scope.config.HostConfig.ExtraHosts = [];
-      }
-    }
-
-    function loadFromContainerEnvironmentVariables() {
-      var envArr = [];
-      for (var e in $scope.config.Env) {
-        if ({}.hasOwnProperty.call($scope.config.Env, e)) {
-          var arr = $scope.config.Env[e].split(/\=(.*)/);
-          envArr.push({ name: arr[0], value: arr[1] });
-        }
-      }
-      $scope.config.Env = envArr;
-    }
-
-    function loadFromContainerLabels() {
-      for (var l in $scope.config.Labels) {
-        if ({}.hasOwnProperty.call($scope.config.Labels, l)) {
-          $scope.formValues.Labels.push({ name: l, value: $scope.config.Labels[l] });
-        }
-      }
-    }
-
-    function loadFromContainerConsole() {
-      if ($scope.config.OpenStdin && $scope.config.Tty) {
-        $scope.formValues.Console = 'both';
-      } else if (!$scope.config.OpenStdin && $scope.config.Tty) {
-        $scope.formValues.Console = 'tty';
-      } else if ($scope.config.OpenStdin && !$scope.config.Tty) {
-        $scope.formValues.Console = 'interactive';
-      } else if (!$scope.config.OpenStdin && !$scope.config.Tty) {
-        $scope.formValues.Console = 'none';
-      }
-    }
-
-    function loadFromContainerDevices() {
-      var path = [];
-      for (var dev in $scope.config.HostConfig.Devices) {
-        if ({}.hasOwnProperty.call($scope.config.HostConfig.Devices, dev)) {
-          var device = $scope.config.HostConfig.Devices[dev];
-          path.push({ pathOnHost: device.PathOnHost, pathInContainer: device.PathInContainer });
-        }
-      }
-      $scope.config.HostConfig.Devices = path;
-    }
-
-    function loadFromContainerSysctls() {
-      for (var s in $scope.config.HostConfig.Sysctls) {
-        if ({}.hasOwnProperty.call($scope.config.HostConfig.Sysctls, s)) {
-          $scope.formValues.Sysctls.push({ name: s, value: $scope.config.HostConfig.Sysctls[s] });
-        }
-      }
-    }
-
-    function loadFromContainerImageConfig() {
-      RegistryService.retrievePorRegistryModelFromRepository($scope.config.Image)
-        .then((model) => {
-          $scope.formValues.RegistryModel = model;
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to retrive registry');
-        });
-    }
-
-    function loadFromContainerResources(d) {
-      if (d.HostConfig.NanoCpus) {
-        $scope.formValues.CpuLimit = d.HostConfig.NanoCpus / 1000000000;
-      }
-      if (d.HostConfig.Memory) {
-        $scope.formValues.MemoryLimit = d.HostConfig.Memory / 1024 / 1024;
-      }
-      if (d.HostConfig.MemoryReservation) {
-        $scope.formValues.MemoryReservation = d.HostConfig.MemoryReservation / 1024 / 1024;
-      }
-    }
-
-    function loadFromContainerCapabilities(d) {
-      if (d.HostConfig.CapAdd) {
-        d.HostConfig.CapAdd.forEach(function (cap) {
-          $scope.formValues.capabilities.push(new ContainerCapability(cap, true));
-        });
-      }
-      if (d.HostConfig.CapDrop) {
-        d.HostConfig.CapDrop.forEach(function (cap) {
-          $scope.formValues.capabilities.push(new ContainerCapability(cap, false));
-        });
-      }
-
-      function hasCapability(item) {
-        return item.capability === cap.capability;
-      }
-
-      var capabilities = new ContainerCapabilities();
-      for (var i = 0; i < capabilities.length; i++) {
-        var cap = capabilities[i];
-        if (!_.find($scope.formValues.capabilities, hasCapability)) {
-          $scope.formValues.capabilities.push(cap);
-        }
-      }
-
-      $scope.formValues.capabilities.sort(function (a, b) {
-        return a.capability < b.capability ? -1 : 1;
+      })
+      .catch(function error(err) {
+        Notifications.error('Failure', err, 'Unable to retrieve networks');
       });
-    }
 
-    function loadFromContainerSpec() {
-      // Get container
-      Container.get({ id: $transition$.params().from })
-        .$promise.then(function success(d) {
-          var fromContainer = new ContainerDetailsViewModel(d);
-          if (fromContainer.ResourceControl && fromContainer.ResourceControl.Public) {
-            $scope.formValues.AccessControlData.AccessControlEnabled = false;
-          }
-          $scope.fromContainer = fromContainer;
-          $scope.state.mode = 'duplicate';
-          $scope.config = ContainerHelper.configFromContainer(fromContainer.Model);
-          loadFromContainerCmd(d);
-          loadFromContainerEntrypoint(d);
-          loadFromContainerLogging(d);
-          loadFromContainerPortBindings(d);
-          loadFromContainerVolumes(d);
-          loadFromContainerNetworkConfig(d);
-          loadFromContainerEnvironmentVariables(d);
-          loadFromContainerLabels(d);
-          loadFromContainerConsole(d);
-          loadFromContainerDevices(d);
-          loadFromContainerImageConfig(d);
-          loadFromContainerResources(d);
-          loadFromContainerCapabilities(d);
-          loadFromContainerSysctls(d);
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to retrieve container');
-        });
-    }
+    Container.query(
+      {},
+      function (d) {
+        var containers = d;
+        $scope.runningContainers = containers;
+        if ($transition$.params().from) {
+          loadFromContainerSpec();
+        } else {
+          $scope.fromContainer = {};
+          $scope.formValues.capabilities = $scope.areContainerCapabilitiesEnabled ? new ContainerCapabilities() : [];
+        }
+      },
+      function (e) {
+        Notifications.error('Failure', e, 'Unable to retrieve running containers');
+      }
+    );
 
-    function loadFromContainerLogging(config) {
-      var logConfig = config.HostConfig.LogConfig;
-      $scope.formValues.LogDriverName = logConfig.Type;
-      $scope.formValues.LogDriverOpts = _.map(logConfig.Config, function (value, name) {
-        return {
-          name: name,
-          value: value,
-        };
+    SystemService.info()
+      .then(function success(data) {
+        $scope.availableRuntimes = data.Runtimes ? Object.keys(data.Runtimes) : [];
+        $scope.state.sliderMaxCpu = 32;
+        if (data.NCPU) {
+          $scope.state.sliderMaxCpu = data.NCPU;
+        }
+        $scope.state.sliderMaxMemory = 32768;
+        if (data.MemTotal) {
+          $scope.state.sliderMaxMemory = Math.floor(data.MemTotal / 1000 / 1000);
+        }
+      })
+      .catch(function error(err) {
+        Notifications.error('Failure', err, 'Unable to retrieve engine details');
       });
+
+    $scope.allowBindMounts = $scope.isAdminOrEndpointAdmin || endpoint.SecuritySettings.allowBindMountsForRegularUsers;
+    $scope.allowPrivilegedMode = endpoint.SecuritySettings.allowPrivilegedModeForRegularUsers;
+
+    PluginService.loggingPlugins(apiVersion < 1.25).then(function success(loggingDrivers) {
+      $scope.availableLoggingDrivers = loggingDrivers;
+    });
+  }
+
+  function validateForm(accessControlData, isAdmin) {
+    $scope.state.formValidationError = '';
+    var error = '';
+    error = FormValidator.validateAccessControl(accessControlData, isAdmin);
+
+    if (error) {
+      $scope.state.formValidationError = error;
+      return false;
+    }
+    return true;
+  }
+
+  function create() {
+    var oldContainer = null;
+    HttpRequestHelper.setPortainerAgentTargetHeader($scope.formValues.NodeName);
+    return findCurrentContainer().then(setOldContainer).then(confirmCreateContainer).then(startCreationProcess).catch(notifyOnError).finally(final);
+
+    function final() {
+      $scope.state.actionInProgress = false;
     }
 
-    async function initView() {
-      var nodeName = $transition$.params().nodeName;
-      $scope.formValues.NodeName = nodeName;
-      HttpRequestHelper.setPortainerAgentTargetHeader(nodeName);
+    function setOldContainer(container) {
+      oldContainer = container;
+      return container;
+    }
 
-      $scope.isAdmin = Authentication.isAdmin();
-      $scope.showDeviceMapping = await shouldShowDevices();
-      $scope.showSysctls = await shouldShowSysctls();
-      $scope.areContainerCapabilitiesEnabled = await checkIfContainerCapabilitiesEnabled();
-      $scope.isAdminOrEndpointAdmin = Authentication.isAdmin();
-
-      Volume.query(
-        {},
-        function (d) {
-          $scope.availableVolumes = d.Volumes.sort((vol1, vol2) => {
-            return vol1.Name.localeCompare(vol2.Name);
-          });
-        },
-        function (e) {
-          Notifications.error('Failure', e, 'Unable to retrieve volumes');
-        }
-      );
-
-      var provider = $scope.applicationState.endpoint.mode.provider;
-      var apiVersion = $scope.applicationState.endpoint.apiVersion;
-      NetworkService.networks(provider === 'DOCKER_STANDALONE' || provider === 'DOCKER_SWARM_MODE', false, provider === 'DOCKER_SWARM_MODE' && apiVersion >= 1.25)
-        .then(function success(networks) {
-          networks.push({ Name: 'container' });
-          $scope.availableNetworks = networks.sort((a, b) => a.Name.localeCompare(b.Name));
-
-          if (_.find(networks, { Name: 'nat' })) {
-            $scope.config.HostConfig.NetworkMode = 'nat';
+    function findCurrentContainer() {
+      return Container.query({ all: 1, filters: { name: ['^/' + $scope.config.name + '$'] } })
+        .$promise.then(function onQuerySuccess(containers) {
+          if (!containers.length) {
+            return;
           }
+          return containers[0];
         })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to retrieve networks');
-        });
-
-      Container.query(
-        {},
-        function (d) {
-          var containers = d;
-          $scope.runningContainers = containers;
-          if ($transition$.params().from) {
-            loadFromContainerSpec();
-          } else {
-            $scope.fromContainer = {};
-            $scope.formValues.capabilities = $scope.areContainerCapabilitiesEnabled ? new ContainerCapabilities() : [];
-          }
-        },
-        function (e) {
-          Notifications.error('Failure', e, 'Unable to retrieve running containers');
-        }
-      );
-
-      SystemService.info()
-        .then(function success(data) {
-          $scope.availableRuntimes = data.Runtimes ? Object.keys(data.Runtimes) : [];
-          $scope.state.sliderMaxCpu = 32;
-          if (data.NCPU) {
-            $scope.state.sliderMaxCpu = data.NCPU;
-          }
-          $scope.state.sliderMaxMemory = 32768;
-          if (data.MemTotal) {
-            $scope.state.sliderMaxMemory = Math.floor(data.MemTotal / 1000 / 1000);
-          }
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to retrieve engine details');
-        });
-
-      $scope.allowBindMounts = $scope.isAdminOrEndpointAdmin || endpoint.SecuritySettings.allowBindMountsForRegularUsers;
-      $scope.allowPrivilegedMode = endpoint.SecuritySettings.allowPrivilegedModeForRegularUsers;
-
-      PluginService.loggingPlugins(apiVersion < 1.25).then(function success(loggingDrivers) {
-        $scope.availableLoggingDrivers = loggingDrivers;
-      });
-    }
-
-    function validateForm(accessControlData, isAdmin) {
-      $scope.state.formValidationError = '';
-      var error = '';
-      error = FormValidator.validateAccessControl(accessControlData, isAdmin);
-
-      if (error) {
-        $scope.state.formValidationError = error;
-        return false;
-      }
-      return true;
-    }
-
-    function create() {
-      var oldContainer = null;
-      HttpRequestHelper.setPortainerAgentTargetHeader($scope.formValues.NodeName);
-      return findCurrentContainer().then(setOldContainer).then(confirmCreateContainer).then(startCreationProcess).catch(notifyOnError).finally(final);
-
-      function final() {
-        $scope.state.actionInProgress = false;
-      }
-
-      function setOldContainer(container) {
-        oldContainer = container;
-        return container;
-      }
-
-      function findCurrentContainer() {
-        return Container.query({ all: 1, filters: { name: ['^/' + $scope.config.name + '$'] } })
-          .$promise.then(function onQuerySuccess(containers) {
-            if (!containers.length) {
-              return;
-            }
-            return containers[0];
-          })
-          .catch(notifyOnError);
-
-        function notifyOnError(err) {
-          Notifications.error('Failure', err, 'Unable to retrieve containers');
-        }
-      }
-
-      function startCreationProcess(confirmed) {
-        if (!confirmed) {
-          return $q.when();
-        }
-        if (!validateAccessControl()) {
-          return $q.when();
-        }
-        $scope.state.actionInProgress = true;
-        return pullImageIfNeeded()
-          .then(stopAndRenameContainer)
-          .then(createNewContainer)
-          .then(applyResourceControl)
-          .then(connectToExtraNetworks)
-          .then(removeOldContainer)
-          .then(onSuccess)
-          .catch(onCreationProcessFail);
-      }
-
-      function onCreationProcessFail(error) {
-        var deferred = $q.defer();
-        removeNewContainer()
-          .then(restoreOldContainerName)
-          .then(function () {
-            deferred.reject(error);
-          })
-          .catch(function (restoreError) {
-            deferred.reject(restoreError);
-          });
-        return deferred.promise;
-      }
-
-      function removeNewContainer() {
-        return findCurrentContainer().then(function onContainerLoaded(container) {
-          if (container && (!oldContainer || container.Id !== oldContainer.Id)) {
-            return ContainerService.remove(container, true);
-          }
-        });
-      }
-
-      function restoreOldContainerName() {
-        if (!oldContainer) {
-          return;
-        }
-        return ContainerService.renameContainer(oldContainer.Id, oldContainer.Names[0].substring(1));
-      }
-
-      function confirmCreateContainer(container) {
-        if (!container) {
-          return $q.when(true);
-        }
-
-        return showConfirmationModal();
-
-        function showConfirmationModal() {
-          var deferred = $q.defer();
-
-          ModalService.confirm({
-            title: 'Are you sure ?',
-            message: 'A container with the same name already exists. Portainer can automatically remove it and re-create one. Do you want to replace it?',
-            buttons: {
-              confirm: {
-                label: 'Replace',
-                className: 'btn-danger',
-              },
-            },
-            callback: function onConfirm(confirmed) {
-              deferred.resolve(confirmed);
-            },
-          });
-
-          return deferred.promise;
-        }
-      }
-
-      function stopAndRenameContainer() {
-        if (!oldContainer) {
-          return $q.when();
-        }
-        return stopContainerIfNeeded(oldContainer).then(renameContainer);
-      }
-
-      function stopContainerIfNeeded(oldContainer) {
-        if (oldContainer.State !== 'running') {
-          return $q.when();
-        }
-        return ContainerService.stopContainer(oldContainer.Id);
-      }
-
-      function renameContainer() {
-        return ContainerService.renameContainer(oldContainer.Id, oldContainer.Names[0].substring(1) + '-old');
-      }
-
-      function pullImageIfNeeded() {
-        return $q.when($scope.formValues.alwaysPull && ImageService.pullImage($scope.formValues.RegistryModel, true));
-      }
-
-      function createNewContainer() {
-        return $async(async () => {
-          const config = prepareConfiguration();
-          return await ContainerService.createAndStartContainer(config);
-        });
-      }
-
-      function applyResourceControl(newContainer) {
-        const userId = Authentication.getUserDetails().ID;
-        const resourceControl = newContainer.Portainer.ResourceControl;
-        const containerId = newContainer.Id;
-        const accessControlData = $scope.formValues.AccessControlData;
-
-        return ResourceControlService.applyResourceControl(userId, accessControlData, resourceControl).then(function onApplyResourceControlSuccess() {
-          return containerId;
-        });
-      }
-
-      function connectToExtraNetworks(newContainerId) {
-        if (!$scope.extraNetworks) {
-          return $q.when();
-        }
-
-        var connectionPromises = _.forOwn($scope.extraNetworks, function (network, networkName) {
-          if (_.has(network, 'Aliases')) {
-            var aliases = _.filter(network.Aliases, (o) => {
-              return !_.startsWith($scope.fromContainer.Id, o);
-            });
-          }
-          return NetworkService.connectContainer(networkName, newContainerId, aliases);
-        });
-
-        return $q.all(connectionPromises);
-      }
-
-      function removeOldContainer() {
-        var deferred = $q.defer();
-
-        if (!oldContainer) {
-          deferred.resolve();
-          return;
-        }
-
-        ContainerService.remove(oldContainer, true).then(notifyOnRemoval).catch(notifyOnRemoveError);
-
-        return deferred.promise;
-
-        function notifyOnRemoval() {
-          Notifications.success('Container Removed', oldContainer.Id);
-          deferred.resolve();
-        }
-
-        function notifyOnRemoveError(err) {
-          deferred.reject({ msg: 'Unable to remove container', err: err });
-        }
-      }
+        .catch(notifyOnError);
 
       function notifyOnError(err) {
-        Notifications.error('Failure', err, 'Unable to create container');
-      }
-
-      function validateAccessControl() {
-        var accessControlData = $scope.formValues.AccessControlData;
-        return validateForm(accessControlData, $scope.isAdmin);
-      }
-
-      function onSuccess() {
-        Notifications.success('Container successfully created');
-        $state.go('docker.containers', {}, { reload: true });
+        Notifications.error('Failure', err, 'Unable to retrieve containers');
       }
     }
 
-    async function shouldShowDevices() {
-      return endpoint.SecuritySettings.allowDeviceMappingForRegularUsers || Authentication.isAdmin();
+    function startCreationProcess(confirmed) {
+      if (!confirmed) {
+        return $q.when();
+      }
+      if (!validateAccessControl()) {
+        return $q.when();
+      }
+      $scope.state.actionInProgress = true;
+      return pullImageIfNeeded()
+        .then(stopAndRenameContainer)
+        .then(createNewContainer)
+        .then(applyResourceControl)
+        .then(connectToExtraNetworks)
+        .then(removeOldContainer)
+        .then(onSuccess)
+        .catch(onCreationProcessFail);
     }
 
-    async function shouldShowSysctls() {
-      const { allowSysctlSettingForRegularUsers } = $scope.applicationState.application;
-
-      return allowSysctlSettingForRegularUsers || Authentication.isAdmin();
+    function onCreationProcessFail(error) {
+      var deferred = $q.defer();
+      removeNewContainer()
+        .then(restoreOldContainerName)
+        .then(function () {
+          deferred.reject(error);
+        })
+        .catch(function (restoreError) {
+          deferred.reject(restoreError);
+        });
+      return deferred.promise;
     }
 
-    async function checkIfContainerCapabilitiesEnabled() {
-      return endpoint.SecuritySettings.allowContainerCapabilitiesForRegularUsers || Authentication.isAdmin();
+    function removeNewContainer() {
+      return findCurrentContainer().then(function onContainerLoaded(container) {
+        if (container && (!oldContainer || container.Id !== oldContainer.Id)) {
+          return ContainerService.remove(container, true);
+        }
+      });
     }
 
-    initView();
-  },
-]);
+    function restoreOldContainerName() {
+      if (!oldContainer) {
+        return;
+      }
+      return ContainerService.renameContainer(oldContainer.Id, oldContainer.Names[0].substring(1));
+    }
+
+    function confirmCreateContainer(container) {
+      if (!container) {
+        return $q.when(true);
+      }
+
+      return showConfirmationModal();
+
+      function showConfirmationModal() {
+        var deferred = $q.defer();
+
+        ModalService.confirm({
+          title: 'Are you sure ?',
+          message: 'A container with the same name already exists. Portainer can automatically remove it and re-create one. Do you want to replace it?',
+          buttons: {
+            confirm: {
+              label: 'Replace',
+              className: 'btn-danger',
+            },
+          },
+          callback: function onConfirm(confirmed) {
+            deferred.resolve(confirmed);
+          },
+        });
+
+        return deferred.promise;
+      }
+    }
+
+    function stopAndRenameContainer() {
+      if (!oldContainer) {
+        return $q.when();
+      }
+      return stopContainerIfNeeded(oldContainer).then(renameContainer);
+    }
+
+    function stopContainerIfNeeded(oldContainer) {
+      if (oldContainer.State !== 'running') {
+        return $q.when();
+      }
+      return ContainerService.stopContainer(oldContainer.Id);
+    }
+
+    function renameContainer() {
+      return ContainerService.renameContainer(oldContainer.Id, oldContainer.Names[0].substring(1) + '-old');
+    }
+
+    function pullImageIfNeeded() {
+      return $q.when($scope.formValues.alwaysPull && ImageService.pullImage($scope.formValues.RegistryModel, true));
+    }
+
+    function createNewContainer() {
+      return $async(async () => {
+        const config = prepareConfiguration();
+        return await ContainerService.createAndStartContainer(config);
+      });
+    }
+
+    function applyResourceControl(newContainer) {
+      const userId = Authentication.getUserDetails().ID;
+      const resourceControl = newContainer.Portainer.ResourceControl;
+      const containerId = newContainer.Id;
+      const accessControlData = $scope.formValues.AccessControlData;
+
+      return ResourceControlService.applyResourceControl(userId, accessControlData, resourceControl).then(function onApplyResourceControlSuccess() {
+        return containerId;
+      });
+    }
+
+    function connectToExtraNetworks(newContainerId) {
+      if (!$scope.extraNetworks) {
+        return $q.when();
+      }
+
+      var connectionPromises = _.forOwn($scope.extraNetworks, function (network, networkName) {
+        if (_.has(network, 'Aliases')) {
+          var aliases = _.filter(network.Aliases, (o) => {
+            return !_.startsWith($scope.fromContainer.Id, o);
+          });
+        }
+        return NetworkService.connectContainer(networkName, newContainerId, aliases);
+      });
+
+      return $q.all(connectionPromises);
+    }
+
+    function removeOldContainer() {
+      var deferred = $q.defer();
+
+      if (!oldContainer) {
+        deferred.resolve();
+        return;
+      }
+
+      ContainerService.remove(oldContainer, true).then(notifyOnRemoval).catch(notifyOnRemoveError);
+
+      return deferred.promise;
+
+      function notifyOnRemoval() {
+        Notifications.success('Container Removed', oldContainer.Id);
+        deferred.resolve();
+      }
+
+      function notifyOnRemoveError(err) {
+        deferred.reject({ msg: 'Unable to remove container', err: err });
+      }
+    }
+
+    function notifyOnError(err) {
+      Notifications.error('Failure', err, 'Unable to create container');
+    }
+
+    function validateAccessControl() {
+      var accessControlData = $scope.formValues.AccessControlData;
+      return validateForm(accessControlData, $scope.isAdmin);
+    }
+
+    function onSuccess() {
+      Notifications.success('Container successfully created');
+      $state.go('docker.containers', {}, { reload: true });
+    }
+  }
+
+  async function shouldShowDevices() {
+    return endpoint.SecuritySettings.allowDeviceMappingForRegularUsers || Authentication.isAdmin();
+  }
+
+  async function shouldShowSysctls() {
+    const { allowSysctlSettingForRegularUsers } = $scope.applicationState.application;
+
+    return allowSysctlSettingForRegularUsers || Authentication.isAdmin();
+  }
+
+  async function checkIfContainerCapabilitiesEnabled() {
+    return endpoint.SecuritySettings.allowContainerCapabilitiesForRegularUsers || Authentication.isAdmin();
+  }
+
+  initView();
+}
diff --git a/app/docker/views/containers/create/createcontainer.html b/app/docker/views/containers/create/createcontainer.html
index de43d1fa2..3c9a42bf3 100644
--- a/app/docker/views/containers/create/createcontainer.html
+++ b/app/docker/views/containers/create/createcontainer.html
@@ -45,10 +45,11 @@
               auto-complete="true"
               label-class="col-sm-1"
               input-class="col-sm-11"
+              endpoint-id="endpoint.Id"
+              on-image-change="onImageNameChange()"
               endpoint="endpoint"
               is-admin="isAdmin"
               check-rate-limits="formValues.alwaysPull"
-              on-image-change="onImageNameChange()"
               set-validity="setPullImageValidity"
             >
               <!-- always-pull -->
diff --git a/app/docker/views/containers/edit/container.html b/app/docker/views/containers/edit/container.html
index 097162ce0..40cd16358 100644
--- a/app/docker/views/containers/edit/container.html
+++ b/app/docker/views/containers/edit/container.html
@@ -190,7 +190,7 @@
           </div>
           <!-- !tag-description -->
           <!-- image-and-registry -->
-          <por-image-registry model="config.RegistryModel" auto-complete="true" label-class="col-sm-1" input-class="col-sm-11"></por-image-registry>
+          <por-image-registry model="config.RegistryModel" auto-complete="true" label-class="col-sm-1" input-class="col-sm-11" endpoint-id="endpoint.Id"></por-image-registry>
           <!-- !image-and-registry -->
           <!-- tag-note -->
           <div class="form-group">
diff --git a/app/docker/views/containers/edit/containerController.js b/app/docker/views/containers/edit/containerController.js
index 83db4e944..345d56718 100644
--- a/app/docker/views/containers/edit/containerController.js
+++ b/app/docker/views/containers/edit/containerController.js
@@ -21,7 +21,6 @@ angular.module('portainer.docker').controller('ContainerController', [
   'ImageService',
   'HttpRequestHelper',
   'Authentication',
-  'StateManager',
   'endpoint',
   function (
     $q,
@@ -42,9 +41,9 @@ angular.module('portainer.docker').controller('ContainerController', [
     ImageService,
     HttpRequestHelper,
     Authentication,
-    StateManager,
     endpoint
   ) {
+    $scope.endpoint = endpoint;
     $scope.activityTime = 0;
     $scope.portBindings = [];
     $scope.displayRecreateButton = false;
diff --git a/app/docker/views/images/edit/image.html b/app/docker/views/images/edit/image.html
index b8a686edb..84d25b817 100644
--- a/app/docker/views/images/edit/image.html
+++ b/app/docker/views/images/edit/image.html
@@ -63,7 +63,7 @@
       <rd-widget-body>
         <form class="form-horizontal">
           <!-- image-and-registry -->
-          <por-image-registry model="formValues.RegistryModel" label-class="col-sm-1" input-class="col-sm-11"></por-image-registry>
+          <por-image-registry model="formValues.RegistryModel" endpoint-id="endpoint.Id" label-class="col-sm-1" input-class="col-sm-11"></por-image-registry>
           <!-- !image-and-registry -->
           <!-- tag-note -->
           <div class="form-group">
diff --git a/app/docker/views/images/edit/imageController.js b/app/docker/views/images/edit/imageController.js
index 597cdb7a0..f110f603a 100644
--- a/app/docker/views/images/edit/imageController.js
+++ b/app/docker/views/images/edit/imageController.js
@@ -6,7 +6,7 @@ angular.module('portainer.docker').controller('ImageController', [
   '$scope',
   '$transition$',
   '$state',
-  '$timeout',
+  'endpoint',
   'ImageService',
   'ImageHelper',
   'RegistryService',
@@ -15,7 +15,8 @@ angular.module('portainer.docker').controller('ImageController', [
   'ModalService',
   'FileSaver',
   'Blob',
-  function ($q, $scope, $transition$, $state, $timeout, ImageService, ImageHelper, RegistryService, Notifications, HttpRequestHelper, ModalService, FileSaver, Blob) {
+  function ($q, $scope, $transition$, $state, endpoint, ImageService, ImageHelper, RegistryService, Notifications, HttpRequestHelper, ModalService, FileSaver, Blob) {
+    $scope.endpoint = endpoint;
     $scope.formValues = {
       RegistryModel: new PorImageRegistryModel(),
     };
diff --git a/app/docker/views/images/images.html b/app/docker/views/images/images.html
index a2f3034c3..83897cf0c 100644
--- a/app/docker/views/images/images.html
+++ b/app/docker/views/images/images.html
@@ -20,6 +20,7 @@
             pull-warning="true"
             label-class="col-sm-1"
             input-class="col-sm-11"
+            endpoint-id="endpoint.Id"
             endpoint="endpoint"
             is-admin="isAdmin"
             set-validity="setPullImageValidity"
diff --git a/app/docker/views/registries/access/registryAccess.html b/app/docker/views/registries/access/registryAccess.html
new file mode 100644
index 000000000..2f07251d4
--- /dev/null
+++ b/app/docker/views/registries/access/registryAccess.html
@@ -0,0 +1,16 @@
+<rd-header>
+  <rd-header-title title-text="Registry access"></rd-header-title>
+  <rd-header-content> <a ui-sref="docker.registries">Registries</a> &gt; {{ $ctrl.registry.Name }} &gt; Access management </rd-header-content>
+</rd-header>
+
+<registry-details registry="$ctrl.registry" ng-if="$ctrl.registry"></registry-details>
+
+<por-access-management
+  ng-if="$ctrl.registry"
+  access-controlled-entity="$ctrl.registryEndpointAccesses"
+  entity-type="registry"
+  endpoint="$ctrl.endpoint"
+  action-in-progress="$ctrl.state.actionInProgress"
+  update-access="$ctrl.updateAccess"
+>
+</por-access-management>
diff --git a/app/docker/views/registries/access/registryAccess.js b/app/docker/views/registries/access/registryAccess.js
new file mode 100644
index 000000000..7ee0814dd
--- /dev/null
+++ b/app/docker/views/registries/access/registryAccess.js
@@ -0,0 +1,7 @@
+angular.module('portainer.docker').component('dockerRegistryAccessView', {
+  templateUrl: './registryAccess.html',
+  controller: 'DockerRegistryAccessController',
+  bindings: {
+    endpoint: '<',
+  },
+});
diff --git a/app/docker/views/registries/access/registryAccessController.js b/app/docker/views/registries/access/registryAccessController.js
new file mode 100644
index 000000000..9565e540b
--- /dev/null
+++ b/app/docker/views/registries/access/registryAccessController.js
@@ -0,0 +1,48 @@
+class DockerRegistryAccessController {
+  /* @ngInject */
+  constructor($async, $state, Notifications, RegistryService, EndpointService) {
+    this.$async = $async;
+    this.$state = $state;
+    this.Notifications = Notifications;
+    this.EndpointService = EndpointService;
+    this.RegistryService = RegistryService;
+
+    this.updateAccess = this.updateAccess.bind(this);
+  }
+
+  updateAccess() {
+    return this.$async(async () => {
+      this.state.actionInProgress = true;
+      try {
+        await this.EndpointService.updateRegistryAccess(this.state.endpointId, this.state.registryId, this.registryEndpointAccesses);
+        this.Notifications.success('Access successfully updated');
+        this.$state.reload();
+      } catch (err) {
+        this.state.actionInProgress = false;
+        this.Notifications.error('Failure', err, 'Unable to update accesses');
+      }
+    });
+  }
+
+  $onInit() {
+    return this.$async(async () => {
+      try {
+        this.state = {
+          viewReady: false,
+          actionInProgress: false,
+          endpointId: this.$state.params.endpointId,
+          registryId: this.$state.params.id,
+        };
+        this.registry = await this.RegistryService.registry(this.state.registryId, this.state.endpointId);
+        this.registryEndpointAccesses = this.registry.RegistryAccesses[this.state.endpointId] || {};
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registry details');
+      } finally {
+        this.state.viewReady = true;
+      }
+    });
+  }
+}
+
+export default DockerRegistryAccessController;
+angular.module('portainer.docker').controller('DockerRegistryAccessController', DockerRegistryAccessController);
diff --git a/app/docker/views/services/create/createservice.html b/app/docker/views/services/create/createservice.html
index 3e2be2cba..1d6034a3a 100644
--- a/app/docker/views/services/create/createservice.html
+++ b/app/docker/views/services/create/createservice.html
@@ -25,6 +25,7 @@
             auto-complete="true"
             label-class="col-sm-1"
             input-class="col-sm-11"
+            endpoint-id="endpoint.Id"
             endpoint="endpoint"
             is-admin="isAdmin"
             check-rate-limits="true"
diff --git a/app/docker/views/services/edit/includes/image.html b/app/docker/views/services/edit/includes/image.html
index 2a3fae3a2..1ce46156d 100644
--- a/app/docker/views/services/edit/includes/image.html
+++ b/app/docker/views/services/edit/includes/image.html
@@ -8,6 +8,7 @@
           auto-complete="true"
           label-class="col-sm-1"
           input-class="col-sm-11"
+          endpoint-id="endpoint.Id"
           endpoint="endpoint"
           is-admin="isAdmin"
           check-rate-limits="true"
diff --git a/app/docker/views/services/edit/serviceController.js b/app/docker/views/services/edit/serviceController.js
index cb41d94d8..ae33cb2bd 100644
--- a/app/docker/views/services/edit/serviceController.js
+++ b/app/docker/views/services/edit/serviceController.js
@@ -47,7 +47,6 @@ angular.module('portainer.docker').controller('ServiceController', [
   'VolumeService',
   'ImageHelper',
   'WebhookService',
-  'EndpointProvider',
   'clipboard',
   'WebhookHelper',
   'NetworkService',
@@ -79,7 +78,6 @@ angular.module('portainer.docker').controller('ServiceController', [
     VolumeService,
     ImageHelper,
     WebhookService,
-    EndpointProvider,
     clipboard,
     WebhookHelper,
     NetworkService,
@@ -330,7 +328,7 @@ angular.module('portainer.docker').controller('ServiceController', [
             Notifications.error('Failure', err, 'Unable to delete webhook');
           });
       } else {
-        WebhookService.createServiceWebhook(service.Id, EndpointProvider.endpointID())
+        WebhookService.createServiceWebhook(service.Id, endpoint.Id)
           .then(function success(data) {
             $scope.WebhookExists = true;
             $scope.webhookID = data.Id;
@@ -678,7 +676,7 @@ angular.module('portainer.docker').controller('ServiceController', [
             availableImages: ImageService.images(),
             availableLoggingDrivers: PluginService.loggingPlugins(apiVersion < 1.25),
             availableNetworks: NetworkService.networks(true, true, apiVersion >= 1.25),
-            webhooks: WebhookService.webhooks(service.Id, EndpointProvider.endpointID()),
+            webhooks: WebhookService.webhooks(service.Id, endpoint.Id),
           });
         })
         .then(async function success(data) {
diff --git a/app/kubernetes/__module.js b/app/kubernetes/__module.js
index c48095d81..60ef7b5e6 100644
--- a/app/kubernetes/__module.js
+++ b/app/kubernetes/__module.js
@@ -1,4 +1,6 @@
-angular.module('portainer.kubernetes', ['portainer.app']).config([
+import registriesModule from './registries';
+
+angular.module('portainer.kubernetes', ['portainer.app', registriesModule]).config([
   '$stateRegistryProvider',
   function ($stateRegistryProvider) {
     'use strict';
@@ -262,6 +264,26 @@ angular.module('portainer.kubernetes', ['portainer.app']).config([
       },
     };
 
+    const registries = {
+      name: 'kubernetes.registries',
+      url: '/registries',
+      views: {
+        'content@': {
+          component: 'endpointRegistriesView',
+        },
+      },
+    };
+
+    const registriesAccess = {
+      name: 'kubernetes.registries.access',
+      url: '/:id/access',
+      views: {
+        'content@': {
+          component: 'kubernetesRegistryAccessView',
+        },
+      },
+    };
+
     $stateRegistryProvider.register(kubernetes);
     $stateRegistryProvider.register(applications);
     $stateRegistryProvider.register(applicationCreation);
@@ -286,5 +308,7 @@ angular.module('portainer.kubernetes', ['portainer.app']).config([
     $stateRegistryProvider.register(resourcePoolAccess);
     $stateRegistryProvider.register(volumes);
     $stateRegistryProvider.register(volume);
+    $stateRegistryProvider.register(registries);
+    $stateRegistryProvider.register(registriesAccess);
   },
 ]);
diff --git a/app/kubernetes/components/kubernetes-sidebar-content/kubernetesSidebarContent.html b/app/kubernetes/components/kubernetes-sidebar-content/kubernetesSidebarContent.html
index 90785a22c..18265ba47 100644
--- a/app/kubernetes/components/kubernetes-sidebar-content/kubernetesSidebarContent.html
+++ b/app/kubernetes/components/kubernetes-sidebar-content/kubernetesSidebarContent.html
@@ -15,7 +15,17 @@
 </li>
 <li class="sidebar-list">
   <a ui-sref="kubernetes.cluster({endpointId: $ctrl.endpointId})" ui-sref-active="active">Cluster <span class="menu-icon fa fa-server fa-fw"></span></a>
-  <div class="sidebar-sublist" ng-if="$ctrl.adminAccess && ($ctrl.currentState === 'kubernetes.cluster' || $ctrl.currentState === 'portainer.endpoints.endpoint.kubernetesConfig')">
-    <a ui-sref="portainer.endpoints.endpoint.kubernetesConfig({id: $ctrl.endpointId})" ui-sref-active="active">Setup</a>
+  <div
+    ng-if="
+      $ctrl.adminAccess &&
+      ['kubernetes.cluster', 'portainer.endpoints.endpoint.kubernetesConfig', 'kubernetes.registries', 'kubernetes.registries.access'].includes($ctrl.currentRouteName)
+    "
+  >
+    <div class="sidebar-sublist">
+      <a ui-sref="portainer.endpoints.endpoint.kubernetesConfig({id: $ctrl.endpointId})" ui-sref-active="active">Setup</a>
+    </div>
+    <div class="sidebar-sublist">
+      <a ui-sref="kubernetes.registries({endpointId: $ctrl.endpointId})" ui-sref-active="active">Registries</a>
+    </div>
   </div>
 </li>
diff --git a/app/kubernetes/converters/application.js b/app/kubernetes/converters/application.js
index 97f257f95..4ec84f802 100644
--- a/app/kubernetes/converters/application.js
+++ b/app/kubernetes/converters/application.js
@@ -62,6 +62,9 @@ class KubernetesApplicationConverter {
     if (containers.length) {
       res.Image = containers[0].image;
     }
+    if (data.spec.template && data.spec.template.spec && data.spec.template.spec.imagePullSecrets && data.spec.template.spec.imagePullSecrets.length) {
+      res.RegistryId = parseInt(data.spec.template.spec.imagePullSecrets[0].name.replace('registry-', ''), 10);
+    }
     res.CreationDate = data.metadata.creationTimestamp;
     res.Env = _.without(_.flatMap(_.map(containers, 'env')), undefined);
     res.Pods = data.spec.selector ? KubernetesApplicationHelper.associatePodsAndApplication(pods, data.spec.selector) : [data];
@@ -268,7 +271,8 @@ class KubernetesApplicationConverter {
     res.Name = app.Name;
     res.StackName = app.StackName;
     res.ApplicationOwner = app.ApplicationOwner;
-    res.Image = app.Image;
+    res.ImageModel.Image = app.Image;
+    res.ImageModel.Registry.Id = app.RegistryId;
     res.ReplicaCount = app.TotalPodsCount;
     res.MemoryLimit = KubernetesResourceReservationHelper.megaBytesValue(app.Limits.Memory);
     res.CpuLimit = app.Limits.Cpu;
@@ -292,7 +296,10 @@ class KubernetesApplicationConverter {
       res.PublishingType = KubernetesApplicationPublishingTypes.INTERNAL;
     }
 
-    KubernetesApplicationHelper.generatePlacementsFormValuesFromAffinity(res, app.Pods[0].Affinity, nodesLabels);
+    if (app.Pods && app.Pods.length) {
+      KubernetesApplicationHelper.generatePlacementsFormValuesFromAffinity(res, app.Pods[0].Affinity, nodesLabels);
+    }
+
     return res;
   }
 
diff --git a/app/kubernetes/converters/daemonSet.js b/app/kubernetes/converters/daemonSet.js
index 063005593..8f95eba1c 100644
--- a/app/kubernetes/converters/daemonSet.js
+++ b/app/kubernetes/converters/daemonSet.js
@@ -10,10 +10,11 @@ import {
 import KubernetesApplicationHelper from 'Kubernetes/helpers/application';
 import KubernetesResourceReservationHelper from 'Kubernetes/helpers/resourceReservationHelper';
 import KubernetesCommonHelper from 'Kubernetes/helpers/commonHelper';
+import { buildImageFullURI } from 'Docker/helpers/imageHelper';
 
 class KubernetesDaemonSetConverter {
   /**
-   * Generate KubernetesDaemonSet from KubenetesApplicationFormValues
+   * Generate KubernetesDaemonSet from KubernetesApplicationFormValues
    * @param {KubernetesApplicationFormValues} formValues
    */
   static applicationFormValuesToDaemonSet(formValues, volumeClaims) {
@@ -23,7 +24,7 @@ class KubernetesDaemonSetConverter {
     res.StackName = formValues.StackName ? formValues.StackName : formValues.Name;
     res.ApplicationOwner = formValues.ApplicationOwner;
     res.ApplicationName = formValues.Name;
-    res.Image = formValues.Image;
+    res.ImageModel = formValues.ImageModel;
     res.CpuLimit = formValues.CpuLimit;
     res.MemoryLimit = KubernetesResourceReservationHelper.bytesValue(formValues.MemoryLimit);
     res.Env = KubernetesApplicationHelper.generateEnvFromEnvVariables(formValues.EnvironmentVariables);
@@ -35,7 +36,7 @@ class KubernetesDaemonSetConverter {
 
   /**
    * Generate CREATE payload from DaemonSet
-   * @param {KubernetesDaemonSetPayload} model DaemonSet to genereate payload from
+   * @param {KubernetesDaemonSetPayload} model DaemonSet to generate payload from
    */
   static createPayload(daemonSet) {
     const payload = new KubernetesDaemonSetCreatePayload();
@@ -50,7 +51,10 @@ class KubernetesDaemonSetConverter {
     payload.spec.template.metadata.labels.app = daemonSet.Name;
     payload.spec.template.metadata.labels[KubernetesPortainerApplicationNameLabel] = daemonSet.ApplicationName;
     payload.spec.template.spec.containers[0].name = daemonSet.Name;
-    payload.spec.template.spec.containers[0].image = daemonSet.Image;
+    payload.spec.template.spec.containers[0].image = buildImageFullURI(daemonSet.ImageModel);
+    if (daemonSet.ImageModel.Registry && daemonSet.ImageModel.Registry.Authentication) {
+      payload.spec.template.spec.imagePullSecrets = [{ name: `registry-${daemonSet.ImageModel.Registry.Id}` }];
+    }
     payload.spec.template.spec.affinity = daemonSet.Affinity;
     KubernetesCommonHelper.assignOrDeleteIfEmpty(payload, 'spec.template.spec.containers[0].env', daemonSet.Env);
     KubernetesCommonHelper.assignOrDeleteIfEmpty(payload, 'spec.template.spec.containers[0].volumeMounts', daemonSet.VolumeMounts);
diff --git a/app/kubernetes/converters/deployment.js b/app/kubernetes/converters/deployment.js
index 471faa179..080644641 100644
--- a/app/kubernetes/converters/deployment.js
+++ b/app/kubernetes/converters/deployment.js
@@ -11,6 +11,7 @@ import {
 import KubernetesApplicationHelper from 'Kubernetes/helpers/application';
 import KubernetesResourceReservationHelper from 'Kubernetes/helpers/resourceReservationHelper';
 import KubernetesCommonHelper from 'Kubernetes/helpers/commonHelper';
+import { buildImageFullURI } from 'Docker/helpers/imageHelper';
 
 class KubernetesDeploymentConverter {
   /**
@@ -25,7 +26,7 @@ class KubernetesDeploymentConverter {
     res.ApplicationOwner = formValues.ApplicationOwner;
     res.ApplicationName = formValues.Name;
     res.ReplicaCount = formValues.ReplicaCount;
-    res.Image = formValues.Image;
+    res.ImageModel = formValues.ImageModel;
     res.CpuLimit = formValues.CpuLimit;
     res.MemoryLimit = KubernetesResourceReservationHelper.bytesValue(formValues.MemoryLimit);
     res.Env = KubernetesApplicationHelper.generateEnvFromEnvVariables(formValues.EnvironmentVariables);
@@ -53,7 +54,10 @@ class KubernetesDeploymentConverter {
     payload.spec.template.metadata.labels.app = deployment.Name;
     payload.spec.template.metadata.labels[KubernetesPortainerApplicationNameLabel] = deployment.ApplicationName;
     payload.spec.template.spec.containers[0].name = deployment.Name;
-    payload.spec.template.spec.containers[0].image = deployment.Image;
+    payload.spec.template.spec.containers[0].image = buildImageFullURI(deployment.ImageModel);
+    if (deployment.ImageModel.Registry && deployment.ImageModel.Registry.Authentication) {
+      payload.spec.template.spec.imagePullSecrets = [{ name: `registry-${deployment.ImageModel.Registry.Id}` }];
+    }
     payload.spec.template.spec.affinity = deployment.Affinity;
     KubernetesCommonHelper.assignOrDeleteIfEmpty(payload, 'spec.template.spec.containers[0].env', deployment.Env);
     KubernetesCommonHelper.assignOrDeleteIfEmpty(payload, 'spec.template.spec.containers[0].volumeMounts', deployment.VolumeMounts);
diff --git a/app/kubernetes/converters/resourcePool.js b/app/kubernetes/converters/resourcePool.js
index 234d13d27..eb20ce5e4 100644
--- a/app/kubernetes/converters/resourcePool.js
+++ b/app/kubernetes/converters/resourcePool.js
@@ -28,7 +28,16 @@ class KubernetesResourcePoolConverter {
       }
     });
     const ingresses = _.without(ingMap, undefined);
-    return [namespace, quota, ingresses];
+    const registries = _.map(formValues.Registries, (r) => {
+      if (!r.RegistryAccesses[formValues.EndpointId]) {
+        r.RegistryAccesses[formValues.EndpointId] = { Namespaces: [] };
+      }
+      if (!_.includes(r.RegistryAccesses[formValues.EndpointId].Namespaces, formValues.Name)) {
+        r.RegistryAccesses[formValues.EndpointId].Namespaces = [...r.RegistryAccesses[formValues.EndpointId].Namespaces, formValues.Name];
+      }
+      return r;
+    });
+    return [namespace, quota, ingresses, registries];
   }
 }
 
diff --git a/app/kubernetes/converters/statefulSet.js b/app/kubernetes/converters/statefulSet.js
index 26cffd4ac..a7693513b 100644
--- a/app/kubernetes/converters/statefulSet.js
+++ b/app/kubernetes/converters/statefulSet.js
@@ -12,6 +12,7 @@ import {
 import KubernetesApplicationHelper from 'Kubernetes/helpers/application';
 import KubernetesResourceReservationHelper from 'Kubernetes/helpers/resourceReservationHelper';
 import KubernetesCommonHelper from 'Kubernetes/helpers/commonHelper';
+import { buildImageFullURI } from 'Docker/helpers/imageHelper';
 import KubernetesPersistentVolumeClaimConverter from './persistentVolumeClaim';
 
 class KubernetesStatefulSetConverter {
@@ -27,7 +28,7 @@ class KubernetesStatefulSetConverter {
     res.ApplicationOwner = formValues.ApplicationOwner;
     res.ApplicationName = formValues.Name;
     res.ReplicaCount = formValues.ReplicaCount;
-    res.Image = formValues.Image;
+    res.ImageModel = formValues.ImageModel;
     res.CpuLimit = formValues.CpuLimit;
     res.MemoryLimit = KubernetesResourceReservationHelper.bytesValue(formValues.MemoryLimit);
     res.Env = KubernetesApplicationHelper.generateEnvFromEnvVariables(formValues.EnvironmentVariables);
@@ -56,7 +57,12 @@ class KubernetesStatefulSetConverter {
     payload.spec.template.metadata.labels.app = statefulSet.Name;
     payload.spec.template.metadata.labels[KubernetesPortainerApplicationNameLabel] = statefulSet.ApplicationName;
     payload.spec.template.spec.containers[0].name = statefulSet.Name;
-    payload.spec.template.spec.containers[0].image = statefulSet.Image;
+    if (statefulSet.ImageModel.Image) {
+      payload.spec.template.spec.containers[0].image = buildImageFullURI(statefulSet.ImageModel);
+      if (statefulSet.ImageModel.Registry && statefulSet.ImageModel.Registry.Authentication) {
+        payload.spec.template.spec.imagePullSecrets = [{ name: `registry-${statefulSet.ImageModel.Registry.Id}` }];
+      }
+    }
     payload.spec.template.spec.affinity = statefulSet.Affinity;
     KubernetesCommonHelper.assignOrDeleteIfEmpty(payload, 'spec.template.spec.containers[0].env', statefulSet.Env);
     KubernetesCommonHelper.assignOrDeleteIfEmpty(payload, 'spec.template.spec.containers[0].volumeMounts', statefulSet.VolumeMounts);
diff --git a/app/kubernetes/models/application/formValues.js b/app/kubernetes/models/application/formValues.js
index a5ed94391..47482ac65 100644
--- a/app/kubernetes/models/application/formValues.js
+++ b/app/kubernetes/models/application/formValues.js
@@ -1,37 +1,34 @@
+import { PorImageRegistryModel } from '@/docker/models/porImageRegistry';
 import { KubernetesApplicationDataAccessPolicies, KubernetesApplicationDeploymentTypes, KubernetesApplicationPublishingTypes, KubernetesApplicationPlacementTypes } from './models';
 
 /**
  * KubernetesApplicationFormValues Model
  */
-const _KubernetesApplicationFormValues = Object.freeze({
-  ApplicationType: undefined, // will only exist for formValues generated from Application (app edit situation)
-  ResourcePool: {},
-  Name: '',
-  StackName: '',
-  ApplicationOwner: '',
-  Image: '',
-  Note: '',
-  MemoryLimit: 0,
-  CpuLimit: 0,
-  DeploymentType: KubernetesApplicationDeploymentTypes.REPLICATED,
-  ReplicaCount: 1,
-  AutoScaler: {},
-  Containers: [],
-  EnvironmentVariables: [], // KubernetesApplicationEnvironmentVariableFormValue list
-  DataAccessPolicy: KubernetesApplicationDataAccessPolicies.SHARED,
-  PersistedFolders: [], // KubernetesApplicationPersistedFolderFormValue list
-  Configurations: [], // KubernetesApplicationConfigurationFormValue list
-  PublishingType: KubernetesApplicationPublishingTypes.INTERNAL,
-  PublishedPorts: [], // KubernetesApplicationPublishedPortFormValue list
-  PlacementType: KubernetesApplicationPlacementTypes.PREFERRED,
-  Placements: [], // KubernetesApplicationPlacementFormValue list
-  OriginalIngresses: undefined,
-});
-
-export class KubernetesApplicationFormValues {
-  constructor() {
-    Object.assign(this, JSON.parse(JSON.stringify(_KubernetesApplicationFormValues)));
-  }
+export function KubernetesApplicationFormValues() {
+  return {
+    ApplicationType: undefined, // will only exist for formValues generated from Application (app edit situation)
+    ResourcePool: {},
+    Name: '',
+    StackName: '',
+    ApplicationOwner: '',
+    ImageModel: new PorImageRegistryModel(),
+    Note: '',
+    MemoryLimit: 0,
+    CpuLimit: 0,
+    DeploymentType: KubernetesApplicationDeploymentTypes.REPLICATED,
+    ReplicaCount: 1,
+    AutoScaler: {},
+    Containers: [],
+    EnvironmentVariables: [], // KubernetesApplicationEnvironmentVariableFormValue list
+    DataAccessPolicy: KubernetesApplicationDataAccessPolicies.SHARED,
+    PersistedFolders: [], // KubernetesApplicationPersistedFolderFormValue list
+    Configurations: [], // KubernetesApplicationConfigurationFormValue list
+    PublishingType: KubernetesApplicationPublishingTypes.INTERNAL,
+    PublishedPorts: [], // KubernetesApplicationPublishedPortFormValue list
+    PlacementType: KubernetesApplicationPlacementTypes.PREFERRED,
+    Placements: [], // KubernetesApplicationPlacementFormValue list
+    OriginalIngresses: undefined,
+  };
 }
 
 export const KubernetesApplicationConfigurationFormValueOverridenKeyTypes = Object.freeze({
diff --git a/app/kubernetes/models/daemon-set/models.js b/app/kubernetes/models/daemon-set/models.js
index a4c4fc411..4f2f82ed1 100644
--- a/app/kubernetes/models/daemon-set/models.js
+++ b/app/kubernetes/models/daemon-set/models.js
@@ -5,7 +5,7 @@ const _KubernetesDaemonSet = Object.freeze({
   Namespace: '',
   Name: '',
   StackName: '',
-  Image: '',
+  ImageModel: null,
   Env: [],
   CpuLimit: 0,
   MemoryLimit: 0,
diff --git a/app/kubernetes/models/deployment/models.js b/app/kubernetes/models/deployment/models.js
index df8a8d79c..05a6963df 100644
--- a/app/kubernetes/models/deployment/models.js
+++ b/app/kubernetes/models/deployment/models.js
@@ -6,7 +6,7 @@ const _KubernetesDeployment = Object.freeze({
   Name: '',
   StackName: '',
   ReplicaCount: 0,
-  Image: '',
+  ImageModel: null,
   Env: [],
   CpuLimit: 0,
   MemoryLimit: 0,
diff --git a/app/kubernetes/models/resource-pool/formValues.js b/app/kubernetes/models/resource-pool/formValues.js
index bb3f598c0..fca07da3b 100644
--- a/app/kubernetes/models/resource-pool/formValues.js
+++ b/app/kubernetes/models/resource-pool/formValues.js
@@ -1,10 +1,12 @@
 export function KubernetesResourcePoolFormValues(defaults) {
   return {
+    EndpointId: 0,
     Name: '',
     MemoryLimit: defaults.MemoryLimit,
     CpuLimit: defaults.CpuLimit,
     HasQuota: false,
     IngressClasses: [], // KubernetesResourcePoolIngressClassFormValue
+    Registries: [], // RegistryViewModel
   };
 }
 
diff --git a/app/kubernetes/models/stateful-set/models.js b/app/kubernetes/models/stateful-set/models.js
index 28609416c..fa445799f 100644
--- a/app/kubernetes/models/stateful-set/models.js
+++ b/app/kubernetes/models/stateful-set/models.js
@@ -6,7 +6,7 @@ const _KubernetesStatefulSet = Object.freeze({
   Name: '',
   StackName: '',
   ReplicaCount: 0,
-  Image: '',
+  ImageModel: null,
   Env: [],
   CpuLimit: '',
   MemoryLimit: '',
diff --git a/app/kubernetes/registries/index.js b/app/kubernetes/registries/index.js
new file mode 100644
index 000000000..54373821c
--- /dev/null
+++ b/app/kubernetes/registries/index.js
@@ -0,0 +1,5 @@
+import angular from 'angular';
+
+import { kubernetesRegistryAccessView } from './kube-registry-access-view';
+
+export default angular.module('portainer.kubernetes.registries', []).component('kubernetesRegistryAccessView', kubernetesRegistryAccessView).name;
diff --git a/app/kubernetes/registries/kube-registry-access-view/index.js b/app/kubernetes/registries/kube-registry-access-view/index.js
new file mode 100644
index 000000000..bf51890e0
--- /dev/null
+++ b/app/kubernetes/registries/kube-registry-access-view/index.js
@@ -0,0 +1,9 @@
+import controller from './kube-registry-access-view.controller';
+
+export const kubernetesRegistryAccessView = {
+  templateUrl: './kube-registry-access-view.html',
+  controller,
+  bindings: {
+    endpoint: '<',
+  },
+};
diff --git a/app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.controller.js b/app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.controller.js
new file mode 100644
index 000000000..f9c86154f
--- /dev/null
+++ b/app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.controller.js
@@ -0,0 +1,71 @@
+export default class KubernetesRegistryAccessController {
+  /* @ngInject */
+  constructor($async, $state, EndpointService, Notifications, RegistryService, KubernetesResourcePoolService, KubernetesNamespaceHelper) {
+    this.$async = $async;
+    this.$state = $state;
+    this.Notifications = Notifications;
+    this.RegistryService = RegistryService;
+    this.KubernetesResourcePoolService = KubernetesResourcePoolService;
+    this.KubernetesNamespaceHelper = KubernetesNamespaceHelper;
+    this.EndpointService = EndpointService;
+
+    this.state = {
+      actionInProgress: false,
+    };
+
+    this.selectedResourcePools = [];
+    this.resourcePools = [];
+    this.savedResourcePools = [];
+
+    this.handleRemove = this.handleRemove.bind(this);
+  }
+
+  async submit() {
+    return this.updateNamespaces([...this.savedResourcePools.map(({ value }) => value), ...this.selectedResourcePools.map((pool) => pool.name)]);
+  }
+
+  handleRemove(namespaces) {
+    const removeNamespaces = namespaces.map(({ value }) => value);
+
+    return this.updateNamespaces(this.savedResourcePools.map(({ value }) => value).filter((value) => !removeNamespaces.includes(value)));
+  }
+
+  updateNamespaces(namespaces) {
+    return this.$async(async () => {
+      try {
+        await this.EndpointService.updateRegistryAccess(this.endpoint.Id, this.registry.Id, {
+          namespaces,
+        });
+        this.$state.reload();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Failed saving registry access');
+      }
+    });
+  }
+
+  $onInit() {
+    return this.$async(async () => {
+      try {
+        this.state = {
+          registryId: this.$state.params.id,
+        };
+        this.registry = await this.RegistryService.registry(this.state.registryId, this.endpoint.Id);
+        if (this.registry.RegistryAccesses && this.registry.RegistryAccesses[this.endpoint.Id]) {
+          this.savedResourcePools = this.registry.RegistryAccesses[this.endpoint.Id].Namespaces.map((value) => ({ value }));
+        }
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registry details');
+      }
+
+      try {
+        const resourcePools = await this.KubernetesResourcePoolService.get();
+
+        this.resourcePools = resourcePools
+          .filter((pool) => !this.KubernetesNamespaceHelper.isSystemNamespace(pool.Namespace.Name) && !this.savedResourcePools.find(({ value }) => value === pool.Namespace.Name))
+          .map((pool) => ({ name: pool.Namespace.Name, id: pool.Namespace.Id }));
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve resource pools');
+      }
+    });
+  }
+}
diff --git a/app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.html b/app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.html
new file mode 100644
index 000000000..bd8129b73
--- /dev/null
+++ b/app/kubernetes/registries/kube-registry-access-view/kube-registry-access-view.html
@@ -0,0 +1,72 @@
+<rd-header>
+  <rd-header-title title-text="Registry access"></rd-header-title>
+  <rd-header-content> <a ui-sref="kubernetes.registries">Registries</a> &gt; {{ $ctrl.registry.Name }} &gt; Access management </rd-header-content>
+</rd-header>
+
+<registry-details registry="$ctrl.registry" ng-if="$ctrl.registry"></registry-details>
+
+<div class="row">
+  <div class="col-sm-12">
+    <rd-widget>
+      <rd-widget-header icon="fa-user-lock" title-text="Create access"></rd-widget-header>
+      <rd-widget-body>
+        <form class="form-horizontal">
+          <div class="form-group">
+            <label class="col-sm-3 col-lg-2 control-label text-left" style="padding-top: 0;">
+              Select resource pools
+            </label>
+            <div class="col-sm-9 col-lg-4">
+              <span class="small text-muted" ng-if="!$ctrl.resourcePools.length">
+                No resource pools available.
+              </span>
+              <span
+                isteven-multi-select
+                ng-if="$ctrl.resourcePools.length"
+                input-model="$ctrl.resourcePools"
+                output-model="$ctrl.selectedResourcePools"
+                button-label="name"
+                item-label="name"
+                tick-property="ticked"
+                helper-elements="filter"
+                search-property="name"
+                translation="{nothingSelected: 'Select one or more resource pools', search: 'Search...'}"
+              >
+              </span>
+            </div>
+          </div>
+
+          <!-- actions -->
+          <div class="form-group">
+            <div class="col-sm-12">
+              <button
+                type="submit"
+                class="btn btn-primary btn-sm"
+                ng-disabled="$ctrl.selectedResourcePools.length === 0 || $ctrl.state.actionInProgress"
+                ng-click="$ctrl.submit()"
+                button-spinner="$ctrl.state.actionInProgress"
+              >
+                <span ng-hide="$ctrl.state.actionInProgress"><i class="fa fa-plus" aria-hidden="true"></i> Create access</span>
+                <span ng-show="$ctrl.state.actionInProgress">Creating access...</span>
+              </button>
+            </div>
+          </div>
+          <!-- !actions -->
+        </form>
+      </rd-widget-body>
+    </rd-widget>
+  </div>
+</div>
+<div class="row">
+  <div class="col-sm-12">
+    <strings-datatable
+      title-text="Access"
+      title-icon="fa-user-lock"
+      table-key="access_registry_resourcepools"
+      dataset="$ctrl.savedResourcePools"
+      empty-dataset-message="No resource pool has been authorized yet."
+      on-remove="($ctrl.handleRemove)"
+      column-header="Resource pool"
+    >
+    </strings-datatable>
+  </div>
+</div>
diff --git a/app/kubernetes/services/resourcePoolService.js b/app/kubernetes/services/resourcePoolService.js
index f492c6ef4..49198b6f0 100644
--- a/app/kubernetes/services/resourcePoolService.js
+++ b/app/kubernetes/services/resourcePoolService.js
@@ -5,7 +5,7 @@ import KubernetesResourcePoolConverter from 'Kubernetes/converters/resourcePool'
 import KubernetesResourceQuotaHelper from 'Kubernetes/helpers/resourceQuotaHelper';
 
 /* @ngInject */
-export function KubernetesResourcePoolService($async, KubernetesNamespaceService, KubernetesResourceQuotaService, KubernetesIngressService) {
+export function KubernetesResourcePoolService($async, EndpointService, KubernetesNamespaceService, KubernetesResourceQuotaService, KubernetesIngressService) {
   return {
     get,
     create,
@@ -59,7 +59,7 @@ export function KubernetesResourcePoolService($async, KubernetesNamespaceService
   function create(formValues) {
     return $async(async () => {
       try {
-        const [namespace, quota, ingresses] = KubernetesResourcePoolConverter.formValuesToResourcePool(formValues);
+        const [namespace, quota, ingresses, registries] = KubernetesResourcePoolConverter.formValuesToResourcePool(formValues);
         await KubernetesNamespaceService.create(namespace);
 
         if (quota) {
@@ -67,6 +67,10 @@ export function KubernetesResourcePoolService($async, KubernetesNamespaceService
         }
         const ingressPromises = _.map(ingresses, (i) => KubernetesIngressService.create(i));
         await Promise.all(ingressPromises);
+
+        const endpointId = formValues.EndpointId;
+        const registriesPromises = _.map(registries, (r) => EndpointService.updateRegistryAccess(endpointId, r.Id, r.RegistryAccesses[endpointId]));
+        await Promise.all(registriesPromises);
       } catch (err) {
         throw err;
       }
@@ -76,8 +80,8 @@ export function KubernetesResourcePoolService($async, KubernetesNamespaceService
   function patch(oldFormValues, newFormValues) {
     return $async(async () => {
       try {
-        const [oldNamespace, oldQuota, oldIngresses] = KubernetesResourcePoolConverter.formValuesToResourcePool(oldFormValues);
-        const [newNamespace, newQuota, newIngresses] = KubernetesResourcePoolConverter.formValuesToResourcePool(newFormValues);
+        const [oldNamespace, oldQuota, oldIngresses, oldRegistries] = KubernetesResourcePoolConverter.formValuesToResourcePool(oldFormValues);
+        const [newNamespace, newQuota, newIngresses, newRegistries] = KubernetesResourcePoolConverter.formValuesToResourcePool(newFormValues);
         void oldNamespace, newNamespace;
 
         if (oldQuota && newQuota) {
@@ -103,6 +107,18 @@ export function KubernetesResourcePoolService($async, KubernetesNamespaceService
 
         const promises = _.flatten([createPromises, delPromises, patchPromises]);
         await Promise.all(promises);
+
+        const endpointId = newFormValues.EndpointId;
+        const keptRegistries = _.intersectionBy(oldRegistries, newRegistries, 'Id');
+        const removedRegistries = _.without(oldRegistries, ...keptRegistries);
+
+        const newRegistriesPromises = _.map(newRegistries, (r) => EndpointService.updateRegistryAccess(endpointId, r.Id, r.RegistryAccesses[endpointId]));
+        const removedRegistriesPromises = _.map(removedRegistries, (r) => {
+          _.pull(r.RegistryAccesses[endpointId].Namespaces, newFormValues.Name);
+          return EndpointService.updateRegistryAccess(endpointId, r.Id, r.RegistryAccesses[endpointId]);
+        });
+
+        await Promise.all(_.concat(newRegistriesPromises, removedRegistriesPromises));
       } catch (err) {
         throw err;
       }
diff --git a/app/kubernetes/services/statefulSetService.js b/app/kubernetes/services/statefulSetService.js
index 60cdea44c..5a14c4190 100644
--- a/app/kubernetes/services/statefulSetService.js
+++ b/app/kubernetes/services/statefulSetService.js
@@ -93,6 +93,7 @@ class KubernetesStatefulSetService {
       if (!payload.length) {
         return;
       }
+
       const data = await this.KubernetesStatefulSets(namespace).patch(params, payload).$promise;
       return data;
     } catch (err) {
diff --git a/app/kubernetes/views/applications/create/createApplication.html b/app/kubernetes/views/applications/create/createApplication.html
index 106b2454d..a1f30a874 100644
--- a/app/kubernetes/views/applications/create/createApplication.html
+++ b/app/kubernetes/views/applications/create/createApplication.html
@@ -16,6 +16,40 @@
       <rd-widget>
         <rd-widget-body>
           <form class="form-horizontal" name="kubernetesApplicationCreationForm" autocomplete="off">
+            <div class="col-sm-12 form-section-title">
+              Resource pool
+            </div>
+            <!-- #region RESOURCE POOL -->
+            <div class="form-group" ng-if="ctrl.formValues.ResourcePool">
+              <label for="resource-pool-selector" class="col-sm-1 control-label text-left">Resource pool</label>
+              <div class="col-sm-11">
+                <select
+                  class="form-control"
+                  id="resource-pool-selector"
+                  ng-model="ctrl.formValues.ResourcePool"
+                  ng-options="resourcePool.Namespace.Name for resourcePool in ctrl.resourcePools"
+                  ng-change="ctrl.onResourcePoolSelectionChange()"
+                  ng-disabled="ctrl.state.isEdit"
+                ></select>
+              </div>
+            </div>
+            <div class="form-group" ng-if="ctrl.state.resourcePoolHasQuota && ctrl.resourceQuotaCapacityExceeded() && ctrl.formValues.ResourcePool">
+              <div class="col-sm-12 small text-danger">
+                <i class="fa fa-exclamation-circle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                This resource pool has exhausted its resource capacity and you will not be able to deploy the application. Contact your administrator to expand the capacity of the
+                resource pool.
+              </div>
+            </div>
+            <div class="form-group" ng-if="!ctrl.formValues.ResourcePool">
+              <div class="col-sm-12 small text-muted">
+                <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                You do not have access to any resource pool. Contact your administrator to get access to a resource pool.
+              </div>
+            </div>
+            <!-- #endregion -->
+            <div class="col-sm-12 form-section-title">
+              Application
+            </div>
             <!-- #region NAME FIELD -->
             <div class="form-group">
               <label for="application_name" class="col-sm-1 control-label text-left">Name</label>
@@ -53,17 +87,15 @@
             <!-- #region IMAGE FIELD -->
 
             <div class="form-group">
-              <label for="container_image" class="col-sm-1 control-label text-left">Image</label>
-              <div class="col-sm-11">
-                <input
-                  type="text"
-                  class="form-control"
-                  name="container_image"
-                  ng-model="ctrl.formValues.Image"
-                  placeholder="nginx:latest"
-                  required
-                  ng-disabled="ctrl.formValues.Containers.length > 1"
-                />
+              <div class="col-sm-12">
+                <por-image-registry
+                  model="ctrl.formValues.ImageModel"
+                  auto-complete="false"
+                  label-class="col-sm-1"
+                  input-class="col-sm-11"
+                  endpoint-id="ctrl.endpoint.Id"
+                  namespace="ctrl.formValues.ResourcePool.Namespace.Name"
+                ></por-image-registry>
               </div>
             </div>
             <div class="form-group" ng-show="kubernetesApplicationCreationForm.container_image.$invalid">
@@ -83,32 +115,6 @@
             </por-image-registry-rate-limits>
             <!-- #endregion -->
 
-            <div class="col-sm-12 form-section-title">
-              Resource pool
-            </div>
-            <!-- #region RESOURCE POOL -->
-            <div class="form-group">
-              <label for="resource-pool-selector" class="col-sm-1 control-label text-left">Resource pool</label>
-              <div class="col-sm-11">
-                <select
-                  class="form-control"
-                  id="resource-pool-selector"
-                  ng-model="ctrl.formValues.ResourcePool"
-                  ng-options="resourcePool.Namespace.Name for resourcePool in ctrl.resourcePools"
-                  ng-change="ctrl.onResourcePoolSelectionChange()"
-                  ng-disabled="ctrl.state.isEdit"
-                ></select>
-              </div>
-            </div>
-            <div class="form-group" ng-if="ctrl.state.resourcePoolHasQuota && ctrl.resourceQuotaCapacityExceeded()">
-              <div class="col-sm-12 small text-danger">
-                <i class="fa fa-exclamation-circle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>
-                This resource pool has exhausted its resource capacity and you will not be able to deploy the application. Contact your administrator to expand the capacity of the
-                resource pool.
-              </div>
-            </div>
-            <!-- #endregion -->
-
             <div class="col-sm-12 form-section-title">
               Stack
             </div>
diff --git a/app/kubernetes/views/applications/create/createApplication.js b/app/kubernetes/views/applications/create/createApplication.js
index 9feaabc76..c5c8df16b 100644
--- a/app/kubernetes/views/applications/create/createApplication.js
+++ b/app/kubernetes/views/applications/create/createApplication.js
@@ -3,7 +3,6 @@ angular.module('portainer.kubernetes').component('kubernetesCreateApplicationVie
   controller: 'KubernetesCreateApplicationController',
   controllerAs: 'ctrl',
   bindings: {
-    $transition$: '<',
     endpoint: '<',
   },
 });
diff --git a/app/kubernetes/views/applications/create/createApplicationController.js b/app/kubernetes/views/applications/create/createApplicationController.js
index 0ae3a9c88..2394bc0d5 100644
--- a/app/kubernetes/views/applications/create/createApplicationController.js
+++ b/app/kubernetes/views/applications/create/createApplicationController.js
@@ -38,7 +38,6 @@ class KubernetesCreateApplicationController {
     $async,
     $state,
     Notifications,
-    EndpointProvider,
     Authentication,
     DockerHubService,
     ModalService,
@@ -50,12 +49,12 @@ class KubernetesCreateApplicationController {
     KubernetesIngressService,
     KubernetesPersistentVolumeClaimService,
     KubernetesNamespaceHelper,
-    KubernetesVolumeService
+    KubernetesVolumeService,
+    RegistryService
   ) {
     this.$async = $async;
     this.$state = $state;
     this.Notifications = Notifications;
-    this.EndpointProvider = EndpointProvider;
     this.Authentication = Authentication;
     this.DockerHubService = DockerHubService;
     this.ModalService = ModalService;
@@ -68,6 +67,7 @@ class KubernetesCreateApplicationController {
     this.KubernetesIngressService = KubernetesIngressService;
     this.KubernetesPersistentVolumeClaimService = KubernetesPersistentVolumeClaimService;
     this.KubernetesNamespaceHelper = KubernetesNamespaceHelper;
+    this.RegistryService = RegistryService;
 
     this.ApplicationDeploymentTypes = KubernetesApplicationDeploymentTypes;
     this.ApplicationDataAccessPolicies = KubernetesApplicationDataAccessPolicies;
@@ -77,6 +77,56 @@ class KubernetesCreateApplicationController {
     this.ApplicationConfigurationFormValueOverridenKeyTypes = KubernetesApplicationConfigurationFormValueOverridenKeyTypes;
     this.ServiceTypes = KubernetesServiceTypes;
 
+    this.state = {
+      actionInProgress: false,
+      useLoadBalancer: false,
+      useServerMetrics: false,
+      sliders: {
+        cpu: {
+          min: 0,
+          max: 0,
+        },
+        memory: {
+          min: 0,
+          max: 0,
+        },
+      },
+      nodes: {
+        memory: 0,
+        cpu: 0,
+      },
+      resourcePoolHasQuota: false,
+      viewReady: false,
+      availableSizeUnits: ['MB', 'GB', 'TB'],
+      alreadyExists: false,
+      duplicates: {
+        environmentVariables: new KubernetesFormValidationReferences(),
+        persistedFolders: new KubernetesFormValidationReferences(),
+        configurationPaths: new KubernetesFormValidationReferences(),
+        existingVolumes: new KubernetesFormValidationReferences(),
+        publishedPorts: {
+          containerPorts: new KubernetesFormValidationReferences(),
+          nodePorts: new KubernetesFormValidationReferences(),
+          ingressRoutes: new KubernetesFormValidationReferences(),
+          loadBalancerPorts: new KubernetesFormValidationReferences(),
+        },
+        placements: new KubernetesFormValidationReferences(),
+      },
+      isEdit: this.$state.params.namespace && this.$state.params.name,
+      persistedFoldersUseExistingVolumes: false,
+      pullImageValidity: false,
+    };
+
+    this.isAdmin = this.Authentication.isAdmin();
+
+    this.editChanges = [];
+
+    this.storageClasses = [];
+    this.state.useLoadBalancer = false;
+    this.state.useServerMetrics = false;
+
+    this.formValues = new KubernetesApplicationFormValues();
+
     this.updateApplicationAsync = this.updateApplicationAsync.bind(this);
     this.deployApplicationAsync = this.deployApplicationAsync.bind(this);
     this.setPullImageValidity = this.setPullImageValidity.bind(this);
@@ -867,9 +917,9 @@ class KubernetesCreateApplicationController {
   getApplication() {
     return this.$async(async () => {
       try {
-        const namespace = this.state.params.namespace;
+        const namespace = this.$state.params.namespace;
         [this.application, this.persistentVolumeClaims] = await Promise.all([
-          this.KubernetesApplicationService.get(namespace, this.state.params.name),
+          this.KubernetesApplicationService.get(namespace, this.$state.params.name),
           this.KubernetesPersistentVolumeClaimService.get(namespace),
         ]);
       } catch (err) {
@@ -877,71 +927,26 @@ class KubernetesCreateApplicationController {
       }
     });
   }
+
+  async parseImageConfiguration(imageModel) {
+    return this.$async(async () => {
+      try {
+        return await this.RegistryService.retrievePorRegistryModelFromRepository(imageModel.Image, this.endpoint.Id, imageModel.Registry.Id);
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registry');
+        return imageModel;
+      }
+    });
+  }
   /* #endregion */
 
   /* #region  ON INIT */
   $onInit() {
     return this.$async(async () => {
       try {
-        this.state = {
-          actionInProgress: false,
-          useLoadBalancer: false,
-          useServerMetrics: false,
-          sliders: {
-            cpu: {
-              min: 0,
-              max: 0,
-            },
-            memory: {
-              min: 0,
-              max: 0,
-            },
-          },
-          nodes: {
-            memory: 0,
-            cpu: 0,
-          },
-          resourcePoolHasQuota: false,
-          viewReady: false,
-          availableSizeUnits: ['MB', 'GB', 'TB'],
-          alreadyExists: false,
-          duplicates: {
-            environmentVariables: new KubernetesFormValidationReferences(),
-            persistedFolders: new KubernetesFormValidationReferences(),
-            configurationPaths: new KubernetesFormValidationReferences(),
-            existingVolumes: new KubernetesFormValidationReferences(),
-            publishedPorts: {
-              containerPorts: new KubernetesFormValidationReferences(),
-              nodePorts: new KubernetesFormValidationReferences(),
-              ingressRoutes: new KubernetesFormValidationReferences(),
-              loadBalancerPorts: new KubernetesFormValidationReferences(),
-            },
-            placements: new KubernetesFormValidationReferences(),
-          },
-          isEdit: false,
-          params: {
-            namespace: this.$transition$.params().namespace,
-            name: this.$transition$.params().name,
-          },
-          persistedFoldersUseExistingVolumes: false,
-          pullImageValidity: false,
-        };
-
-        this.isAdmin = this.Authentication.isAdmin();
-
-        this.editChanges = [];
-
-        if (this.state.params.namespace && this.state.params.name) {
-          this.state.isEdit = true;
-        }
-
-        const endpoint = this.EndpointProvider.currentEndpoint();
-        this.endpoint = endpoint;
-        this.storageClasses = endpoint.Kubernetes.Configuration.StorageClasses;
-        this.state.useLoadBalancer = endpoint.Kubernetes.Configuration.UseLoadBalancer;
-        this.state.useServerMetrics = endpoint.Kubernetes.Configuration.UseServerMetrics;
-
-        this.formValues = new KubernetesApplicationFormValues();
+        this.storageClasses = this.endpoint.Kubernetes.Configuration.StorageClasses;
+        this.state.useLoadBalancer = this.endpoint.Kubernetes.Configuration.UseLoadBalancer;
+        this.state.useServerMetrics = this.endpoint.Kubernetes.Configuration.UseServerMetrics;
 
         const [resourcePools, nodes, ingresses] = await Promise.all([
           this.KubernetesResourcePoolService.get(),
@@ -962,7 +967,7 @@ class KubernetesCreateApplicationController {
         });
         this.nodesLabels = KubernetesNodeHelper.generateNodeLabelsFromNodes(nodes);
 
-        const namespace = this.state.isEdit ? this.state.params.namespace : this.formValues.ResourcePool.Namespace.Name;
+        const namespace = this.state.isEdit ? this.$state.params.namespace : this.formValues.ResourcePool.Namespace.Name;
         await this.refreshNamespaceData(namespace);
 
         if (this.state.isEdit) {
@@ -975,6 +980,7 @@ class KubernetesCreateApplicationController {
             this.nodesLabels
           );
           this.formValues.OriginalIngresses = this.filteredIngresses;
+          this.formValues.ImageModel = await this.parseImageConfiguration(this.formValues.ImageModel);
           this.savedFormValues = angular.copy(this.formValues);
           delete this.formValues.ApplicationType;
 
@@ -992,7 +998,6 @@ class KubernetesCreateApplicationController {
           this.formValues.AutoScaler = KubernetesApplicationHelper.generateAutoScalerFormValueFromHorizontalPodAutoScaler(null, this.formValues.ReplicaCount);
           this.formValues.OriginalIngressClasses = angular.copy(this.ingresses);
         }
-
         this.updateSliders();
 
         const dockerHub = await this.DockerHubService.dockerhub();
diff --git a/app/kubernetes/views/configurations/edit/configurationController.js b/app/kubernetes/views/configurations/edit/configurationController.js
index 57928dbb1..a84fd0b85 100644
--- a/app/kubernetes/views/configurations/edit/configurationController.js
+++ b/app/kubernetes/views/configurations/edit/configurationController.js
@@ -134,6 +134,10 @@ class KubernetesConfigurationController {
       const name = this.$transition$.params().name;
       const namespace = this.$transition$.params().namespace;
       const [configMap, secret] = await Promise.allSettled([this.KubernetesConfigMapService.get(namespace, name), this.KubernetesSecretService.get(namespace, name)]);
+      if (secret.status === 'rejected' && secret.reason.err.status === 403) {
+        this.$state.go('kubernetes.configurations');
+        throw new Error('Not authorized to edit secret');
+      }
       if (secret.status === 'fulfilled') {
         this.configuration = KubernetesConfigurationConverter.secretToConfiguration(secret.value);
         this.formValues.Data = secret.value.Data;
@@ -146,6 +150,8 @@ class KubernetesConfigurationController {
       this.formValues.Name = this.configuration.Name;
       this.formValues.Type = this.configuration.Type;
       this.oldDataYaml = this.formValues.DataYaml;
+
+      return this.configuration;
     } catch (err) {
       this.Notifications.error('Failure', err, 'Unable to retrieve configuration');
     } finally {
@@ -251,11 +257,12 @@ class KubernetesConfigurationController {
       this.formValues = new KubernetesConfigurationFormValues();
 
       this.resourcePools = await this.KubernetesResourcePoolService.get();
-      await this.getConfiguration();
-      await this.getApplications(this.configuration.Namespace);
-      await this.getEvents(this.configuration.Namespace);
-      await this.getConfigurations();
-
+      const configuration = await this.getConfiguration();
+      if (configuration) {
+        await this.getApplications(this.configuration.Namespace);
+        await this.getEvents(this.configuration.Namespace);
+        await this.getConfigurations();
+      }
       this.tagUsedDataKeys();
     } catch (err) {
       this.Notifications.error('Failure', err, 'Unable to load view data');
diff --git a/app/kubernetes/views/configure/configureController.js b/app/kubernetes/views/configure/configureController.js
index 6cef0781d..70b201ef7 100644
--- a/app/kubernetes/views/configure/configureController.js
+++ b/app/kubernetes/views/configure/configureController.js
@@ -9,18 +9,10 @@ import { KubernetesIngressClassTypes } from 'Kubernetes/ingress/constants';
 class KubernetesConfigureController {
   /* #region  CONSTRUCTOR */
 
-  // TODO: technical debt
-  // $transition$ cannot be injected as bindings: { $transition$: '<' } inside app/portainer/__module.js
-  // because this view is not using a component (https://ui-router.github.io/guide/ng1/route-to-component#accessing-transition)
-  // and will cause
-  // >> Error: Cannot combine: component|bindings|componentProvider
-  // >> with: templateProvider|templateUrl|template|notify|async|controller|controllerProvider|controllerAs|resolveAs
-  // >> in stateview: 'content@@portainer.endpoints.endpoint.kubernetesConfig'
   /* @ngInject */
   constructor(
     $async,
     $state,
-    $transition$,
     Notifications,
     KubernetesStorageService,
     EndpointService,
@@ -33,7 +25,6 @@ class KubernetesConfigureController {
   ) {
     this.$async = $async;
     this.$state = $state;
-    this.$transition$ = $transition$;
     this.Notifications = Notifications;
     this.KubernetesStorageService = KubernetesStorageService;
     this.EndpointService = EndpointService;
@@ -163,7 +154,7 @@ class KubernetesConfigureController {
       }
     });
   }
-  
+
   enableMetricsServer() {
     if (this.formValues.UseServerMetrics) {
       this.state.metrics.userClick = true;
@@ -241,7 +232,7 @@ class KubernetesConfigureController {
       actionInProgress: false,
       displayConfigureClassPanel: {},
       viewReady: false,
-      endpointId: this.$transition$.params().id,
+      endpointId: this.$state.params.id,
       duplicates: {
         ingressClasses: new KubernetesFormValidationReferences(),
       },
diff --git a/app/kubernetes/views/resource-pools/create/createResourcePool.html b/app/kubernetes/views/resource-pools/create/createResourcePool.html
index 95d7bb94e..9bba866ac 100644
--- a/app/kubernetes/views/resource-pools/create/createResourcePool.html
+++ b/app/kubernetes/views/resource-pools/create/createResourcePool.html
@@ -1,10 +1,10 @@
-<kubernetes-view-header title="Create a resource pool" state="kubernetes.resourcePools.new" view-ready="ctrl.state.viewReady">
+<kubernetes-view-header title="Create a resource pool" state="kubernetes.resourcePools.new" view-ready="$ctrl.state.viewReady">
   <a ui-sref="kubernetes.resourcePools">Resource pools</a> &gt; Create a resource pool
 </kubernetes-view-header>
 
-<kubernetes-view-loading view-ready="ctrl.state.viewReady"></kubernetes-view-loading>
+<kubernetes-view-loading view-ready="$ctrl.state.viewReady"></kubernetes-view-loading>
 
-<div ng-if="ctrl.state.viewReady">
+<div ng-if="$ctrl.state.viewReady">
   <div class="row">
     <div class="col-lg-12 col-md-12 col-xs-12">
       <rd-widget>
@@ -18,16 +18,16 @@
                   type="text"
                   class="form-control"
                   name="pool_name"
-                  ng-model="ctrl.formValues.Name"
+                  ng-model="$ctrl.formValues.Name"
                   ng-pattern="/^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$/"
-                  ng-change="ctrl.onChangeName()"
+                  ng-change="$ctrl.onChangeName()"
                   placeholder="my-project"
                   required
                   auto-focus
                 />
               </div>
             </div>
-            <div class="form-group" ng-show="resourcePoolCreationForm.pool_name.$invalid || ctrl.state.isAlreadyExist">
+            <div class="form-group" ng-show="resourcePoolCreationForm.pool_name.$invalid || $ctrl.state.isAlreadyExist">
               <div class="col-sm-12 small text-warning">
                 <div ng-messages="resourcePoolCreationForm.pool_name.$error">
                   <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
@@ -36,7 +36,7 @@
                     with an alphanumeric character.</p
                   >
                 </div>
-                <p ng-if="ctrl.state.isAlreadyExist"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> A resource pool with the same name already exists.</p>
+                <p ng-if="$ctrl.state.isAlreadyExist"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> A resource pool with the same name already exists.</p>
               </div>
             </div>
             <!-- #endregion -->
@@ -58,16 +58,16 @@
                 <label class="control-label text-left">
                   Resource assignment
                 </label>
-                <label class="switch" style="margin-left: 20px;"> <input type="checkbox" ng-model="ctrl.formValues.HasQuota" /><i></i> </label>
+                <label class="switch" style="margin-left: 20px;"> <input type="checkbox" ng-model="$ctrl.formValues.HasQuota" /><i></i> </label>
               </div>
             </div>
-            <div class="form-group" ng-if="ctrl.formValues.HasQuota && !ctrl.isQuotaValid()">
+            <div class="form-group" ng-if="$ctrl.formValues.HasQuota && !$ctrl.isQuotaValid()">
               <span class="col-sm-12 text-warning small">
                 <p> <i class="fa fa-exclamation-triangle" aria-hidden="true" style="margin-right: 2px;"></i> At least a single limit must be set for the quota to be valid. </p>
               </span>
             </div>
             <!-- !quotas-switch -->
-            <div ng-if="ctrl.formValues.HasQuota">
+            <div ng-if="$ctrl.formValues.HasQuota">
               <div class="col-sm-12 form-section-title">
                 Resource limits
               </div>
@@ -78,17 +78,23 @@
                     Memory
                   </label>
                   <div class="col-sm-3">
-                    <slider model="ctrl.formValues.MemoryLimit" floor="ctrl.defaults.MemoryLimit" ceil="ctrl.state.sliderMaxMemory" step="128" ng-if="ctrl.state.sliderMaxMemory">
+                    <slider
+                      model="$ctrl.formValues.MemoryLimit"
+                      floor="$ctrl.defaults.MemoryLimit"
+                      ceil="$ctrl.state.sliderMaxMemory"
+                      step="128"
+                      ng-if="$ctrl.state.sliderMaxMemory"
+                    >
                     </slider>
                   </div>
                   <div class="col-sm-2">
                     <input
                       name="memory_limit"
                       type="number"
-                      min="{{ ctrl.defaults.MemoryLimit }}"
-                      max="{{ ctrl.state.sliderMaxMemory }}"
+                      min="{{ $ctrl.defaults.MemoryLimit }}"
+                      max="{{ $ctrl.state.sliderMaxMemory }}"
                       class="form-control"
-                      ng-model="ctrl.formValues.MemoryLimit"
+                      ng-model="$ctrl.formValues.MemoryLimit"
                       id="memory-limit"
                       required
                     />
@@ -103,7 +109,7 @@
                   <div class="col-sm-12 small text-warning">
                     <div ng-messages="resourcePoolCreationForm.pool_name.$error">
                       <p
-                        ><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Value must be between {{ ctrl.defaults.MemoryLimit }} and {{ ctrl.state.sliderMaxMemory }}
+                        ><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Value must be between {{ $ctrl.defaults.MemoryLimit }} and {{ $ctrl.state.sliderMaxMemory }}
                       </p>
                     </div>
                   </div>
@@ -115,7 +121,14 @@
                     CPU
                   </label>
                   <div class="col-sm-5">
-                    <slider model="ctrl.formValues.CpuLimit" floor="ctrl.defaults.CpuLimit" ceil="ctrl.state.sliderMaxCpu" step="0.1" precision="2" ng-if="ctrl.state.sliderMaxCpu">
+                    <slider
+                      model="$ctrl.formValues.CpuLimit"
+                      floor="$ctrl.defaults.CpuLimit"
+                      ceil="$ctrl.state.sliderMaxCpu"
+                      step="0.1"
+                      precision="2"
+                      ng-if="$ctrl.state.sliderMaxCpu"
+                    >
                     </slider>
                   </div>
                   <div class="col-sm-4" style="margin-top: 20px;">
@@ -186,20 +199,20 @@
             </div>
             <!-- #endregion -->
 
-            <div ng-if="ctrl.state.canUseIngress">
+            <div ng-if="$ctrl.state.canUseIngress">
               <div class="col-sm-12 form-section-title">
                 Ingresses
               </div>
               <!-- #region INGRESSES -->
-              <div class="form-group" ng-if="ctrl.formValues.IngressClasses.length === 0">
+              <div class="form-group" ng-if="$ctrl.formValues.IngressClasses.length === 0">
                 <div class="col-sm-12 small text-muted">
                   The ingress feature must be enabled in the
-                  <a ui-sref="portainer.endpoints.endpoint.kubernetesConfig({id: ctrl.endpoint.Id})">endpoint configuration view</a> to be able to register ingresses inside this
+                  <a ui-sref="portainer.endpoints.endpoint.kubernetesConfig({id: $ctrl.endpoint.Id})">endpoint configuration view</a> to be able to register ingresses inside this
                   resource pool.
                 </div>
               </div>
 
-              <div class="form-group" ng-if="ctrl.formValues.IngressClasses.length > 0">
+              <div class="form-group" ng-if="$ctrl.formValues.IngressClasses.length > 0">
                 <div class="col-sm-12 small text-muted">
                   <p>
                     <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
@@ -208,7 +221,7 @@
                 </div>
               </div>
 
-              <div class="form-group" ng-repeat-start="ic in ctrl.formValues.IngressClasses track by ic.IngressClass.Name">
+              <div class="form-group" ng-repeat-start="ic in $ctrl.formValues.IngressClasses track by ic.IngressClass.Name">
                 <div class="text-muted col-sm-12" style="width: 100%;">
                   <div style="border-bottom: 1px solid #cdcdcd; padding-bottom: 5px;">
                     <i class="fa fa-route" aria-hidden="true" style="margin-right: 2px;"></i> {{ ic.IngressClass.Name }}
@@ -234,7 +247,7 @@
                       >
                       </portainer-tooltip>
                     </label>
-                    <span class="label label-default interactive" style="margin-left: 10px;" ng-click="ctrl.addHostname(ic)">
+                    <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addHostname(ic)">
                       <i class="fa fa-plus-circle" aria-hidden="true"></i> add hostname
                     </span>
                   </div>
@@ -248,13 +261,13 @@
                             class="form-control"
                             name="hostname_{{ ic.IngressClass.Name }}_{{ $index }}"
                             ng-model="item.Host"
-                            ng-change="ctrl.onChangeIngressHostname()"
+                            ng-change="$ctrl.onChangeIngressHostname()"
                             placeholder="foo"
                             required
                           />
                         </div>
                         <div class="col-sm-1 input-group input-group-sm" ng-if="$index > 0">
-                          <button class="btn btn-sm btn-danger" type="button" ng-click="ctrl.removeHostname(ic, $index)">
+                          <button class="btn btn-sm btn-danger" type="button" ng-click="$ctrl.removeHostname(ic, $index)">
                             <i class="fa fa-trash-alt" aria-hidden="true"></i>
                           </button>
                         </div>
@@ -264,20 +277,20 @@
                         style="margin-top: 5px;"
                         ng-show="
                           resourcePoolCreationForm['hostname_' + ic.IngressClass.Name + '_' + $index].$invalid ||
-                          ctrl.state.duplicates.ingressHosts.refs[ic.IngressClass.Name][$index] !== undefined
+                          $ctrl.state.duplicates.ingressHosts.refs[ic.IngressClass.Name][$index] !== undefined
                         "
                       >
                         <ng-messages for="resourcePoolCreationForm['hostname_' + ic.IngressClass.Name + '_' + $index].$error">
                           <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Hostname is required.</p>
                         </ng-messages>
-                        <p ng-if="ctrl.state.duplicates.ingressHosts.refs[ic.IngressClass.Name][$index] !== undefined">
+                        <p ng-if="$ctrl.state.duplicates.ingressHosts.refs[ic.IngressClass.Name][$index] !== undefined">
                           <i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This hostname is already used.
                         </p>
                       </div>
                     </div>
                   </div>
                 </div>
-                <div class="form-group" ng-if="ic.IngressClass.Type === ctrl.IngressClassTypes.NGINX">
+                <div class="form-group" ng-if="ic.IngressClass.Type === $ctrl.IngressClassTypes.NGINX">
                   <div class="col-sm-12">
                     <label class="control-label text-left">
                       Redirect published routes to / in application
@@ -312,7 +325,7 @@
 
                 <div class="col-sm-12" ng-if="ic.AdvancedConfig">
                   <label class="control-label text-left">Annotations</label>
-                  <span class="label label-default interactive" style="margin-left: 10px;" ng-click="ctrl.addAnnotation(ic)">
+                  <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addAnnotation(ic)">
                     <i class="fa fa-plus-circle" aria-hidden="true"></i> add annotation
                   </span>
                 </div>
@@ -328,7 +341,7 @@
                       <input type="text" class="form-control" ng-model="annotation.Value" placeholder="/$1" required />
                     </div>
                     <div class="col-sm-1 input-group input-group-sm">
-                      <button class="btn btn-sm btn-danger" type="button" ng-click="ctrl.removeAnnotation(ic, $index)">
+                      <button class="btn btn-sm btn-danger" type="button" ng-click="$ctrl.removeAnnotation(ic, $index)">
                         <i class="fa fa-trash-alt" aria-hidden="true"></i>
                       </button>
                     </div>
@@ -338,6 +351,47 @@
               <!-- #endregion -->
             </div>
 
+            <!-- #region REGISTRIES -->
+            <div class="col-sm-12 form-section-title">
+              Registries
+            </div>
+            <div class="form-group">
+              <div class="col-sm-12 small text-muted">
+                <p>
+                  <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                  Define which registry can be used by users who have access to this resource pool.
+                </p>
+              </div>
+            </div>
+
+            <div class="form-group">
+              <label class="col-sm-3 col-lg-2 control-label text-left" style="padding-top: 0;">
+                Select registries
+              </label>
+              <div class="col-sm-9 col-lg-4">
+                <span class="small text-muted" ng-if="!$ctrl.registries.length && $ctrl.state.isAdmin">
+                  No registries available. Head over <a ui-sref="portainer.registries">registry view</a> to define container registry.
+                </span>
+                <span class="small text-muted" ng-if="!$ctrl.registries.length && !$ctrl.state.isAdmin">
+                  No registries available. Contact your administrator to create a container registry.
+                </span>
+                <span
+                  isteven-multi-select
+                  ng-if="$ctrl.registries.length"
+                  input-model="$ctrl.registries"
+                  output-model="$ctrl.formValues.Registries"
+                  button-label="Name"
+                  item-label="Name"
+                  tick-property="Checked"
+                  helper-elements="filter"
+                  search-property="Name"
+                  translation="{nothingSelected: 'Select one or more registry', search: 'Search...'}"
+                >
+                </span>
+              </div>
+            </div>
+            <!-- #endregion -->
+
             <div class="col-sm-12 form-section-title">
               Actions
             </div>
@@ -347,12 +401,12 @@
                 <button
                   type="button"
                   class="btn btn-primary btn-sm"
-                  ng-disabled="!resourcePoolCreationForm.$valid || ctrl.isCreateButtonDisabled()"
-                  ng-click="ctrl.createResourcePool()"
-                  button-spinner="ctrl.state.actionInProgress"
+                  ng-disabled="!resourcePoolCreationForm.$valid || $ctrl.isCreateButtonDisabled()"
+                  ng-click="$ctrl.createResourcePool()"
+                  button-spinner="$ctrl.state.actionInProgress"
                 >
-                  <span ng-hide="ctrl.state.actionInProgress">Create resource pool</span>
-                  <span ng-show="ctrl.state.actionInProgress">Creation in progress...</span>
+                  <span ng-hide="$ctrl.state.actionInProgress">Create resource pool</span>
+                  <span ng-show="$ctrl.state.actionInProgress">Creation in progress...</span>
                 </button>
               </div>
             </div>
diff --git a/app/kubernetes/views/resource-pools/create/createResourcePool.js b/app/kubernetes/views/resource-pools/create/createResourcePool.js
index daf67bd9c..a192da090 100644
--- a/app/kubernetes/views/resource-pools/create/createResourcePool.js
+++ b/app/kubernetes/views/resource-pools/create/createResourcePool.js
@@ -1,5 +1,10 @@
+import angular from 'angular';
+import KubernetesCreateResourcePoolController from './createResourcePoolController';
+
 angular.module('portainer.kubernetes').component('kubernetesCreateResourcePoolView', {
   templateUrl: './createResourcePool.html',
-  controller: 'KubernetesCreateResourcePoolController',
-  controllerAs: 'ctrl',
+  controller: KubernetesCreateResourcePoolController,
+  bindings: {
+    endpoint: '<',
+  },
 });
diff --git a/app/kubernetes/views/resource-pools/create/createResourcePoolController.js b/app/kubernetes/views/resource-pools/create/createResourcePoolController.js
index 4a823dcd2..a36033e86 100644
--- a/app/kubernetes/views/resource-pools/create/createResourcePoolController.js
+++ b/app/kubernetes/views/resource-pools/create/createResourcePoolController.js
@@ -1,4 +1,3 @@
-import angular from 'angular';
 import _ from 'lodash-es';
 import filesizeParser from 'filesize-parser';
 import { KubernetesResourceQuotaDefaults } from 'Kubernetes/models/resource-quota/models';
@@ -16,23 +15,20 @@ import { KubernetesIngressClassTypes } from 'Kubernetes/ingress/constants';
 class KubernetesCreateResourcePoolController {
   /* #region  CONSTRUCTOR */
   /* @ngInject */
-  constructor($async, $state, Notifications, KubernetesNodeService, KubernetesResourcePoolService, KubernetesIngressService, Authentication, EndpointProvider) {
-    this.$async = $async;
-    this.$state = $state;
-    this.Notifications = Notifications;
-    this.Authentication = Authentication;
-    this.EndpointProvider = EndpointProvider;
-
-    this.KubernetesNodeService = KubernetesNodeService;
-    this.KubernetesResourcePoolService = KubernetesResourcePoolService;
-    this.KubernetesIngressService = KubernetesIngressService;
+  constructor($async, $state, Notifications, KubernetesNodeService, KubernetesResourcePoolService, KubernetesIngressService, Authentication, EndpointProvider, RegistryService) {
+    Object.assign(this, {
+      $async,
+      $state,
+      Notifications,
+      KubernetesNodeService,
+      KubernetesResourcePoolService,
+      KubernetesIngressService,
+      Authentication,
+      EndpointProvider,
+      RegistryService,
+    });
 
     this.IngressClassTypes = KubernetesIngressClassTypes;
-
-    this.onInit = this.onInit.bind(this);
-    this.createResourcePoolAsync = this.createResourcePoolAsync.bind(this);
-    this.getResourcePoolsAsync = this.getResourcePoolsAsync.bind(this);
-    this.getIngressesAsync = this.getIngressesAsync.bind(this);
   }
   /* #endregion */
 
@@ -116,105 +112,111 @@ class KubernetesCreateResourcePoolController {
   }
 
   /* #region  CREATE RESOURCE POOL */
-  async createResourcePoolAsync() {
-    this.state.actionInProgress = true;
-    try {
-      this.checkDefaults();
-      const owner = this.Authentication.getUserDetails().username;
-      this.formValues.Owner = owner;
-      await this.KubernetesResourcePoolService.create(this.formValues);
-      this.Notifications.success('Resource pool successfully created', this.formValues.Name);
-      this.$state.go('kubernetes.resourcePools');
-    } catch (err) {
-      this.Notifications.error('Failure', err, 'Unable to create resource pool');
-    } finally {
-      this.state.actionInProgress = false;
-    }
-  }
-
   createResourcePool() {
-    return this.$async(this.createResourcePoolAsync);
+    return this.$async(async () => {
+      this.state.actionInProgress = true;
+      try {
+        this.checkDefaults();
+        this.formValues.Owner = this.Authentication.getUserDetails().username;
+        await this.KubernetesResourcePoolService.create(this.formValues);
+        this.Notifications.success('Resource pool successfully created', this.formValues.Name);
+        this.$state.go('kubernetes.resourcePools');
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to create resource pool');
+      } finally {
+        this.state.actionInProgress = false;
+      }
+    });
   }
   /* #endregion */
 
   /* #region  GET INGRESSES */
-  async getIngressesAsync() {
-    try {
-      this.allIngresses = await this.KubernetesIngressService.get();
-    } catch (err) {
-      this.Notifications.error('Failure', err, 'Unable to retrieve ingresses.');
-    }
-  }
-
   getIngresses() {
-    return this.$async(this.getIngressesAsync);
+    return this.$async(async () => {
+      try {
+        this.allIngresses = await this.KubernetesIngressService.get();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve ingresses.');
+      }
+    });
   }
   /* #endregion */
 
   /* #region  GET RESOURCE POOLS */
-  async getResourcePoolsAsync() {
-    try {
-      this.resourcePools = await this.KubernetesResourcePoolService.get();
-    } catch (err) {
-      this.Notifications.error('Failure', err, 'Unable to retrieve resource pools');
-    }
-  }
-
   getResourcePools() {
-    return this.$async(this.getResourcePoolsAsync);
+    return this.$async(async () => {
+      try {
+        this.resourcePools = await this.KubernetesResourcePoolService.get();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve resource pools');
+      }
+    });
+  }
+  /* #endregion */
+
+  /* #region  GET REGISTRIES */
+  getRegistries() {
+    return this.$async(async () => {
+      try {
+        this.registries = await this.RegistryService.registries();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registries');
+      }
+    });
   }
   /* #endregion */
 
   /* #region  ON INIT */
-  async onInit() {
-    try {
-      const endpoint = this.EndpointProvider.currentEndpoint();
-      this.endpoint = endpoint;
-      this.defaults = KubernetesResourceQuotaDefaults;
-      this.formValues = new KubernetesResourcePoolFormValues(this.defaults);
-
-      this.state = {
-        actionInProgress: false,
-        sliderMaxMemory: 0,
-        sliderMaxCpu: 0,
-        viewReady: false,
-        isAlreadyExist: false,
-        canUseIngress: endpoint.Kubernetes.Configuration.IngressClasses.length,
-        duplicates: {
-          ingressHosts: new KubernetesFormValidationReferences(),
-        },
-      };
-
-      const nodes = await this.KubernetesNodeService.get();
-
-      _.forEach(nodes, (item) => {
-        this.state.sliderMaxMemory += filesizeParser(item.Memory);
-        this.state.sliderMaxCpu += item.CPU;
-      });
-      this.state.sliderMaxMemory = KubernetesResourceReservationHelper.megaBytesValue(this.state.sliderMaxMemory);
-      await this.getResourcePools();
-      if (this.state.canUseIngress) {
-        await this.getIngresses();
-        const ingressClasses = endpoint.Kubernetes.Configuration.IngressClasses;
-        this.formValues.IngressClasses = KubernetesIngressConverter.ingressClassesToFormValues(ingressClasses);
-      }
-      _.forEach(this.formValues.IngressClasses, (ic) => {
-        if (ic.Hosts.length === 0) {
-          ic.Hosts.push(new KubernetesResourcePoolIngressClassHostFormValue());
-        }
-      });
-    } catch (err) {
-      this.Notifications.error('Failure', err, 'Unable to load view data');
-    } finally {
-      this.state.viewReady = true;
-    }
-  }
-
   $onInit() {
-    return this.$async(this.onInit);
+    return this.$async(async () => {
+      try {
+        const endpoint = this.EndpointProvider.currentEndpoint();
+        this.endpoint = endpoint;
+        this.defaults = KubernetesResourceQuotaDefaults;
+        this.formValues = new KubernetesResourcePoolFormValues(this.defaults);
+        this.formValues.EndpointId = this.endpoint.Id;
+
+        this.state = {
+          actionInProgress: false,
+          sliderMaxMemory: 0,
+          sliderMaxCpu: 0,
+          viewReady: false,
+          isAlreadyExist: false,
+          canUseIngress: endpoint.Kubernetes.Configuration.IngressClasses.length,
+          duplicates: {
+            ingressHosts: new KubernetesFormValidationReferences(),
+          },
+          isAdmin: this.Authentication.isAdmin(),
+        };
+
+        const nodes = await this.KubernetesNodeService.get();
+
+        _.forEach(nodes, (item) => {
+          this.state.sliderMaxMemory += filesizeParser(item.Memory);
+          this.state.sliderMaxCpu += item.CPU;
+        });
+        this.state.sliderMaxMemory = KubernetesResourceReservationHelper.megaBytesValue(this.state.sliderMaxMemory);
+        await this.getResourcePools();
+        if (this.state.canUseIngress) {
+          await this.getIngresses();
+          const ingressClasses = endpoint.Kubernetes.Configuration.IngressClasses;
+          this.formValues.IngressClasses = KubernetesIngressConverter.ingressClassesToFormValues(ingressClasses);
+        }
+        _.forEach(this.formValues.IngressClasses, (ic) => {
+          if (ic.Hosts.length === 0) {
+            ic.Hosts.push(new KubernetesResourcePoolIngressClassHostFormValue());
+          }
+        });
+
+        await this.getRegistries();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to load view data');
+      } finally {
+        this.state.viewReady = true;
+      }
+    });
   }
   /* #endregion */
 }
 
 export default KubernetesCreateResourcePoolController;
-angular.module('portainer.kubernetes').controller('KubernetesCreateResourcePoolController', KubernetesCreateResourcePoolController);
diff --git a/app/kubernetes/views/resource-pools/edit/resourcePool.html b/app/kubernetes/views/resource-pools/edit/resourcePool.html
index ec1337013..595d2996a 100644
--- a/app/kubernetes/views/resource-pools/edit/resourcePool.html
+++ b/app/kubernetes/views/resource-pools/edit/resourcePool.html
@@ -298,6 +298,50 @@
                   </div>
                   <!-- #endregion -->
                 </div>
+
+                <!-- #region REGISTRIES -->
+                <div>
+                  <div class="col-sm-12 form-section-title">
+                    Registries
+                  </div>
+                  <div class="form-group">
+                    <div class="col-sm-12 small text-muted">
+                      <p>
+                        <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                        Define which registry can be used by users who have access to this resource pool.
+                      </p>
+                    </div>
+                  </div>
+
+                  <div class="form-group">
+                    <label class="col-sm-3 col-lg-2 control-label text-left" style="padding-top: 0;">
+                      Select registries
+                    </label>
+                    <div class="col-sm-9 col-lg-4">
+                      <span class="small text-muted" ng-if="!ctrl.registries.length && ctrl.state.isAdmin">
+                        No registries available. Head over <a ui-sref="portainer.registries">registry view</a> to define container registry.
+                      </span>
+                      <span class="small text-muted" ng-if="!ctrl.registries.length && !ctrl.state.isAdmin">
+                        No registries available. Contact your administrator to create a container registry.
+                      </span>
+                      <span
+                        isteven-multi-select
+                        ng-if="ctrl.registries.length"
+                        input-model="ctrl.registries"
+                        output-model="ctrl.formValues.Registries"
+                        button-label="Name"
+                        item-label="Name"
+                        tick-property="Checked"
+                        helper-elements="filter"
+                        search-property="Name"
+                        translation="{nothingSelected: 'Select one or more registry', search: 'Search...'}"
+                      >
+                      </span>
+                    </div>
+                  </div>
+                </div>
+                <!-- #endregion -->
+
                 <!-- #region STORAGES -->
                 <div class="col-sm-12 form-section-title">
                   Storages
diff --git a/app/kubernetes/views/resource-pools/edit/resourcePool.js b/app/kubernetes/views/resource-pools/edit/resourcePool.js
index 3b6012a2d..d612e9f6a 100644
--- a/app/kubernetes/views/resource-pools/edit/resourcePool.js
+++ b/app/kubernetes/views/resource-pools/edit/resourcePool.js
@@ -3,6 +3,6 @@ angular.module('portainer.kubernetes').component('kubernetesResourcePoolView', {
   controller: 'KubernetesResourcePoolController',
   controllerAs: 'ctrl',
   bindings: {
-    $transition$: '<',
+    endpoint: '<',
   },
 });
diff --git a/app/kubernetes/views/resource-pools/edit/resourcePoolController.js b/app/kubernetes/views/resource-pools/edit/resourcePoolController.js
index 051dc1fc9..e996cf3b9 100644
--- a/app/kubernetes/views/resource-pools/edit/resourcePoolController.js
+++ b/app/kubernetes/views/resource-pools/edit/resourcePoolController.js
@@ -1,7 +1,7 @@
 import angular from 'angular';
 import _ from 'lodash-es';
 import filesizeParser from 'filesize-parser';
-import { KubernetesResourceQuota, KubernetesResourceQuotaDefaults } from 'Kubernetes/models/resource-quota/models';
+import { KubernetesResourceQuotaDefaults } from 'Kubernetes/models/resource-quota/models';
 import KubernetesResourceReservationHelper from 'Kubernetes/helpers/resourceReservationHelper';
 import KubernetesEventHelper from 'Kubernetes/helpers/eventHelper';
 import {
@@ -26,6 +26,7 @@ class KubernetesResourcePoolController {
     LocalStorage,
     EndpointProvider,
     ModalService,
+    RegistryService,
     KubernetesNodeService,
     KubernetesResourceQuotaService,
     KubernetesResourcePoolService,
@@ -36,33 +37,31 @@ class KubernetesResourcePoolController {
     KubernetesIngressService,
     KubernetesVolumeService
   ) {
-    this.$async = $async;
-    this.$state = $state;
-    this.Notifications = Notifications;
-    this.Authentication = Authentication;
-    this.LocalStorage = LocalStorage;
-    this.EndpointProvider = EndpointProvider;
-    this.ModalService = ModalService;
-
-    this.KubernetesNodeService = KubernetesNodeService;
-    this.KubernetesResourceQuotaService = KubernetesResourceQuotaService;
-    this.KubernetesResourcePoolService = KubernetesResourcePoolService;
-    this.KubernetesEventService = KubernetesEventService;
-    this.KubernetesPodService = KubernetesPodService;
-    this.KubernetesApplicationService = KubernetesApplicationService;
-    this.KubernetesNamespaceHelper = KubernetesNamespaceHelper;
-    this.KubernetesIngressService = KubernetesIngressService;
-    this.KubernetesVolumeService = KubernetesVolumeService;
+    Object.assign(this, {
+      $async,
+      $state,
+      Authentication,
+      Notifications,
+      LocalStorage,
+      EndpointProvider,
+      ModalService,
+      RegistryService,
+      KubernetesNodeService,
+      KubernetesResourceQuotaService,
+      KubernetesResourcePoolService,
+      KubernetesEventService,
+      KubernetesPodService,
+      KubernetesApplicationService,
+      KubernetesNamespaceHelper,
+      KubernetesIngressService,
+      KubernetesVolumeService,
+    });
 
     this.IngressClassTypes = KubernetesIngressClassTypes;
     this.ResourceQuotaDefaults = KubernetesResourceQuotaDefaults;
 
-    this.onInit = this.onInit.bind(this);
-    this.createResourceQuotaAsync = this.createResourceQuotaAsync.bind(this);
     this.updateResourcePoolAsync = this.updateResourcePoolAsync.bind(this);
     this.getEvents = this.getEvents.bind(this);
-    this.getApplications = this.getApplications.bind(this);
-    this.getIngresses = this.getIngresses.bind(this);
   }
   /* #endregion */
 
@@ -159,15 +158,6 @@ class KubernetesResourcePoolController {
     this.selectTab(2);
   }
 
-  async createResourceQuotaAsync(namespace, owner, cpuLimit, memoryLimit) {
-    const quota = new KubernetesResourceQuota(namespace);
-    quota.CpuLimit = cpuLimit;
-    quota.MemoryLimit = memoryLimit;
-    quota.ResourcePoolName = namespace;
-    quota.ResourcePoolOwner = owner;
-    await this.KubernetesResourceQuotaService.create(quota);
-  }
-
   hasResourceQuotaBeenReduced() {
     if (this.formValues.HasQuota && this.oldQuota) {
       const cpuLimit = this.formValues.CpuLimit;
@@ -285,88 +275,111 @@ class KubernetesResourcePoolController {
   }
   /* #endregion */
 
+  /* #region  GET REGISTRIES */
+  getRegistries() {
+    return this.$async(async () => {
+      try {
+        this.registries = await this.RegistryService.registries();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registries');
+      }
+    });
+  }
+  /* #endregion */
+
   /* #region  ON INIT */
-  async onInit() {
-    try {
-      const endpoint = this.EndpointProvider.currentEndpoint();
-      this.endpoint = endpoint;
-      this.isAdmin = this.Authentication.isAdmin();
+  $onInit() {
+    return this.$async(async () => {
+      try {
+        const endpoint = this.EndpointProvider.currentEndpoint();
+        this.endpoint = endpoint;
+        this.isAdmin = this.Authentication.isAdmin();
 
-      this.state = {
-        actionInProgress: false,
-        sliderMaxMemory: 0,
-        sliderMaxCpu: 0,
-        cpuUsage: 0,
-        cpuUsed: 0,
-        memoryUsage: 0,
-        memoryUsed: 0,
-        activeTab: 0,
-        currentName: this.$state.$current.name,
-        showEditorTab: false,
-        eventsLoading: true,
-        applicationsLoading: true,
-        ingressesLoading: true,
-        viewReady: false,
-        eventWarningCount: 0,
-        canUseIngress: endpoint.Kubernetes.Configuration.IngressClasses.length,
-        duplicates: {
-          ingressHosts: new KubernetesFormValidationReferences(),
-        },
-      };
+        this.state = {
+          actionInProgress: false,
+          sliderMaxMemory: 0,
+          sliderMaxCpu: 0,
+          cpuUsage: 0,
+          cpuUsed: 0,
+          memoryUsage: 0,
+          memoryUsed: 0,
+          activeTab: 0,
+          currentName: this.$state.$current.name,
+          showEditorTab: false,
+          eventsLoading: true,
+          applicationsLoading: true,
+          ingressesLoading: true,
+          viewReady: false,
+          eventWarningCount: 0,
+          canUseIngress: endpoint.Kubernetes.Configuration.IngressClasses.length,
+          duplicates: {
+            ingressHosts: new KubernetesFormValidationReferences(),
+          },
+        };
 
-      this.state.activeTab = this.LocalStorage.getActiveTab('resourcePool');
+        this.state.activeTab = this.LocalStorage.getActiveTab('resourcePool');
 
-      const name = this.$transition$.params().id;
+        const name = this.$state.params.id;
 
-      const [nodes, pools] = await Promise.all([this.KubernetesNodeService.get(), this.KubernetesResourcePoolService.get()]);
+        const [nodes, pools] = await Promise.all([this.KubernetesNodeService.get(), this.KubernetesResourcePoolService.get()]);
 
-      this.pool = _.find(pools, { Namespace: { Name: name } });
-      this.formValues = new KubernetesResourcePoolFormValues(KubernetesResourceQuotaDefaults);
-      this.formValues.Name = this.pool.Namespace.Name;
+        this.pool = _.find(pools, { Namespace: { Name: name } });
+        this.formValues = new KubernetesResourcePoolFormValues(KubernetesResourceQuotaDefaults);
+        this.formValues.Name = this.pool.Namespace.Name;
+        this.formValues.EndpointId = this.endpoint.Id;
 
-      _.forEach(nodes, (item) => {
-        this.state.sliderMaxMemory += filesizeParser(item.Memory);
-        this.state.sliderMaxCpu += item.CPU;
-      });
-      this.state.sliderMaxMemory = KubernetesResourceReservationHelper.megaBytesValue(this.state.sliderMaxMemory);
+        _.forEach(nodes, (item) => {
+          this.state.sliderMaxMemory += filesizeParser(item.Memory);
+          this.state.sliderMaxCpu += item.CPU;
+        });
+        this.state.sliderMaxMemory = KubernetesResourceReservationHelper.megaBytesValue(this.state.sliderMaxMemory);
 
-      const quota = this.pool.Quota;
-      if (quota) {
-        this.oldQuota = angular.copy(quota);
-        this.formValues = KubernetesResourceQuotaConverter.quotaToResourcePoolFormValues(quota);
-        this.state.cpuUsed = quota.CpuLimitUsed;
-        this.state.memoryUsed = KubernetesResourceReservationHelper.megaBytesValue(quota.MemoryLimitUsed);
-      }
+        const quota = this.pool.Quota;
+        if (quota) {
+          this.oldQuota = angular.copy(quota);
+          this.formValues = KubernetesResourceQuotaConverter.quotaToResourcePoolFormValues(quota);
+          this.formValues.EndpointId = this.endpoint.Id;
 
-      this.isEditable = !this.KubernetesNamespaceHelper.isSystemNamespace(this.pool.Namespace.Name);
-      if (this.pool.Namespace.Name === 'default') {
-        this.isEditable = false;
-      }
+          this.state.cpuUsed = quota.CpuLimitUsed;
+          this.state.memoryUsed = KubernetesResourceReservationHelper.megaBytesValue(quota.MemoryLimitUsed);
+        }
 
-      await this.getEvents();
-      await this.getApplications();
+        this.isEditable = !this.KubernetesNamespaceHelper.isSystemNamespace(this.pool.Namespace.Name);
+        if (this.pool.Namespace.Name === 'default') {
+          this.isEditable = false;
+        }
 
-      if (this.state.canUseIngress) {
-        await this.getIngresses();
-        const ingressClasses = endpoint.Kubernetes.Configuration.IngressClasses;
-        this.formValues.IngressClasses = KubernetesIngressConverter.ingressClassesToFormValues(ingressClasses, this.ingresses);
-        _.forEach(this.formValues.IngressClasses, (ic) => {
-          if (ic.Hosts.length === 0) {
-            ic.Hosts.push(new KubernetesResourcePoolIngressClassHostFormValue());
+        await this.getEvents();
+        await this.getApplications();
+
+        if (this.state.canUseIngress) {
+          await this.getIngresses();
+          const ingressClasses = endpoint.Kubernetes.Configuration.IngressClasses;
+          this.formValues.IngressClasses = KubernetesIngressConverter.ingressClassesToFormValues(ingressClasses, this.ingresses);
+          _.forEach(this.formValues.IngressClasses, (ic) => {
+            if (ic.Hosts.length === 0) {
+              ic.Hosts.push(new KubernetesResourcePoolIngressClassHostFormValue());
+            }
+          });
+        }
+
+        await this.getRegistries();
+        _.forEach(this.registries, (reg) => {
+          if (reg.RegistryAccesses && reg.RegistryAccesses[this.endpoint.Id] && reg.RegistryAccesses[this.endpoint.Id].Namespaces.includes(name)) {
+            reg.Checked = true;
+            this.formValues.Registries.push(reg);
           }
         });
+
+        this.savedFormValues = angular.copy(this.formValues);
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to load view data');
+      } finally {
+        this.state.viewReady = true;
       }
-      this.savedFormValues = angular.copy(this.formValues);
-    } catch (err) {
-      this.Notifications.error('Failure', err, 'Unable to load view data');
-    } finally {
-      this.state.viewReady = true;
-    }
+    });
   }
 
-  $onInit() {
-    return this.$async(this.onInit);
-  }
   /* #endregion */
 
   $onDestroy() {
diff --git a/app/portainer/__module.js b/app/portainer/__module.js
index b8f01310c..a6f501325 100644
--- a/app/portainer/__module.js
+++ b/app/portainer/__module.js
@@ -293,24 +293,12 @@ angular.module('portainer.app', ['portainer.oauth']).config([
       },
     };
 
-    var registryCreation = {
+    const registryCreation = {
       name: 'portainer.registries.new',
       url: '/new',
       views: {
         'content@': {
-          templateUrl: './views/registries/create/createregistry.html',
-          controller: 'CreateRegistryController',
-        },
-      },
-    };
-
-    var registryAccess = {
-      name: 'portainer.registries.registry.access',
-      url: '/access',
-      views: {
-        'content@': {
-          templateUrl: './views/registries/access/registryAccess.html',
-          controller: 'RegistryAccessController',
+          component: 'createRegistry',
         },
       },
     };
@@ -423,7 +411,6 @@ angular.module('portainer.app', ['portainer.oauth']).config([
     $stateRegistryProvider.register(initAdmin);
     $stateRegistryProvider.register(registries);
     $stateRegistryProvider.register(registry);
-    $stateRegistryProvider.register(registryAccess);
     $stateRegistryProvider.register(registryCreation);
     $stateRegistryProvider.register(settings);
     $stateRegistryProvider.register(settingsAuthentication);
diff --git a/app/portainer/components/accessManagement/por-access-management.js b/app/portainer/components/accessManagement/por-access-management.js
index 491f795c0..c2df140ff 100644
--- a/app/portainer/components/accessManagement/por-access-management.js
+++ b/app/portainer/components/accessManagement/por-access-management.js
@@ -3,6 +3,7 @@ angular.module('portainer.app').component('porAccessManagement', {
   controller: 'porAccessManagementController',
   controllerAs: 'ctrl',
   bindings: {
+    endpoint: '<',
     accessControlledEntity: '<',
     inheritFrom: '<',
     entityType: '@',
diff --git a/app/portainer/components/accessManagement/porAccessManagementController.js b/app/portainer/components/accessManagement/porAccessManagementController.js
index 460c302d9..93e8ed5a6 100644
--- a/app/portainer/components/accessManagement/porAccessManagementController.js
+++ b/app/portainer/components/accessManagement/porAccessManagementController.js
@@ -1,6 +1,7 @@
 import _ from 'lodash-es';
 
 import angular from 'angular';
+import { TeamAccessViewModel, UserAccessViewModel } from 'Portainer/models/access';
 
 class PorAccessManagementController {
   /* @ngInject */
@@ -55,6 +56,20 @@ class PorAccessManagementController {
       const parent = this.inheritFrom;
 
       const data = await this.AccessService.accesses(entity, parent, this.roles);
+      if (this.entityType === 'registry' && this.endpoint) {
+        const endpointUsers = this.endpoint.UserAccessPolicies;
+        const endpointTeams = this.endpoint.TeamAccessPolicies;
+        data.availableUsersAndTeams = _.filter(data.availableUsersAndTeams, (userOrTeam) => {
+          const userRole = userOrTeam instanceof UserAccessViewModel && endpointUsers[userOrTeam.Id];
+          const teamRole = userOrTeam instanceof TeamAccessViewModel && endpointTeams[userOrTeam.Id];
+          if (!userRole && !teamRole) {
+            return false;
+          }
+          const roleId = (userRole && userRole.RoleId) || (teamRole && teamRole.RoleId);
+          const role = _.find(this.roles, { Id: roleId });
+          return role && (role.Authorizations['DockerImageCreate'] || role.Authorizations['DockerImagePush']) && !role.Authorizations['EndpointResourcesAccess'];
+        });
+      }
       this.availableUsersAndTeams = _.orderBy(data.availableUsersAndTeams, 'Name', 'asc');
       this.authorizedUsersAndTeams = data.authorizedUsersAndTeams;
     } catch (err) {
diff --git a/app/portainer/components/datatables/registries-datatable/registriesDatatable.html b/app/portainer/components/datatables/registries-datatable/registriesDatatable.html
index 697e7fd47..ce7ff1503 100644
--- a/app/portainer/components/datatables/registries-datatable/registriesDatatable.html
+++ b/app/portainer/components/datatables/registries-datatable/registriesDatatable.html
@@ -4,8 +4,14 @@
       <div class="toolBar">
         <div class="toolBarTitle"> <i class="fa" ng-class="$ctrl.titleIcon" aria-hidden="true" style="margin-right: 2px;"></i> {{ $ctrl.titleText }} </div>
       </div>
-      <div class="actionBar" ng-if="$ctrl.accessManagement">
-        <button type="button" class="btn btn-sm btn-danger" ng-disabled="$ctrl.state.selectedItemCount === 0" ng-click="$ctrl.removeAction($ctrl.state.selectedItems)">
+      <div class="actionBar" ng-if="$ctrl.isAdmin">
+        <button
+          ng-if="!$ctrl.endpointType"
+          type="button"
+          class="btn btn-sm btn-danger"
+          ng-disabled="$ctrl.state.selectedItemCount === 0"
+          ng-click="$ctrl.removeAction($ctrl.state.selectedItems)"
+        >
           <i class="fa fa-trash-alt space-right" aria-hidden="true"></i>Remove
         </button>
         <button type="button" class="btn btn-sm btn-primary" ui-sref="portainer.registries.new"> <i class="fa fa-plus space-right" aria-hidden="true"></i>Add registry </button>
@@ -27,7 +33,7 @@
           <thead>
             <tr>
               <th>
-                <span class="md-checkbox" ng-if="$ctrl.accessManagement">
+                <span class="md-checkbox" ng-if="$ctrl.isAdmin && !$ctrl.endpointType">
                   <input id="select_all" type="checkbox" ng-model="$ctrl.state.selectAll" ng-change="$ctrl.selectAll()" />
                   <label for="select_all"></label>
                 </span>
@@ -53,22 +59,29 @@
               ng-class="{ active: item.Checked }"
             >
               <td>
-                <span class="md-checkbox" ng-if="$ctrl.accessManagement">
-                  <input id="select_{{ $index }}" type="checkbox" ng-model="item.Checked" ng-click="$ctrl.selectItem(item, $event)" />
+                <span class="md-checkbox" ng-if="$ctrl.isAdmin && !ĉtrl.endpointType">
+                  <input id="select_{{ $index }}" type="checkbox" ng-model="item.Checked" ng-click="$ctrl.selectItem(item, $event)" ng-disabled="!$ctrl.allowSelection(item)" />
                   <label for="select_{{ $index }}"></label>
                 </span>
-                <a ui-sref="portainer.registries.registry({id: item.Id})" ng-if="$ctrl.accessManagement">{{ item.Name }}</a>
-                <span ng-if="!$ctrl.accessManagement">{{ item.Name }}</span>
+                <a ui-sref="portainer.registries.registry({id: item.Id})" ng-if="$ctrl.enableGoToLink(item)">{{ item.Name }}</a>
+                <span ng-if="!$ctrl.enableGoToLink(item)">{{ item.Name }}</span>
                 <span ng-if="item.Authentication" style="margin-left: 5px;" class="label label-info image-tag">authentication-enabled</span>
               </td>
               <td>
                 {{ item.URL }}
               </td>
               <td>
-                <a ui-sref="portainer.registries.registry.access({id: item.Id})" ng-if="$ctrl.accessManagement"> <i class="fa fa-users" aria-hidden="true"></i> Manage access </a>
-                <span class="text-muted space-left" style="cursor: pointer;" data-toggle="tooltip" title="This feature is available in Portainer Business Edition">
+                <a ng-if="$ctrl.canManageAccess(item)" ng-click="$ctrl.redirectToManageAccess(item)"> <i class="fa fa-users" aria-hidden="true"></i> Manage access </a>
+                <span
+                  ng-if="$ctrl.canBrowse(item)"
+                  class="text-muted space-left"
+                  style="cursor: pointer;"
+                  data-toggle="tooltip"
+                  title="This feature is available in Portainer Business Edition"
+                >
                   <i class="fa fa-search" aria-hidden="true"></i> Browse</span
                 >
+                <span ng-if="!$ctrl.canBrowse(item) && !$ctrl.canManageAccess(item)"> - </span>
               </td>
             </tr>
             <tr ng-if="!$ctrl.dataset">
diff --git a/app/portainer/components/datatables/registries-datatable/registriesDatatable.js b/app/portainer/components/datatables/registries-datatable/registriesDatatable.js
index f4df3c5a8..e5acb6907 100644
--- a/app/portainer/components/datatables/registries-datatable/registriesDatatable.js
+++ b/app/portainer/components/datatables/registries-datatable/registriesDatatable.js
@@ -1,6 +1,6 @@
 angular.module('portainer.app').component('registriesDatatable', {
   templateUrl: './registriesDatatable.html',
-  controller: 'GenericDatatableController',
+  controller: 'RegistriesDatatableController',
   bindings: {
     titleText: '@',
     titleIcon: '@',
@@ -8,8 +8,9 @@ angular.module('portainer.app').component('registriesDatatable', {
     tableKey: '@',
     orderBy: '@',
     reverseOrder: '<',
-    accessManagement: '<',
     removeAction: '<',
     canBrowse: '<',
+    endpointType: '<',
+    canManageAccess: '<',
   },
 });
diff --git a/app/portainer/components/datatables/registries-datatable/registriesDatatableController.js b/app/portainer/components/datatables/registries-datatable/registriesDatatableController.js
new file mode 100644
index 000000000..1b2f86e35
--- /dev/null
+++ b/app/portainer/components/datatables/registries-datatable/registriesDatatableController.js
@@ -0,0 +1,85 @@
+import { PortainerEndpointTypes } from 'Portainer/models/endpoint/models';
+
+angular.module('portainer.docker').controller('RegistriesDatatableController', RegistriesDatatableController);
+
+/* @ngInject */
+function RegistriesDatatableController($scope, $controller, $state, Authentication, DatatableService) {
+  angular.extend(this, $controller('GenericDatatableController', { $scope: $scope }));
+
+  this.allowSelection = function (item) {
+    return item.Id;
+  };
+
+  this.enableGoToLink = (item) => {
+    return this.isAdmin && item.Id && !this.endpointType;
+  };
+
+  this.goToRegistry = function (item) {
+    if (
+      this.endpointType === PortainerEndpointTypes.KubernetesLocalEnvironment ||
+      this.endpointType === PortainerEndpointTypes.AgentOnKubernetesEnvironment ||
+      this.endpointType === PortainerEndpointTypes.EdgeAgentOnKubernetesEnvironment
+    ) {
+      $state.go('kubernetes.registries.registry', { id: item.Id });
+    } else if (
+      this.endpointType === PortainerEndpointTypes.DockerEnvironment ||
+      this.endpointType === PortainerEndpointTypes.AgentOnDockerEnvironment ||
+      this.endpointType === PortainerEndpointTypes.EdgeAgentOnDockerEnvironment
+    ) {
+      $state.go('docker.registries.registry', { id: item.Id });
+    } else {
+      $state.go('portainer.registries.registry', { id: item.Id });
+    }
+  };
+
+  this.redirectToManageAccess = function (item) {
+    if (
+      this.endpointType === PortainerEndpointTypes.KubernetesLocalEnvironment ||
+      this.endpointType === PortainerEndpointTypes.AgentOnKubernetesEnvironment ||
+      this.endpointType === PortainerEndpointTypes.EdgeAgentOnKubernetesEnvironment
+    ) {
+      $state.go('kubernetes.registries.access', { id: item.Id });
+    } else {
+      $state.go('docker.registries.access', { id: item.Id });
+    }
+  };
+
+  this.$onInit = function () {
+    this.isAdmin = Authentication.isAdmin();
+    this.setDefaults();
+    this.prepareTableFromDataset();
+
+    this.state.orderBy = this.orderBy;
+    var storedOrder = DatatableService.getDataTableOrder(this.tableKey);
+    if (storedOrder !== null) {
+      this.state.reverseOrder = storedOrder.reverse;
+      this.state.orderBy = storedOrder.orderBy;
+    }
+
+    var textFilter = DatatableService.getDataTableTextFilters(this.tableKey);
+    if (textFilter !== null) {
+      this.state.textFilter = textFilter;
+      this.onTextFilterChange();
+    }
+
+    var storedFilters = DatatableService.getDataTableFilters(this.tableKey);
+    if (storedFilters !== null) {
+      this.filters = storedFilters;
+    }
+    if (this.filters && this.filters.state) {
+      this.filters.state.open = false;
+    }
+
+    var storedSettings = DatatableService.getDataTableSettings(this.tableKey);
+    if (storedSettings !== null) {
+      this.settings = storedSettings;
+      this.settings.open = false;
+    }
+    this.onSettingsRepeaterChange();
+
+    var storedColumnVisibility = DatatableService.getColumnVisibilitySettings(this.tableKey);
+    if (storedColumnVisibility !== null) {
+      this.columnVisibility = storedColumnVisibility;
+    }
+  };
+}
diff --git a/app/portainer/components/datatables/strings-datatable/index.js b/app/portainer/components/datatables/strings-datatable/index.js
new file mode 100644
index 000000000..dda9fa5fd
--- /dev/null
+++ b/app/portainer/components/datatables/strings-datatable/index.js
@@ -0,0 +1,20 @@
+import angular from 'angular';
+// import controller from './strings-datatable.controller.js';
+
+export const stringsDatatable = {
+  templateUrl: './strings-datatable.html',
+  controller: 'GenericDatatableController',
+  bindings: {
+    titleText: '@',
+    titleIcon: '@',
+    dataset: '<',
+    emptyDatasetMessage: '@',
+
+    columnHeader: '@',
+    tableKey: '@',
+
+    onRemove: '<',
+  },
+};
+
+angular.module('portainer.app').component('stringsDatatable', stringsDatatable);
diff --git a/app/portainer/components/datatables/strings-datatable/strings-datatable.html b/app/portainer/components/datatables/strings-datatable/strings-datatable.html
new file mode 100644
index 000000000..0b6faf0ec
--- /dev/null
+++ b/app/portainer/components/datatables/strings-datatable/strings-datatable.html
@@ -0,0 +1,65 @@
+<div class="datatable">
+  <rd-widget>
+    <rd-widget-header icon="{{ $ctrl.titleIcon }}" title-text="{{ $ctrl.titleText }}"> </rd-widget-header>
+    <rd-widget-body classes="no-padding">
+      <div class="actionBar">
+        <button type="button" class="btn btn-sm btn-danger" ng-disabled="$ctrl.state.selectedItemCount === 0" ng-click="$ctrl.onRemove($ctrl.state.selectedItems)">
+          <i class="fa fa-trash-alt space-right" aria-hidden="true"></i>Remove
+        </button>
+      </div>
+      <div class="searchBar">
+        <i class="fa fa-search searchIcon" aria-hidden="true"></i>
+        <input
+          type="text"
+          class="searchInput"
+          ng-model="$ctrl.state.textFilter"
+          ng-change="$ctrl.onTextFilterChange()"
+          placeholder="Search..."
+          ng-model-options="{ debounce: 300 }"
+        />
+      </div>
+      <div class="table-responsive">
+        <table class="table table-hover nowrap-cells">
+          <thead>
+            <tr>
+              <th>
+                <span class="md-checkbox">
+                  <input id="select_all" type="checkbox" ng-model="$ctrl.state.selectAll" ng-change="$ctrl.selectAll()" />
+                  <label for="select_all"></label>
+                </span>
+                <a ng-click="$ctrl.changeOrderBy('Name')">
+                  {{ $ctrl.columnHeader }}
+                  <i class="fa fa-sort-alpha-down" aria-hidden="true" ng-if="$ctrl.state.orderBy === 'Name' && !$ctrl.state.reverseOrder"></i>
+                  <i class="fa fa-sort-alpha-up" aria-hidden="true" ng-if="$ctrl.state.orderBy === 'Name' && $ctrl.state.reverseOrder"></i>
+                </a>
+              </th>
+            </tr>
+          </thead>
+          <tbody>
+            <tr
+              dir-paginate="item in ($ctrl.state.filteredDataSet = ($ctrl.dataset | filter:$ctrl.state.textFilter | orderBy:$ctrl.state.orderBy:$ctrl.state.reverseOrder | itemsPerPage: $ctrl.state.paginatedItemLimit)) track by $index"
+              ng-class="{ active: $ctrl.state.selectedItems.includes(item) }"
+            >
+              <td>
+                <span class="md-checkbox">
+                  <input
+                    id="select_{{ $index }}"
+                    type="checkbox"
+                    ng-checked="$ctrl.state.selectedItems.includes(item)"
+                    ng-disabled="$ctrl.disableRemove(item)"
+                    ng-click="$ctrl.selectItem(item, $event)"
+                  />
+                  <label for="select_{{ $index }}"></label>
+                </span>
+                {{ item.value }}
+              </td>
+            </tr>
+            <tr ng-if="$ctrl.state.filteredDataSet.length === 0">
+              <td class="text-center text-muted">{{ $ctrl.emptyDatasetMessage }}</td>
+            </tr>
+          </tbody>
+        </table>
+      </div>
+    </rd-widget-body>
+  </rd-widget>
+</div>
diff --git a/app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.html b/app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.html
new file mode 100644
index 000000000..ddf26592e
--- /dev/null
+++ b/app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.html
@@ -0,0 +1,64 @@
+<form class="form-horizontal" name="registryFormDockerhub" ng-submit="$ctrl.formAction()">
+  <div class="col-sm-12 form-section-title">
+    DockerHub account details
+  </div>
+  <!-- name-input -->
+  <div class="form-group">
+    <label for="registry_name" class="col-sm-3 col-lg-2 control-label text-left">Name</label>
+    <div class="col-sm-9 col-lg-10">
+      <input type="text" class="form-control" id="registry_name" name="registry_name" ng-model="$ctrl.model.Name" placeholder="dockerhub-prod-us" required />
+    </div>
+  </div>
+  <div class="form-group" ng-show="registryFormDockerhub.registry_name.$invalid">
+    <div class="col-sm-12 small text-warning">
+      <div ng-messages="registryFormDockerhub.registry_name.$error">
+        <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
+      </div>
+    </div>
+  </div>
+  <!-- !name-input -->
+  <!-- credentials-user -->
+  <div class="form-group">
+    <label for="registry_username" class="col-sm-3 col-lg-2 control-label text-left">DockerHub username</label>
+    <div class="col-sm-9 col-lg-10">
+      <input type="text" class="form-control" id="registry_username" name="registry_username" ng-model="$ctrl.model.Username" required />
+    </div>
+  </div>
+  <div class="form-group" ng-show="registryFormDockerhub.registry_username.$invalid">
+    <div class="col-sm-12 small text-warning">
+      <div ng-messages="registryFormDockerhub.registry_username.$error">
+        <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
+      </div>
+    </div>
+  </div>
+  <!-- !credentials-user -->
+  <!-- credentials-password -->
+  <div class="form-group">
+    <label for="registry_password" class="col-sm-3 col-lg-2 control-label text-left">DockerHub password</label>
+    <div class="col-sm-9 col-lg-10">
+      <input type="password" class="form-control" id="registry_password" name="registry_password" ng-model="$ctrl.model.Password" required />
+    </div>
+  </div>
+  <div class="form-group" ng-show="registryFormDockerhub.registry_password.$invalid">
+    <div class="col-sm-12 small text-warning">
+      <div ng-messages="registryFormDockerhub.registry_password.$error">
+        <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
+      </div>
+    </div>
+  </div>
+  <!-- !credentials-password -->
+
+  <!-- actions -->
+  <div class="col-sm-12 form-section-title">
+    Actions
+  </div>
+  <div class="form-group">
+    <div class="col-sm-12">
+      <button type="submit" class="btn btn-primary btn-sm" ng-disabled="$ctrl.actionInProgress || !registryFormDockerhub.$valid" button-spinner="$ctrl.actionInProgress">
+        <span ng-hide="$ctrl.actionInProgress">{{ $ctrl.formActionLabel }}</span>
+        <span ng-show="$ctrl.actionInProgress">In progress...</span>
+      </button>
+    </div>
+  </div>
+  <!-- !actions -->
+</form>
diff --git a/app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.js b/app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.js
new file mode 100644
index 000000000..adf60fcd5
--- /dev/null
+++ b/app/portainer/components/forms/registry-form-dockerhub/registry-form-dockerhub.js
@@ -0,0 +1,9 @@
+angular.module('portainer.app').component('registryFormDockerhub', {
+  templateUrl: './registry-form-dockerhub.html',
+  bindings: {
+    model: '=',
+    formAction: '<',
+    formActionLabel: '@',
+    actionInProgress: '<',
+  },
+});
diff --git a/app/portainer/components/forms/template-form/template-form.js b/app/portainer/components/forms/template-form/template-form.js
deleted file mode 100644
index 8aacd5839..000000000
--- a/app/portainer/components/forms/template-form/template-form.js
+++ /dev/null
@@ -1,13 +0,0 @@
-angular.module('portainer.app').component('templateForm', {
-  templateUrl: './templateForm.html',
-  controller: 'TemplateFormController',
-  bindings: {
-    model: '=',
-    categories: '<',
-    networks: '<',
-    formAction: '<',
-    formActionLabel: '@',
-    actionInProgress: '<',
-    showTypeSelector: '<',
-  },
-});
diff --git a/app/portainer/components/forms/template-form/templateForm.html b/app/portainer/components/forms/template-form/templateForm.html
deleted file mode 100644
index 12bff3e7b..000000000
--- a/app/portainer/components/forms/template-form/templateForm.html
+++ /dev/null
@@ -1,580 +0,0 @@
-<form class="form-horizontal" name="templateForm">
-  <!-- title-input -->
-  <div class="form-group" ng-class="{ 'has-error': templateForm.template_title.$invalid }">
-    <label for="template_title" class="col-sm-3 col-lg-2 control-label text-left">Title</label>
-    <div class="col-sm-9 col-lg-10">
-      <input type="text" class="form-control" name="template_title" ng-model="$ctrl.model.Title" placeholder="e.g. my-template" required auto-focus />
-    </div>
-  </div>
-  <div class="form-group" ng-show="templateForm.template_title.$invalid">
-    <div class="col-sm-12 small text-warning">
-      <div ng-messages="templateForm.template_title.$error">
-        <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
-      </div>
-    </div>
-  </div>
-  <!-- !title-input -->
-  <!-- description-input -->
-  <div class="form-group" ng-class="{ 'has-error': templateForm.template_description.$invalid }">
-    <label for="template_description" class="col-sm-3 col-lg-2 control-label text-left">Description</label>
-    <div class="col-sm-9 col-lg-10">
-      <input type="text" class="form-control" name="template_description" ng-model="$ctrl.model.Description" placeholder="e.g. template description..." required />
-    </div>
-  </div>
-  <div class="form-group" ng-show="templateForm.template_description.$invalid">
-    <div class="col-sm-12 small text-warning">
-      <div ng-messages="templateForm.template_description.$error">
-        <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
-      </div>
-    </div>
-  </div>
-  <!-- !description-input -->
-  <div class="col-sm-12 form-section-title interactive" ng-click="$ctrl.state.collapseTemplate = !$ctrl.state.collapseTemplate">
-    Template
-    <span class="small space-left">
-      <a ng-if="$ctrl.state.collapseTemplate"><i class="fa fa-plus" aria-hidden="true"></i> expand</a>
-      <a ng-if="!$ctrl.state.collapseTemplate"><i class="fa fa-minus" aria-hidden="true"></i> collapse</a>
-    </span>
-  </div>
-  <!-- template-details -->
-  <div uib-collapse="$ctrl.state.collapseTemplate">
-    <div ng-if="$ctrl.showTypeSelector">
-      <div class="form-group"></div>
-      <div class="form-group" style="margin-bottom: 0;">
-        <div class="boxselector_wrapper">
-          <div>
-            <input type="radio" id="template_container" ng-model="$ctrl.model.Type" ng-value="1" />
-            <label for="template_container">
-              <div class="boxselector_header">
-                <i class="fa fa-cubes" aria-hidden="true" style="margin-right: 2px;"></i>
-                Container
-              </div>
-              <p>Container template</p>
-            </label>
-          </div>
-          <div>
-            <input type="radio" id="template_swarm_stack" ng-model="$ctrl.model.Type" ng-value="2" />
-            <label for="template_swarm_stack">
-              <div class="boxselector_header">
-                <i class="fa fa-th-list" aria-hidden="true" style="margin-right: 2px;"></i>
-                Swarm stack
-              </div>
-              <p>Stack template (Swarm)</p>
-            </label>
-          </div>
-          <div>
-            <input type="radio" id="template_compose_stack" ng-model="$ctrl.model.Type" ng-value="3" />
-            <label for="template_compose_stack">
-              <div class="boxselector_header">
-                <i class="fa fa-th-list" aria-hidden="true" style="margin-right: 2px;"></i>
-                Compose stack
-              </div>
-              <p>Stack template (Compose)</p>
-            </label>
-          </div>
-        </div>
-      </div>
-    </div>
-
-    <!-- name -->
-    <div class="form-group">
-      <label for="template_name" class="col-sm-3 col-lg-2 control-label text-left">
-        Name
-        <portainer-tooltip position="bottom" message="Default name that will be associated to the template"></portainer-tooltip>
-      </label>
-      <div class="col-sm-9 col-lg-10">
-        <input type="text" class="form-control" name="template_name" ng-model="$ctrl.model.Name" placeholder="e.g. myApp" />
-      </div>
-    </div>
-    <!-- !name -->
-    <!-- logo -->
-    <div class="form-group">
-      <label for="template_logo" class="col-sm-3 col-lg-2 control-label text-left">
-        Logo URL
-        <portainer-tooltip position="bottom" message="Recommended size: 60x60"></portainer-tooltip>
-      </label>
-      <div class="col-sm-9 col-lg-10">
-        <input type="text" class="form-control" name="template_logo" ng-model="$ctrl.model.Logo" placeholder="e.g. https://portainer.io/images/logos/nginx.png" />
-      </div>
-    </div>
-    <!-- !logo -->
-    <!-- note -->
-    <div class="form-group">
-      <label for="template_note" class="col-sm-3 col-lg-2 control-label text-left">
-        Note
-        <portainer-tooltip position="bottom" message="Usage/extra information about the template. Supports HTML."></portainer-tooltip>
-      </label>
-      <div class="col-sm-9 col-lg-10">
-        <textarea
-          class="form-control"
-          name="template_note"
-          ng-model="$ctrl.model.Note"
-          placeholder="You can use this field to specify extra information. <br/> It supports <b>HTML</b>."
-        ></textarea>
-      </div>
-    </div>
-    <!-- !note -->
-    <!-- platform -->
-    <div class="form-group">
-      <label for="template_platform" class="col-sm-3 col-lg-2 control-label text-left">
-        Platform
-      </label>
-      <div class="col-sm-9 col-lg-10">
-        <select class="form-control" name="template_platform" ng-model="$ctrl.model.Platform">
-          <option value="">Multi-platform</option>
-          <option value="linux">Linux</option>
-          <option value="windows">Windows</option>
-        </select>
-      </div>
-    </div>
-    <!-- !platform -->
-    <!-- categories -->
-    <div class="form-group">
-      <label for="template_categories" class="col-sm-3 col-lg-2 control-label text-left">
-        Categories
-      </label>
-      <div class="col-sm-9 col-lg-10">
-        <ui-select multiple tagging tagging-label="(new category)" ng-model="$ctrl.model.Categories" sortable="true" style="width: 300px;" title="Choose a category">
-          <ui-select-match placeholder="Select categories...">{{ $item }}</ui-select-match>
-          <ui-select-choices repeat="category in $ctrl.categories | filter:$select.search">
-            {{ category }}
-          </ui-select-choices>
-        </ui-select>
-      </div>
-    </div>
-    <!-- !categories -->
-    <!-- administrator-only -->
-    <div class="form-group">
-      <div class="col-sm-12">
-        <label for="tls" class="control-label text-left">
-          Administrator template
-          <portainer-tooltip position="bottom" message="This template will only be available to administrator users."></portainer-tooltip>
-        </label>
-        <label class="switch" style="margin-left: 20px;"> <input type="checkbox" ng-model="$ctrl.model.AdministratorOnly" /><i></i> </label>
-      </div>
-    </div>
-    <!-- administrator-only -->
-  </div>
-  <!-- !template-details -->
-  <div ng-if="$ctrl.model.Type === 2 || $ctrl.model.Type === 3">
-    <div class="col-sm-12 form-section-title interactive" ng-click="$ctrl.state.collapseStack = !$ctrl.state.collapseStack">
-      Stack
-      <span class="small space-left">
-        <a ng-if="$ctrl.state.collapseStack"><i class="fa fa-plus" aria-hidden="true"></i> expand</a>
-        <a ng-if="!$ctrl.state.collapseStack"><i class="fa fa-minus" aria-hidden="true"></i> collapse</a>
-      </span>
-    </div>
-    <!-- stack-details -->
-    <div uib-collapse="$ctrl.state.collapseStack">
-      <!-- repository-url -->
-      <div class="form-group" ng-class="{ 'has-error': templateForm.template_repository_url.$invalid }">
-        <label for="template_repository_url" class="col-sm-3 col-lg-2 control-label text-left">Repository URL</label>
-        <div class="col-sm-9 col-lg-10">
-          <input
-            type="text"
-            class="form-control"
-            name="template_repository_url"
-            ng-model="$ctrl.model.Repository.url"
-            placeholder="https://github.com/portainer/portainer-compose"
-            required
-          />
-        </div>
-      </div>
-      <div class="form-group" ng-show="templateForm.template_repository_url.$invalid">
-        <div class="col-sm-12 small text-warning">
-          <div ng-messages="templateForm.template_repository_url.$error">
-            <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> This field is required.</p>
-          </div>
-        </div>
-      </div>
-      <!-- !repository-url -->
-      <!-- composefile-path -->
-      <div class="form-group">
-        <label for="template_repository_path" class="col-sm-3 col-lg-2 control-label text-left">
-          Compose file path
-        </label>
-        <div class="col-sm-9 col-lg-10">
-          <input type="text" class="form-control" name="template_repository_path" ng-model="$ctrl.model.Repository.stackfile" placeholder="docker-compose.yml" />
-        </div>
-      </div>
-      <!-- !composefile-path -->
-    </div>
-    <!-- !stack-details -->
-  </div>
-  <div ng-if="$ctrl.model.Type === 1">
-    <div class="col-sm-12 form-section-title interactive" ng-click="$ctrl.state.collapseContainer = !$ctrl.state.collapseContainer">
-      Container
-      <span class="small space-left">
-        <a ng-if="$ctrl.state.collapseContainer"><i class="fa fa-plus" aria-hidden="true"></i> expand</a>
-        <a ng-if="!$ctrl.state.collapseContainer"><i class="fa fa-minus" aria-hidden="true"></i> collapse</a>
-      </span>
-    </div>
-    <!-- container-details -->
-    <div uib-collapse="$ctrl.state.collapseContainer">
-      <por-image-registry model="$ctrl.model.RegistryModel" auto-complete="true" label-class="col-sm-1" input-class="col-sm-11"></por-image-registry>
-      <!-- command -->
-      <div class="form-group">
-        <label for="template_command" class="col-sm-3 col-lg-2 control-label text-left">
-          Command
-          <portainer-tooltip
-            position="bottom"
-            message="The command to run in the container. If not specified, the container will use the default command specified in its Dockerfile."
-          ></portainer-tooltip>
-        </label>
-        <div class="col-sm-9 col-lg-10">
-          <input type="text" class="form-control" name="template_command" ng-model="$ctrl.model.Command" placeholder='/bin/bash -c \"echo hello\" && exit 777' />
-        </div>
-      </div>
-      <!-- !command -->
-      <!-- hostname -->
-      <div class="form-group">
-        <label for="template_hostname" class="col-sm-3 col-lg-2 control-label text-left">
-          Hostname
-          <portainer-tooltip position="bottom" message="Set the hostname of the container. Will use Docker default if not specified."></portainer-tooltip>
-        </label>
-        <div class="col-sm-9 col-lg-10">
-          <input type="text" class="form-control" name="template_hostname" ng-model="$ctrl.model.Hostname" placeholder="mycontainername" />
-        </div>
-      </div>
-      <!-- !hostname -->
-      <!-- network -->
-      <div class="form-group">
-        <label for="template_network" class="col-sm-3 col-lg-2 control-label text-left">
-          Network
-        </label>
-        <div class="col-sm-10">
-          <select class="form-control" ng-options="net.Name for net in $ctrl.networks" ng-model="$ctrl.model.Network">
-            <option disabled hidden value="">Select a network</option>
-          </select>
-        </div>
-      </div>
-      <!-- !network -->
-      <!-- port-mapping -->
-      <div class="form-group">
-        <div class="col-sm-12" style="margin-top: 5px;">
-          <label class="control-label text-left">Port mapping</label>
-          <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addPortBinding()">
-            <i class="fa fa-plus-circle" aria-hidden="true"></i> map additional port
-          </span>
-        </div>
-        <div class="col-sm-12" style="margin-top: 10px;" ng-if="$ctrl.model.Ports.length > 0">
-          <span class="small text-muted">Portainer will automatically assign a port if you leave the host port empty.</span>
-        </div>
-        <!-- port-mapping-input-list -->
-        <div class="col-sm-12">
-          <div class="col-sm-12 form-inline" style="margin-top: 10px;">
-            <div ng-repeat="portBinding in $ctrl.model.Ports" style="margin-top: 2px;">
-              <!-- host-port -->
-              <div class="input-group col-sm-4 input-group-sm">
-                <span class="input-group-addon">host</span>
-                <input type="text" class="form-control" ng-model="portBinding.hostPort" placeholder="e.g. 80 or 1.2.3.4:80 (optional)" />
-              </div>
-              <!-- !host-port -->
-              <span style="margin: 0 10px 0 10px;">
-                <i class="fa fa-long-arrow-alt-right" aria-hidden="true"></i>
-              </span>
-              <!-- container-port -->
-              <div class="input-group col-sm-4 input-group-sm">
-                <span class="input-group-addon">container</span>
-                <input type="text" class="form-control" ng-model="portBinding.containerPort" placeholder="e.g. 80" />
-              </div>
-              <!-- !container-port -->
-              <!-- protocol-actions -->
-              <div class="input-group col-sm-3 input-group-sm">
-                <div class="btn-group btn-group-sm">
-                  <label class="btn btn-primary" ng-model="portBinding.protocol" uib-btn-radio="'tcp'">TCP</label>
-                  <label class="btn btn-primary" ng-model="portBinding.protocol" uib-btn-radio="'udp'">UDP</label>
-                </div>
-                <button class="btn btn-sm btn-danger" type="button" ng-click="$ctrl.removePortBinding($index)">
-                  <i class="fa fa-trash" aria-hidden="true"></i>
-                </button>
-              </div>
-              <!-- !protocol-actions -->
-            </div>
-          </div>
-        </div>
-        <!-- !port-mapping-input-list -->
-      </div>
-      <!-- !port-mapping -->
-      <!-- volumes -->
-      <div class="form-group">
-        <div class="col-sm-12" style="margin-top: 5px;">
-          <label class="control-label text-left">Volume mapping</label>
-          <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addVolume()">
-            <i class="fa fa-plus-circle" aria-hidden="true"></i> map additional volume
-          </span>
-        </div>
-        <div class="col-sm-12" style="margin-top: 10px;" ng-if="$ctrl.model.Volumes.length > 0">
-          <span class="small text-muted">Portainer will automatically create and map a local volume when using the <b>auto</b> option.</span>
-        </div>
-        <div ng-repeat="volume in $ctrl.model.Volumes">
-          <div class="col-sm-12" style="margin-top: 10px;">
-            <!-- volume-line1 -->
-            <div class="col-sm-12 form-inline">
-              <!-- container-path -->
-              <div class="input-group input-group-sm col-sm-6">
-                <span class="input-group-addon">container</span>
-                <input type="text" class="form-control" ng-model="volume.container" placeholder="e.g. /path/in/container" />
-              </div>
-              <!-- !container-path -->
-              <!-- volume-type -->
-              <div class="input-group col-sm-5" style="margin-left: 5px;">
-                <div class="btn-group btn-group-sm">
-                  <label class="btn btn-primary" ng-model="volume.type" uib-btn-radio="'auto'" ng-click="volume.bind = ''">Auto</label>
-                  <label class="btn btn-primary" ng-model="volume.type" uib-btn-radio="'bind'" ng-click="volume.bind = ''">Bind</label>
-                </div>
-                <button class="btn btn-sm btn-danger" type="button" ng-click="$ctrl.removeVolume($index)">
-                  <i class="fa fa-trash" aria-hidden="true"></i>
-                </button>
-              </div>
-              <!-- !volume-type -->
-            </div>
-            <!-- !volume-line1 -->
-            <!-- volume-line2 -->
-            <div class="col-sm-12 form-inline" style="margin-top: 5px;" ng-if="volume.type !== 'auto'">
-              <i class="fa fa-long-arrow-alt-right" aria-hidden="true"></i>
-              <!-- bind -->
-              <div class="input-group input-group-sm col-sm-6" ng-if="volume.type === 'bind'">
-                <span class="input-group-addon">host</span>
-                <input type="text" class="form-control" ng-model="volume.bind" placeholder="e.g. /path/on/host" />
-              </div>
-              <!-- !bind -->
-              <!-- read-only -->
-              <div class="input-group input-group-sm col-sm-5" style="margin-left: 5px;">
-                <div class="btn-group btn-group-sm">
-                  <label class="btn btn-primary" ng-model="volume.readonly" uib-btn-radio="false">Writable</label>
-                  <label class="btn btn-primary" ng-model="volume.readonly" uib-btn-radio="true">Read-only</label>
-                </div>
-              </div>
-              <!-- !read-only -->
-            </div>
-            <!-- !volume-line2 -->
-          </div>
-        </div>
-      </div>
-      <!-- !volumes -->
-      <!-- labels -->
-      <div class="form-group">
-        <div class="col-sm-12" style="margin-top: 5px;">
-          <label class="control-label text-left">Labels</label>
-          <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addLabel()">
-            <i class="fa fa-plus-circle" aria-hidden="true"></i> add label
-          </span>
-        </div>
-        <!-- labels-input-list -->
-        <div class="col-sm-12">
-          <div class="col-sm-12 form-inline" style="margin-top: 10px;">
-            <div ng-repeat="label in $ctrl.model.Labels" style="margin-top: 2px;">
-              <div class="input-group col-sm-5 input-group-sm">
-                <span class="input-group-addon">name</span>
-                <input type="text" class="form-control" ng-model="label.name" placeholder="e.g. com.example.foo" />
-              </div>
-              <div class="input-group col-sm-5 input-group-sm">
-                <span class="input-group-addon">value</span>
-                <input type="text" class="form-control" ng-model="label.value" placeholder="e.g. bar" />
-              </div>
-              <button class="btn btn-sm btn-danger" type="button" ng-click="$ctrl.removeLabel($index)">
-                <i class="fa fa-trash" aria-hidden="true"></i>
-              </button>
-            </div>
-          </div>
-        </div>
-        <!-- !labels-input-list -->
-      </div>
-      <!-- !labels -->
-      <!-- restart_policy -->
-      <div class="form-group">
-        <label for="template_restart_policy" class="col-sm-3 col-lg-2 control-label text-left">
-          Restart policy
-        </label>
-        <div class="col-sm-9 col-lg-10">
-          <select class="form-control" name="template_platform" ng-model="$ctrl.model.RestartPolicy">
-            <option value="always">Always</option>
-            <option value="unless-stopped">Unless stopped</option>
-            <option value="on-failure">On failure</option>
-            <option value="no">None</option>
-          </select>
-        </div>
-      </div>
-      <!-- !restart_policy -->
-      <!-- privileged-mode -->
-      <div class="form-group">
-        <div class="col-sm-12">
-          <label for="tls" class="control-label text-left">
-            Privileged mode
-            <portainer-tooltip position="bottom" message="Start the container in privileged mode."></portainer-tooltip>
-          </label>
-          <label class="switch" style="margin-left: 20px;"> <input type="checkbox" ng-model="$ctrl.model.Privileged" /><i></i> </label>
-        </div>
-      </div>
-      <!-- !privileged-mode -->
-      <!-- interactive-mode -->
-      <div class="form-group">
-        <div class="col-sm-12">
-          <label for="tls" class="control-label text-left">
-            Interactive mode
-            <portainer-tooltip position="bottom" message="Start the container in foreground (equivalent of -i -t flags)."></portainer-tooltip>
-          </label>
-          <label class="switch" style="margin-left: 20px;"> <input type="checkbox" ng-model="$ctrl.model.Interactive" /><i></i> </label>
-        </div>
-      </div>
-      <!-- !interactive-mode -->
-    </div>
-    <!-- !container-details -->
-  </div>
-  <div class="col-sm-12 form-section-title interactive" ng-click="$ctrl.state.collapseEnv = !$ctrl.state.collapseEnv">
-    Environment
-    <span class="small space-left">
-      <a ng-if="$ctrl.state.collapseEnv"><i class="fa fa-plus" aria-hidden="true"></i> expand</a>
-      <a ng-if="!$ctrl.state.collapseEnv"><i class="fa fa-minus" aria-hidden="true"></i> collapse</a>
-    </span>
-  </div>
-  <!-- environment-details -->
-  <div uib-collapse="$ctrl.state.collapseEnv">
-    <!-- env -->
-    <div class="form-group">
-      <div class="col-sm-12" style="margin-top: 5px;">
-        <label class="control-label text-left">Environment variables</label>
-        <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addEnvVar()">
-          <i class="fa fa-plus-circle" aria-hidden="true"></i> add variable
-        </span>
-      </div>
-      <!-- env-var-list -->
-      <div style="margin-top: 10px;">
-        <div class="col-sm-12 template-envvar" ng-repeat="var in $ctrl.model.Env" style="margin-top: 10px;">
-          <div class="form-group"></div>
-          <div class="form-group" style="margin-bottom: 0;">
-            <div class="boxselector_wrapper">
-              <div>
-                <input type="radio" id="preset_var_{{ $index }}" ng-model="var.type" ng-value="1" ng-change="$ctrl.changeEnvVarType(var)" />
-                <label for="preset_var_{{ $index }}">
-                  <div class="boxselector_header">
-                    <i class="fa fa-user-slash" aria-hidden="true" style="margin-right: 2px;"></i>
-                    Preset
-                  </div>
-                  <p>Preset variable</p>
-                </label>
-              </div>
-              <div>
-                <input type="radio" id="text_var_{{ $index }}" ng-model="var.type" ng-value="2" ng-change="$ctrl.changeEnvVarType(var)" />
-                <label for="text_var_{{ $index }}">
-                  <div class="boxselector_header">
-                    <i class="fa fa-edit" aria-hidden="true" style="margin-right: 2px;"></i>
-                    Text
-                  </div>
-                  <p>Free text value</p>
-                </label>
-              </div>
-              <div>
-                <input type="radio" id="select_var_{{ $index }}" ng-model="var.type" ng-value="3" />
-                <label for="select_var_{{ $index }}">
-                  <div class="boxselector_header">
-                    <i class="fa fa-list-ol" aria-hidden="true" style="margin-right: 2px;"></i>
-                    Select
-                  </div>
-                  <p>Choose value from list</p>
-                </label>
-              </div>
-            </div>
-          </div>
-          <div class="form-group">
-            <label class="col-sm-2 control-label text-left">
-              Name
-            </label>
-            <div class="col-sm-8">
-              <input type="text" class="form-control" ng-model="var.name" placeholder="env_var" />
-            </div>
-            <div class="col-sm-2">
-              <button class="btn btn-sm btn-danger space-left" type="button" ng-click="$ctrl.removeEnvVar($index)">
-                <i class="fa fa-trash" aria-hidden="true"></i>
-              </button>
-            </div>
-          </div>
-          <div ng-if="var.type == 2 || var.type == 3">
-            <div class="form-group">
-              <label class="col-sm-2 control-label text-left">
-                Label
-              </label>
-              <div class="col-sm-10">
-                <input type="text" class="form-control" ng-model="var.label" placeholder="Choose a label" />
-              </div>
-            </div>
-            <div class="form-group">
-              <label class="col-sm-2 control-label text-left" style="margin-top: 2px;">
-                Description
-              </label>
-              <div class="col-sm-10" style="margin-top: 2px;">
-                <input type="text" class="form-control" ng-model="var.description" placeholder="Tooltip" />
-              </div>
-            </div>
-          </div>
-          <div class="form-group" ng-if="var.type === 1 || var.type === 2">
-            <label class="col-sm-2 control-label text-left">
-              Default value
-            </label>
-            <div class="col-sm-10">
-              <input type="text" class="form-control" ng-model="var.default" placeholder="default_value" />
-            </div>
-          </div>
-          <div ng-if="var.type === 3" style="margin-bottom: 5px;" class="form-group">
-            <div class="col-sm-12" style="margin-top: 5px;">
-              <label class="control-label text-left">Values</label>
-              <span class="label label-default interactive" style="margin-left: 10px;" ng-click="$ctrl.addEnvVarValue(var)">
-                <i class="fa fa-plus-circle" aria-hidden="true"></i> add allowed value
-              </span>
-            </div>
-            <!-- envvar-values-list -->
-            <div class="col-sm-12">
-              <div class="col-sm-12 form-inline" style="margin-top: 10px;">
-                <div ng-repeat="val in var.select" style="margin-top: 2px;">
-                  <div class="input-group col-sm-5 input-group-sm">
-                    <span class="input-group-addon">name</span>
-                    <input type="text" class="form-control" ng-model="val.text" placeholder="Yes, I agree" />
-                  </div>
-                  <div class="input-group col-sm-5 input-group-sm">
-                    <span class="input-group-addon">value</span>
-                    <input type="text" class="form-control" ng-model="val.value" placeholder="Y" />
-                  </div>
-                  <div class="input-group col-sm-1 input-group-sm">
-                    <button class="btn btn-sm btn-danger" type="button" ng-click="$ctrl.removeEnvVarValue(var, $index)">
-                      <i class="fa fa-trash" aria-hidden="true"></i>
-                    </button>
-                    <input style="margin-left: 5px;" type="checkbox" ng-model="val.default" id="val_default_{{ $index }}" /><label for="val_default_{{ $index }}" class="space-left"
-                      >Default</label
-                    >
-                  </div>
-                </div>
-              </div>
-            </div>
-            <!-- envvar-values-list -->
-          </div>
-          <div class="col-sm-12" ng-show="$ctrl.model.Env.length > 1">
-            <div class="line-separator"></div>
-          </div>
-        </div>
-      </div>
-      <!-- !env-var-list -->
-    </div>
-    <!-- !env -->
-  </div>
-  <!-- !environment-details -->
-  <!-- actions -->
-  <div class="col-sm-12 form-section-title">
-    Actions
-  </div>
-  <div class="form-group">
-    <div class="col-sm-12">
-      <button
-        type="button"
-        class="btn btn-primary btn-sm"
-        ng-click="$ctrl.formAction()"
-        ng-disabled="$ctrl.actionInProgress || !templateForm.$valid"
-        button-spinner="$ctrl.actionInProgress"
-      >
-        <span ng-hide="$ctrl.actionInProgress">{{ $ctrl.formActionLabel }}</span>
-        <span ng-show="$ctrl.actionInProgress">In progress...</span>
-      </button>
-    </div>
-  </div>
-  <!-- !actions -->
-</form>
diff --git a/app/portainer/components/forms/template-form/templateFormController.js b/app/portainer/components/forms/template-form/templateFormController.js
deleted file mode 100644
index c03c11b60..000000000
--- a/app/portainer/components/forms/template-form/templateFormController.js
+++ /dev/null
@@ -1,55 +0,0 @@
-angular.module('portainer.app').controller('TemplateFormController', [
-  function () {
-    this.state = {
-      collapseTemplate: false,
-      collapseContainer: false,
-      collapseStack: false,
-      collapseEnv: false,
-    };
-
-    this.addPortBinding = function () {
-      this.model.Ports.push({ containerPort: '', protocol: 'tcp' });
-    };
-
-    this.removePortBinding = function (index) {
-      this.model.Ports.splice(index, 1);
-    };
-
-    this.addVolume = function () {
-      this.model.Volumes.push({ container: '', bind: '', readonly: false, type: 'auto' });
-    };
-
-    this.removeVolume = function (index) {
-      this.model.Volumes.splice(index, 1);
-    };
-
-    this.addLabel = function () {
-      this.model.Labels.push({ name: '', value: '' });
-    };
-
-    this.removeLabel = function (index) {
-      this.model.Labels.splice(index, 1);
-    };
-
-    this.addEnvVar = function () {
-      this.model.Env.push({ type: 1, name: '', label: '', description: '', default: '', preset: true, select: [] });
-    };
-
-    this.removeEnvVar = function (index) {
-      this.model.Env.splice(index, 1);
-    };
-
-    this.addEnvVarValue = function (env) {
-      env.select = env.select || [];
-      env.select.push({ name: '', value: '' });
-    };
-
-    this.removeEnvVarValue = function (env, index) {
-      env.select.splice(index, 1);
-    };
-
-    this.changeEnvVarType = function (env) {
-      env.preset = env.type === 1;
-    };
-  },
-]);
diff --git a/app/portainer/components/registry-details/index.js b/app/portainer/components/registry-details/index.js
new file mode 100644
index 000000000..418c48781
--- /dev/null
+++ b/app/portainer/components/registry-details/index.js
@@ -0,0 +1,10 @@
+import angular from 'angular';
+
+export const registryDetails = {
+  templateUrl: './registry-details.html',
+  bindings: {
+    registry: '<',
+  },
+};
+
+angular.module('portainer.app').component('registryDetails', registryDetails);
diff --git a/app/portainer/components/registry-details/registry-details.html b/app/portainer/components/registry-details/registry-details.html
new file mode 100644
index 000000000..b67e69b03
--- /dev/null
+++ b/app/portainer/components/registry-details/registry-details.html
@@ -0,0 +1,25 @@
+<div class="row" ng-if="$ctrl.registry">
+  <div class="col-lg-12 col-md-12 col-xs-12">
+    <rd-widget>
+      <rd-widget-header icon="fa-plug" title-text="Registry"></rd-widget-header>
+      <rd-widget-body classes="no-padding">
+        <table class="table">
+          <tbody>
+            <tr>
+              <td>Name</td>
+              <td>
+                {{ $ctrl.registry.Name }}
+              </td>
+            </tr>
+            <tr>
+              <td>URL</td>
+              <td>
+                {{ $ctrl.registry.URL }}
+              </td>
+            </tr>
+          </tbody>
+        </table>
+      </rd-widget-body>
+    </rd-widget>
+  </div>
+</div>
diff --git a/app/portainer/models/dockerhub.js b/app/portainer/models/dockerhub.js
index 880a89f5b..9e77e0b8d 100644
--- a/app/portainer/models/dockerhub.js
+++ b/app/portainer/models/dockerhub.js
@@ -1,7 +1,7 @@
-export function DockerHubViewModel(data) {
-  this.Name = 'DockerHub';
-  this.URL = '';
-  this.Authentication = data.Authentication;
-  this.Username = data.Username;
-  this.Password = data.Password;
+import { RegistryTypes } from './registryTypes';
+
+export function DockerHubViewModel() {
+  this.Type = RegistryTypes.ANONYMOUS;
+  this.Name = 'DockerHub (anonymous)';
+  this.URL = 'docker.io';
 }
diff --git a/app/portainer/models/registry.js b/app/portainer/models/registry.js
index 72808e3b9..f9956bb8f 100644
--- a/app/portainer/models/registry.js
+++ b/app/portainer/models/registry.js
@@ -9,10 +9,7 @@ export function RegistryViewModel(data) {
   this.Authentication = data.Authentication;
   this.Username = data.Username;
   this.Password = data.Password;
-  this.AuthorizedUsers = data.AuthorizedUsers;
-  this.AuthorizedTeams = data.AuthorizedTeams;
-  this.UserAccessPolicies = data.UserAccessPolicies;
-  this.TeamAccessPolicies = data.TeamAccessPolicies;
+  this.RegistryAccesses = data.RegistryAccesses; // map[EndpointID]{UserAccessPolicies, TeamAccessPolicies, NamespaceAccessPolicies}
   this.Checked = false;
   this.Gitlab = data.Gitlab;
   this.Quay = data.Quay;
@@ -39,7 +36,7 @@ export function RegistryManagementConfigurationDefaultModel(registry) {
   }
 }
 
-export function RegistryDefaultModel() {
+export function RegistryCreateFormValues() {
   this.Type = RegistryTypes.CUSTOM;
   this.URL = '';
   this.Name = '';
diff --git a/app/portainer/models/registryTypes.js b/app/portainer/models/registryTypes.js
index 7b0dc229b..b63dc47e2 100644
--- a/app/portainer/models/registryTypes.js
+++ b/app/portainer/models/registryTypes.js
@@ -1,6 +1,8 @@
 export const RegistryTypes = Object.freeze({
+  ANONYMOUS: 0, // not backend replicated, only for frontend
   QUAY: 1,
   AZURE: 2,
   CUSTOM: 3,
   GITLAB: 4,
+  DOCKERHUB: 5,
 });
diff --git a/app/portainer/rest/dockerhub.js b/app/portainer/rest/dockerhub.js
deleted file mode 100644
index 35b891076..000000000
--- a/app/portainer/rest/dockerhub.js
+++ /dev/null
@@ -1,15 +0,0 @@
-angular.module('portainer.app').factory('DockerHub', [
-  '$resource',
-  'API_ENDPOINT_DOCKERHUB',
-  function DockerHubFactory($resource, API_ENDPOINT_DOCKERHUB) {
-    'use strict';
-    return $resource(
-      API_ENDPOINT_DOCKERHUB,
-      {},
-      {
-        get: { method: 'GET' },
-        update: { method: 'PUT' },
-      }
-    );
-  },
-]);
diff --git a/app/portainer/rest/endpoint.js b/app/portainer/rest/endpoint.js
index d88e4e243..23e23fed1 100644
--- a/app/portainer/rest/endpoint.js
+++ b/app/portainer/rest/endpoint.js
@@ -23,6 +23,8 @@ angular.module('portainer.app').factory('Endpoints', [
         status: { method: 'GET', params: { id: '@id', action: 'status' } },
         updateSecuritySettings: { method: 'PUT', params: { id: '@id', action: 'settings' } },
         dockerhubLimits: { method: 'GET', params: { id: '@id', action: 'dockerhub' } },
+        registries: { url: `${API_ENDPOINT_ENDPOINTS}/:id/registries`, method: 'GET', params: { id: '@id', namespace: '@namespace' }, isArray: true },
+        updateRegistryAccess: { url: `${API_ENDPOINT_ENDPOINTS}/:id/registries/:registryId`, method: 'PUT', params: { id: '@id', registryId: '@registryId' } },
       }
     );
   },
diff --git a/app/portainer/rest/registry.js b/app/portainer/rest/registry.js
index 345ee6d5b..706c56ae1 100644
--- a/app/portainer/rest/registry.js
+++ b/app/portainer/rest/registry.js
@@ -9,9 +9,8 @@ angular.module('portainer.app').factory('Registries', [
       {
         create: { method: 'POST', ignoreLoadingBar: true },
         query: { method: 'GET', isArray: true },
-        get: { method: 'GET', params: { id: '@id' } },
+        get: { method: 'GET', params: { id: '@id', action: '', endpointId: '@endpointId' } },
         update: { method: 'PUT', params: { id: '@id' } },
-        updateAccess: { method: 'PUT', params: { id: '@id', action: 'access' } },
         remove: { method: 'DELETE', params: { id: '@id' } },
         configure: { method: 'POST', params: { id: '@id', action: 'configure' } },
       }
diff --git a/app/portainer/services/api/accessService.js b/app/portainer/services/api/accessService.js
index d09f4bdfe..40018afd3 100644
--- a/app/portainer/services/api/accessService.js
+++ b/app/portainer/services/api/accessService.js
@@ -9,7 +9,10 @@ angular.module('portainer.app').factory('AccessService', [
   'TeamService',
   function AccessServiceFactory($q, $async, UserService, TeamService) {
     'use strict';
-    var service = {};
+    return {
+      accesses,
+      generateAccessPolicies,
+    };
 
     function _mapAccessData(accesses, authorizedPolicies, inheritedPolicies) {
       var availableAccesses = [];
@@ -76,7 +79,7 @@ angular.module('portainer.app').factory('AccessService', [
     async function accessesAsync(entity, parent) {
       try {
         if (!entity) {
-          throw { msg: 'Unable to retrieve accesses' };
+          throw new Error('Unable to retrieve accesses');
         }
         if (!entity.UserAccessPolicies) {
           entity.UserAccessPolicies = {};
@@ -100,9 +103,7 @@ angular.module('portainer.app').factory('AccessService', [
       return $async(accessesAsync, entity, parent);
     }
 
-    service.accesses = accesses;
-
-    service.generateAccessPolicies = function (userAccessPolicies, teamAccessPolicies, selectedUserAccesses, selectedTeamAccesses, selectedRoleId) {
+    function generateAccessPolicies(userAccessPolicies, teamAccessPolicies, selectedUserAccesses, selectedTeamAccesses, selectedRoleId) {
       const newUserPolicies = _.clone(userAccessPolicies);
       const newTeamPolicies = _.clone(teamAccessPolicies);
 
@@ -115,8 +116,6 @@ angular.module('portainer.app').factory('AccessService', [
       };
 
       return accessPolicies;
-    };
-
-    return service;
+    }
   },
 ]);
diff --git a/app/portainer/services/api/dockerhubService.js b/app/portainer/services/api/dockerhubService.js
deleted file mode 100644
index aa079ae40..000000000
--- a/app/portainer/services/api/dockerhubService.js
+++ /dev/null
@@ -1,51 +0,0 @@
-import { DockerHubViewModel } from '../../models/dockerhub';
-
-angular.module('portainer.app').factory('DockerHubService', [
-  '$q',
-  'DockerHub',
-  'Endpoints',
-  'AgentDockerhub',
-  'EndpointHelper',
-  function DockerHubServiceFactory($q, DockerHub, Endpoints, AgentDockerhub, EndpointHelper) {
-    'use strict';
-    var service = {};
-
-    service.dockerhub = function () {
-      var deferred = $q.defer();
-
-      DockerHub.get()
-        .$promise.then(function success(data) {
-          var dockerhub = new DockerHubViewModel(data);
-          deferred.resolve(dockerhub);
-        })
-        .catch(function error(err) {
-          deferred.reject({ msg: 'Unable to retrieve DockerHub details', err: err });
-        });
-
-      return deferred.promise;
-    };
-
-    service.update = function (dockerhub) {
-      return DockerHub.update({}, dockerhub).$promise;
-    };
-
-    service.checkRateLimits = checkRateLimits;
-    function checkRateLimits(endpoint) {
-      if (EndpointHelper.isLocalEndpoint(endpoint)) {
-        return Endpoints.dockerhubLimits({ id: endpoint.Id }).$promise;
-      }
-
-      switch (endpoint.Type) {
-        case 2: //AgentOnDockerEnvironment
-        case 4: //EdgeAgentOnDockerEnvironment
-          return AgentDockerhub.limits({ endpointId: endpoint.Id, endpointType: 'docker' }).$promise;
-
-        case 6: //AgentOnKubernetesEnvironment
-        case 7: //EdgeAgentOnKubernetesEnvironment
-          return AgentDockerhub.limits({ endpointId: endpoint.Id, endpointType: 'kubernetes' }).$promise;
-      }
-    }
-
-    return service;
-  },
-]);
diff --git a/app/portainer/services/api/endpointService.js b/app/portainer/services/api/endpointService.js
index 870075156..de47e6f60 100644
--- a/app/portainer/services/api/endpointService.js
+++ b/app/portainer/services/api/endpointService.js
@@ -8,6 +8,8 @@ angular.module('portainer.app').factory('EndpointService', [
     'use strict';
     var service = {
       updateSecuritySettings,
+      registries,
+      updateRegistryAccess,
     };
 
     service.endpoint = function (endpointID) {
@@ -157,6 +159,14 @@ angular.module('portainer.app').factory('EndpointService', [
       return deferred.promise;
     };
 
+    function updateRegistryAccess(id, registryId, endpointAccesses) {
+      return Endpoints.updateRegistryAccess({ registryId, id }, endpointAccesses).$promise;
+    }
+
+    function registries(id, namespace) {
+      return Endpoints.registries({ namespace, id }).$promise;
+    }
+
     return service;
 
     function updateSecuritySettings(id, securitySettings) {
diff --git a/app/portainer/services/api/registryService.js b/app/portainer/services/api/registryService.js
index 36c46ad77..abf832cac 100644
--- a/app/portainer/services/api/registryService.js
+++ b/app/portainer/services/api/registryService.js
@@ -1,20 +1,30 @@
 import _ from 'lodash-es';
 import { PorImageRegistryModel } from 'Docker/models/porImageRegistry';
-import { RegistryTypes } from '@/portainer/models/registryTypes';
-import { RegistryCreateRequest, RegistryViewModel } from '../../models/registry';
+import { RegistryTypes } from 'Portainer/models/registryTypes';
+import { RegistryCreateRequest, RegistryViewModel } from 'Portainer/models/registry';
+import { DockerHubViewModel } from 'Portainer/models/dockerhub';
 
 angular.module('portainer.app').factory('RegistryService', [
   '$q',
   '$async',
   'Registries',
-  'DockerHubService',
   'ImageHelper',
   'FileUploadService',
-  function RegistryServiceFactory($q, $async, Registries, DockerHubService, ImageHelper, FileUploadService) {
-    'use strict';
-    var service = {};
+  function RegistryServiceFactory($q, $async, Registries, ImageHelper, FileUploadService) {
+    return {
+      registries,
+      registry,
+      encodedCredentials,
+      deleteRegistry,
+      updateRegistry,
+      configureRegistry,
+      createRegistry,
+      createGitlabRegistries,
+      retrievePorRegistryModelFromRepository,
+      retrievePorRegistryModelFromRepositoryWithRegistries,
+    };
 
-    service.registries = function () {
+    function registries() {
       var deferred = $q.defer();
 
       Registries.query()
@@ -29,9 +39,9 @@ angular.module('portainer.app').factory('RegistryService', [
         });
 
       return deferred.promise;
-    };
+    }
 
-    service.registry = function (id) {
+    function registry(id) {
       var deferred = $q.defer();
 
       Registries.get({ id: id })
@@ -44,39 +54,35 @@ angular.module('portainer.app').factory('RegistryService', [
         });
 
       return deferred.promise;
-    };
+    }
 
-    service.encodedCredentials = function (registry) {
+    function encodedCredentials(registry) {
       var credentials = {
         serveraddress: registry.URL,
       };
       return btoa(JSON.stringify(credentials));
-    };
+    }
 
-    service.updateAccess = function (id, userAccessPolicies, teamAccessPolicies) {
-      return Registries.updateAccess({ id: id }, { UserAccessPolicies: userAccessPolicies, TeamAccessPolicies: teamAccessPolicies }).$promise;
-    };
-
-    service.deleteRegistry = function (id) {
+    function deleteRegistry(id) {
       return Registries.remove({ id: id }).$promise;
-    };
+    }
 
-    service.updateRegistry = function (registry) {
+    function updateRegistry(registry) {
       registry.URL = _.replace(registry.URL, /^https?\:\/\//i, '');
       registry.URL = _.replace(registry.URL, /\/$/, '');
       return Registries.update({ id: registry.Id }, registry).$promise;
-    };
+    }
 
-    service.configureRegistry = function (id, registryManagementConfigurationModel) {
+    function configureRegistry(id, registryManagementConfigurationModel) {
       return FileUploadService.configureRegistry(id, registryManagementConfigurationModel);
-    };
+    }
 
-    service.createRegistry = function (model) {
+    function createRegistry(model) {
       var payload = new RegistryCreateRequest(model);
       return Registries.create(payload).$promise;
-    };
+    }
 
-    service.createGitlabRegistries = function (model, projects) {
+    function createGitlabRegistries(model, projects) {
       const promises = [];
       _.forEach(projects, (p) => {
         const m = model;
@@ -88,9 +94,7 @@ angular.module('portainer.app').factory('RegistryService', [
         promises.push(Registries.create(payload).$promise);
       });
       return $q.all(promises);
-    };
-
-    service.retrievePorRegistryModelFromRepositoryWithRegistries = retrievePorRegistryModelFromRepositoryWithRegistries;
+    }
 
     function getURL(reg) {
       let url = reg.URL;
@@ -103,14 +107,23 @@ angular.module('portainer.app').factory('RegistryService', [
       return url;
     }
 
-    function retrievePorRegistryModelFromRepositoryWithRegistries(repository, registries, dockerhub) {
+    function retrievePorRegistryModelFromRepositoryWithRegistries(repository, registries, registryId, dockerhub) {
       const model = new PorImageRegistryModel();
-      const registry = _.find(registries, (reg) => _.includes(repository, getURL(reg)));
+      const registry = registries.find((reg) => {
+        if (registryId) {
+          return reg.Id === registryId;
+        }
+        if (reg.Type === RegistryTypes.DOCKERHUB) {
+          return _.includes(repository, reg.Username);
+        }
+        return _.includes(repository, getURL(reg));
+      });
       if (registry) {
         const url = getURL(registry);
-        const lastIndex = repository.lastIndexOf(url) + url.length;
+        let lastIndex = repository.lastIndexOf(url);
+        lastIndex = lastIndex === -1 ? 0 : lastIndex + url.length;
         let image = repository.substring(lastIndex);
-        if (!_.startsWith(image, ':')) {
+        if (_.startsWith(image, '/')) {
           image = image.substring(1);
         }
         model.Registry = registry;
@@ -125,19 +138,18 @@ angular.module('portainer.app').factory('RegistryService', [
       return model;
     }
 
-    async function retrievePorRegistryModelFromRepositoryAsync(repository) {
+    async function retrievePorRegistryModelFromRepositoryAsync(repository, endpointId, registryId) {
       try {
-        let [registries, dockerhub] = await Promise.all([service.registries(), DockerHubService.dockerhub()]);
-        return retrievePorRegistryModelFromRepositoryWithRegistries(repository, registries, dockerhub);
+        const regs = await Promise.all([registries(endpointId)]);
+        const dockerhub = new DockerHubViewModel();
+        return retrievePorRegistryModelFromRepositoryWithRegistries(repository, regs, registryId, dockerhub);
       } catch (err) {
         throw { msg: 'Unable to retrieve the registry associated to the repository', err: err };
       }
     }
 
-    service.retrievePorRegistryModelFromRepository = function (repository) {
-      return $async(retrievePorRegistryModelFromRepositoryAsync, repository);
-    };
-
-    return service;
+    function retrievePorRegistryModelFromRepository(repository, endpointId, registryId) {
+      return $async(retrievePorRegistryModelFromRepositoryAsync, repository, endpointId, registryId);
+    }
   },
 ]);
diff --git a/app/portainer/services/api/templateService.js b/app/portainer/services/api/templateService.js
index 82fb486e9..04265c85b 100644
--- a/app/portainer/services/api/templateService.js
+++ b/app/portainer/services/api/templateService.js
@@ -1,91 +1,85 @@
-import _ from 'lodash-es';
+import { DockerHubViewModel } from 'Portainer/models/dockerhub';
 import { TemplateViewModel } from '../../models/template';
 
-angular.module('portainer.app').factory('TemplateService', [
-  '$q',
-  'Templates',
-  'TemplateHelper',
-  'RegistryService',
-  'DockerHubService',
-  'ImageHelper',
-  'ContainerHelper',
-  function TemplateServiceFactory($q, Templates, TemplateHelper, RegistryService, DockerHubService, ImageHelper, ContainerHelper) {
-    'use strict';
-    var service = {};
+angular.module('portainer.app').factory('TemplateService', TemplateServiceFactory);
 
-    service.templates = function () {
-      const deferred = $q.defer();
+/* @ngInject */
+function TemplateServiceFactory($q, Templates, TemplateHelper, EndpointProvider, ImageHelper, ContainerHelper, EndpointService) {
+  var service = {};
 
-      $q.all({
-        templates: Templates.query().$promise,
-        registries: RegistryService.registries(),
-        dockerhub: DockerHubService.dockerhub(),
-      })
-        .then(function success(data) {
-          const version = data.templates.version;
-          const templates = _.map(data.templates.templates, (item) => {
+  service.templates = function () {
+    const deferred = $q.defer();
+    const endpointId = EndpointProvider.currentEndpoint().Id;
+
+    $q.all({
+      templates: Templates.query().$promise,
+      registries: EndpointService.registries(endpointId),
+    })
+      .then(function success({ templates, registries }) {
+        const version = templates.version;
+        deferred.resolve(
+          templates.templates.map((item) => {
             try {
               const template = new TemplateViewModel(item, version);
-              const registry = RegistryService.retrievePorRegistryModelFromRepositoryWithRegistries(template.RegistryModel.Registry.URL, data.registries, data.dockerhub);
-              registry.Image = template.RegistryModel.Image;
-              template.RegistryModel = registry;
+              const registryURL = template.RegistryModel.Registry.URL;
+              const registry = registryURL ? registries.find((reg) => reg.URL === registryURL) : new DockerHubViewModel();
+              template.RegistryModel.Registry = registry;
               return template;
             } catch (err) {
               deferred.reject({ msg: 'Unable to retrieve templates', err: err });
             }
-          });
-          deferred.resolve(templates);
-        })
-        .catch(function error(err) {
-          deferred.reject({ msg: 'Unable to retrieve templates', err: err });
-        });
-
-      return deferred.promise;
-    };
-
-    service.templateFile = templateFile;
-    function templateFile(repositoryUrl, composeFilePathInRepository) {
-      return Templates.file({ repositoryUrl, composeFilePathInRepository }).$promise;
-    }
-
-    service.createTemplateConfiguration = function (template, containerName, network) {
-      var imageConfiguration = ImageHelper.createImageConfigForContainer(template.RegistryModel);
-      var containerConfiguration = createContainerConfiguration(template, containerName, network);
-      containerConfiguration.Image = imageConfiguration.fromImage;
-      return containerConfiguration;
-    };
-
-    function createContainerConfiguration(template, containerName, network) {
-      var configuration = TemplateHelper.getDefaultContainerConfiguration();
-      configuration.HostConfig.NetworkMode = network.Name;
-      configuration.HostConfig.Privileged = template.Privileged;
-      configuration.HostConfig.RestartPolicy = { Name: template.RestartPolicy };
-      configuration.HostConfig.ExtraHosts = template.Hosts ? template.Hosts : [];
-      configuration.name = containerName;
-      configuration.Hostname = template.Hostname;
-      configuration.Env = TemplateHelper.EnvToStringArray(template.Env);
-      configuration.Cmd = ContainerHelper.commandStringToArray(template.Command);
-      var portConfiguration = TemplateHelper.portArrayToPortConfiguration(template.Ports);
-      configuration.HostConfig.PortBindings = portConfiguration.bindings;
-      configuration.ExposedPorts = portConfiguration.exposedPorts;
-      var consoleConfiguration = TemplateHelper.getConsoleConfiguration(template.Interactive);
-      configuration.OpenStdin = consoleConfiguration.openStdin;
-      configuration.Tty = consoleConfiguration.tty;
-      configuration.Labels = TemplateHelper.updateContainerConfigurationWithLabels(template.Labels);
-      return configuration;
-    }
-
-    service.updateContainerConfigurationWithVolumes = function (configuration, template, generatedVolumesPile) {
-      var volumes = template.Volumes;
-      TemplateHelper.createVolumeBindings(volumes, generatedVolumesPile);
-      volumes.forEach(function (volume) {
-        if (volume.binding) {
-          configuration.Volumes[volume.container] = {};
-          configuration.HostConfig.Binds.push(volume.binding);
-        }
+          })
+        );
+      })
+      .catch(function error(err) {
+        deferred.reject({ msg: 'Unable to retrieve templates', err: err });
       });
-    };
 
-    return service;
-  },
-]);
+    return deferred.promise;
+  };
+
+  service.templateFile = templateFile;
+  function templateFile(repositoryUrl, composeFilePathInRepository) {
+    return Templates.file({ repositoryUrl, composeFilePathInRepository }).$promise;
+  }
+
+  service.createTemplateConfiguration = function (template, containerName, network) {
+    var imageConfiguration = ImageHelper.createImageConfigForContainer(template.RegistryModel);
+    var containerConfiguration = createContainerConfiguration(template, containerName, network);
+    containerConfiguration.Image = imageConfiguration.fromImage;
+    return containerConfiguration;
+  };
+
+  function createContainerConfiguration(template, containerName, network) {
+    var configuration = TemplateHelper.getDefaultContainerConfiguration();
+    configuration.HostConfig.NetworkMode = network.Name;
+    configuration.HostConfig.Privileged = template.Privileged;
+    configuration.HostConfig.RestartPolicy = { Name: template.RestartPolicy };
+    configuration.HostConfig.ExtraHosts = template.Hosts ? template.Hosts : [];
+    configuration.name = containerName;
+    configuration.Hostname = template.Hostname;
+    configuration.Env = TemplateHelper.EnvToStringArray(template.Env);
+    configuration.Cmd = ContainerHelper.commandStringToArray(template.Command);
+    var portConfiguration = TemplateHelper.portArrayToPortConfiguration(template.Ports);
+    configuration.HostConfig.PortBindings = portConfiguration.bindings;
+    configuration.ExposedPorts = portConfiguration.exposedPorts;
+    var consoleConfiguration = TemplateHelper.getConsoleConfiguration(template.Interactive);
+    configuration.OpenStdin = consoleConfiguration.openStdin;
+    configuration.Tty = consoleConfiguration.tty;
+    configuration.Labels = TemplateHelper.updateContainerConfigurationWithLabels(template.Labels);
+    return configuration;
+  }
+
+  service.updateContainerConfigurationWithVolumes = function (configuration, template, generatedVolumesPile) {
+    var volumes = template.Volumes;
+    TemplateHelper.createVolumeBindings(volumes, generatedVolumesPile);
+    volumes.forEach(function (volume) {
+      if (volume.binding) {
+        configuration.Volumes[volume.container] = {};
+        configuration.HostConfig.Binds.push(volume.binding);
+      }
+    });
+  };
+
+  return service;
+}
diff --git a/app/portainer/views/endpoint-registries/registries.html b/app/portainer/views/endpoint-registries/registries.html
new file mode 100644
index 000000000..5ed4f74b3
--- /dev/null
+++ b/app/portainer/views/endpoint-registries/registries.html
@@ -0,0 +1,21 @@
+<rd-header>
+  <rd-header-title title-text="Environment registries">
+    <a data-toggle="tooltip" title="Refresh" ui-sref="docker.registries" ui-sref-opts="{reload: true}">
+      <i class="fa fa-sync" aria-hidden="true"></i>
+    </a>
+  </rd-header-title>
+  <rd-header-content>Manage registry access inside this environment</rd-header-content>
+</rd-header>
+<div class="row">
+  <div class="col-sm-12">
+    <registries-datatable
+      title-text="Registries"
+      title-icon="fa-database"
+      dataset="$ctrl.registries"
+      table-key="endpointRegistries"
+      order-by="Name"
+      endpoint-type="$ctrl.endpointType"
+      can-manage-access="$ctrl.canManageAccess"
+    ></registries-datatable>
+  </div>
+</div>
diff --git a/app/portainer/views/endpoint-registries/registries.js b/app/portainer/views/endpoint-registries/registries.js
new file mode 100644
index 000000000..61dfc3b42
--- /dev/null
+++ b/app/portainer/views/endpoint-registries/registries.js
@@ -0,0 +1,7 @@
+angular.module('portainer.app').component('endpointRegistriesView', {
+  templateUrl: './registries.html',
+  controller: 'EndpointRegistriesController',
+  bindings: {
+    endpoint: '<',
+  },
+});
diff --git a/app/portainer/views/endpoint-registries/registriesController.js b/app/portainer/views/endpoint-registries/registriesController.js
new file mode 100644
index 000000000..32482dbc9
--- /dev/null
+++ b/app/portainer/views/endpoint-registries/registriesController.js
@@ -0,0 +1,51 @@
+import _ from 'lodash-es';
+import { DockerHubViewModel } from 'Portainer/models/dockerhub';
+import { RegistryTypes } from 'Portainer/models/registryTypes';
+
+class EndpointRegistriesController {
+  /* @ngInject */
+  constructor($async, Notifications, RegistryService) {
+    this.$async = $async;
+    this.Notifications = Notifications;
+    this.RegistryService = RegistryService;
+
+    this.canManageAccess = this.canManageAccess.bind(this);
+  }
+
+  canManageAccess(item) {
+    return item.Type !== RegistryTypes.ANONYMOUS;
+  }
+
+  getRegistries() {
+    return this.$async(async () => {
+      try {
+        const dockerhub = new DockerHubViewModel();
+        const registries = await this.RegistryService.registries();
+        this.registries = _.concat(registries, dockerhub);
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registries');
+      }
+    });
+  }
+
+  $onInit() {
+    return this.$async(async () => {
+      this.state = {
+        viewReady: false,
+      };
+
+      try {
+        this.endpointType = this.endpoint.Type;
+        this.endpointId = this.endpoint.Id;
+        await this.getRegistries();
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve registries');
+      } finally {
+        this.state.viewReady = true;
+      }
+    });
+  }
+}
+
+export default EndpointRegistriesController;
+angular.module('portainer.app').controller('EndpointRegistriesController', EndpointRegistriesController);
diff --git a/app/portainer/views/init/admin/initAdminController.js b/app/portainer/views/init/admin/initAdminController.js
index 8872bcfe1..e08eca529 100644
--- a/app/portainer/views/init/admin/initAdminController.js
+++ b/app/portainer/views/init/admin/initAdminController.js
@@ -1,5 +1,4 @@
 angular.module('portainer.app').controller('InitAdminController', [
-  '$async',
   '$scope',
   '$state',
   'Notifications',
@@ -10,7 +9,7 @@ angular.module('portainer.app').controller('InitAdminController', [
   'EndpointService',
   'BackupService',
   'StatusService',
-  function ($async, $scope, $state, Notifications, Authentication, StateManager, SettingsService, UserService, EndpointService, BackupService, StatusService) {
+  function ($scope, $state, Notifications, Authentication, StateManager, SettingsService, UserService, EndpointService, BackupService, StatusService) {
     $scope.logo = StateManager.getState().application.logo;
 
     $scope.formValues = {
diff --git a/app/portainer/views/registries/access/registryAccess.html b/app/portainer/views/registries/access/registryAccess.html
deleted file mode 100644
index bab5d7391..000000000
--- a/app/portainer/views/registries/access/registryAccess.html
+++ /dev/null
@@ -1,35 +0,0 @@
-<rd-header>
-  <rd-header-title title-text="Registry access"></rd-header-title>
-  <rd-header-content>
-    <a ui-sref="portainer.registries">Registries</a> &gt; <a ui-sref="portainer.registries.registry({id: registry.Id})">{{ registry.Name }}</a> &gt; Access management
-  </rd-header-content>
-</rd-header>
-
-<div class="row" ng-if="registry">
-  <div class="col-lg-12 col-md-12 col-xs-12">
-    <rd-widget>
-      <rd-widget-header icon="fa-plug" title-text="Registry"></rd-widget-header>
-      <rd-widget-body classes="no-padding">
-        <table class="table">
-          <tbody>
-            <tr>
-              <td>Name</td>
-              <td>
-                {{ registry.Name }}
-              </td>
-            </tr>
-            <tr>
-              <td>URL</td>
-              <td>
-                {{ registry.URL }}
-              </td>
-            </tr>
-          </tbody>
-        </table>
-      </rd-widget-body>
-    </rd-widget>
-  </div>
-</div>
-
-<por-access-management ng-if="registry" access-controlled-entity="registry" entity-type="registry" action-in-progress="state.actionInProgress" update-access="updateAccess">
-</por-access-management>
diff --git a/app/portainer/views/registries/access/registryAccessController.js b/app/portainer/views/registries/access/registryAccessController.js
deleted file mode 100644
index a31372368..000000000
--- a/app/portainer/views/registries/access/registryAccessController.js
+++ /dev/null
@@ -1,34 +0,0 @@
-angular.module('portainer.app').controller('RegistryAccessController', [
-  '$scope',
-  '$state',
-  '$transition$',
-  'RegistryService',
-  'Notifications',
-  function ($scope, $state, $transition$, RegistryService, Notifications) {
-    $scope.updateAccess = function () {
-      $scope.state.actionInProgress = true;
-      RegistryService.updateRegistry($scope.registry)
-        .then(() => {
-          Notifications.success('Access successfully updated');
-          $state.reload();
-        })
-        .catch((err) => {
-          $scope.state.actionInProgress = false;
-          Notifications.error('Failure', err, 'Unable to update accesses');
-        });
-    };
-
-    function initView() {
-      $scope.state = { actionInProgress: false };
-      RegistryService.registry($transition$.params().id)
-        .then(function success(data) {
-          $scope.registry = data;
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to retrieve registry details');
-        });
-    }
-
-    initView();
-  },
-]);
diff --git a/app/portainer/views/registries/create/createregistry.html b/app/portainer/views/registries/create/createRegistry.html
similarity index 51%
rename from app/portainer/views/registries/create/createregistry.html
rename to app/portainer/views/registries/create/createRegistry.html
index 16350efb7..064c6adf2 100644
--- a/app/portainer/views/registries/create/createregistry.html
+++ b/app/portainer/views/registries/create/createRegistry.html
@@ -17,8 +17,18 @@
           <div class="form-group" style="margin-bottom: 0;">
             <div class="boxselector_wrapper">
               <div>
-                <input type="radio" id="registry_quay" ng-model="model.Type" ng-value="RegistryTypes.QUAY" />
-                <label for="registry_quay" ng-click="selectQuayRegistry()">
+                <input type="radio" id="registry_dockerhub" ng-model="$ctrl.model.Type" ng-value="$ctrl.RegistryTypes.DOCKERHUB" />
+                <label for="registry_dockerhub" ng-click="$ctrl.selectDockerHub()">
+                  <div class="boxselector_header">
+                    <i class="fa fa-database" aria-hidden="true" style="margin-right: 2px;"></i>
+                    DockerHub
+                  </div>
+                  <p>DockerHub authenticated account</p>
+                </label>
+              </div>
+              <div>
+                <input type="radio" id="registry_quay" ng-model="$ctrl.model.Type" ng-value="$ctrl.RegistryTypes.QUAY" />
+                <label for="registry_quay" ng-click="$ctrl.selectQuayRegistry()">
                   <div class="boxselector_header">
                     <i class="fa fa-database" aria-hidden="true" style="margin-right: 2px;"></i>
                     Quay.io
@@ -27,8 +37,8 @@
                 </label>
               </div>
               <div>
-                <input type="radio" id="registry_azure" ng-model="model.Type" ng-value="RegistryTypes.AZURE" />
-                <label for="registry_azure" ng-click="selectAzureRegistry()">
+                <input type="radio" id="registry_azure" ng-model="$ctrl.model.Type" ng-value="$ctrl.RegistryTypes.AZURE" />
+                <label for="registry_azure" ng-click="$ctrl.selectAzureRegistry()">
                   <div class="boxselector_header">
                     <i class="fab fa-microsoft" aria-hidden="true" style="margin-right: 2px;"></i>
                     Azure
@@ -37,8 +47,8 @@
                 </label>
               </div>
               <div>
-                <input type="radio" id="registry_gitlab" ng-model="model.Type" ng-value="RegistryTypes.GITLAB" />
-                <label for="registry_gitlab" ng-click="selectGitlabRegistry()">
+                <input type="radio" id="registry_gitlab" ng-model="$ctrl.model.Type" ng-value="$ctrl.RegistryTypes.GITLAB" />
+                <label for="registry_gitlab" ng-click="$ctrl.selectGitlabRegistry()">
                   <div class="boxselector_header">
                     <i class="fab fa-gitlab" aria-hidden="true" style="margin-right: 2px;"></i>
                     Gitlab
@@ -47,8 +57,8 @@
                 </label>
               </div>
               <div>
-                <input type="radio" id="registry_custom" ng-model="model.Type" ng-value="RegistryTypes.CUSTOM" />
-                <label for="registry_custom" ng-click="selectCustomRegistry()">
+                <input type="radio" id="registry_custom" ng-model="$ctrl.model.Type" ng-value="$ctrl.RegistryTypes.CUSTOM" />
+                <label for="registry_custom" ng-click="$ctrl.selectCustomRegistry()">
                   <div class="boxselector_header">
                     <i class="fa fa-database" aria-hidden="true" style="margin-right: 2px;"></i>
                     Custom registry
@@ -60,39 +70,47 @@
           </div>
 
           <registry-form-quay
-            ng-if="model.Type === RegistryTypes.QUAY"
-            model="model"
-            form-action="create"
+            ng-if="$ctrl.model.Type === $ctrl.RegistryTypes.QUAY"
+            model="$ctrl.model"
+            form-action="$ctrl.createRegistry"
             form-action-label="Add registry"
-            action-in-progress="state.actionInProgress"
+            action-in-progress="$ctrl.state.actionInProgress"
           ></registry-form-quay>
 
           <registry-form-azure
-            ng-if="model.Type === RegistryTypes.AZURE"
-            model="model"
-            form-action="create"
+            ng-if="$ctrl.model.Type === $ctrl.RegistryTypes.AZURE"
+            model="$ctrl.model"
+            form-action="$ctrl.createRegistry"
             form-action-label="Add registry"
-            action-in-progress="state.actionInProgress"
+            action-in-progress="$ctrl.state.actionInProgress"
           ></registry-form-azure>
 
           <registry-form-custom
-            ng-if="model.Type === RegistryTypes.CUSTOM"
-            model="model"
-            form-action="create"
+            ng-if="$ctrl.model.Type === $ctrl.RegistryTypes.CUSTOM"
+            model="$ctrl.model"
+            form-action="$ctrl.createRegistry"
             form-action-label="Add registry"
-            action-in-progress="state.actionInProgress"
+            action-in-progress="$ctrl.state.actionInProgress"
           ></registry-form-custom>
 
           <registry-form-gitlab
-            ng-if="model.Type === RegistryTypes.GITLAB"
-            model="model"
-            retrieve-registries="retrieveGitlabRegistries"
-            create-registries="createGitlabRegistries"
-            projects="gitlabProjects"
-            state="state"
-            action-in-progress="state.actionInProgress"
-            reset-defaults="useDefaultGitlabConfiguration"
+            ng-if="$ctrl.model.Type === $ctrl.RegistryTypes.GITLAB"
+            model="$ctrl.model"
+            retrieve-registries="$ctrl.retrieveGitlabRegistries"
+            create-registries="$ctrl.createGitlabRegistries"
+            projects="$ctrl.gitlabProjects"
+            state="$ctrl.state"
+            action-in-progress="$ctrl.state.actionInProgress"
+            reset-defaults="$ctrl.useDefaultGitlabConfiguration"
           ></registry-form-gitlab>
+
+          <registry-form-dockerhub
+            ng-if="$ctrl.model.Type === $ctrl.RegistryTypes.DOCKERHUB"
+            model="$ctrl.model"
+            form-action="$ctrl.createRegistry"
+            form-action-label="Add registry"
+            action-in-progress="$ctrl.state.actionInProgress"
+          ></registry-form-dockerhub>
         </form>
       </rd-widget-body>
     </rd-widget>
diff --git a/app/portainer/views/registries/create/createRegistry.js b/app/portainer/views/registries/create/createRegistry.js
new file mode 100644
index 000000000..e935feea6
--- /dev/null
+++ b/app/portainer/views/registries/create/createRegistry.js
@@ -0,0 +1,10 @@
+import angular from 'angular';
+import CreateRegistryController from './createRegistryController';
+
+angular.module('portainer.app').component('createRegistry', {
+  templateUrl: './createRegistry.html',
+  controller: CreateRegistryController,
+  bindings: {
+    $transition$: '<',
+  },
+});
diff --git a/app/portainer/views/registries/create/createRegistryController.js b/app/portainer/views/registries/create/createRegistryController.js
index 02f8e29b9..7ecc0c5eb 100644
--- a/app/portainer/views/registries/create/createRegistryController.js
+++ b/app/portainer/views/registries/create/createRegistryController.js
@@ -1,23 +1,13 @@
-import { RegistryTypes } from '@/portainer/models/registryTypes';
-import { RegistryDefaultModel } from '../../../models/registry';
+import { RegistryTypes } from 'Portainer/models/registryTypes';
+import { RegistryCreateFormValues } from 'Portainer/models/registry';
 
-angular.module('portainer.app').controller('CreateRegistryController', [
-  '$scope',
-  '$state',
-  'RegistryService',
-  'Notifications',
-  'RegistryGitlabService',
-  function ($scope, $state, RegistryService, Notifications, RegistryGitlabService) {
-    $scope.selectQuayRegistry = selectQuayRegistry;
-    $scope.selectAzureRegistry = selectAzureRegistry;
-    $scope.selectCustomRegistry = selectCustomRegistry;
-    $scope.selectGitlabRegistry = selectGitlabRegistry;
-    $scope.create = createRegistry;
-    $scope.useDefaultGitlabConfiguration = useDefaultGitlabConfiguration;
-    $scope.retrieveGitlabRegistries = retrieveGitlabRegistries;
-    $scope.createGitlabRegistries = createGitlabRegistries;
+class CreateRegistryController {
+  /* @ngInject */
+  constructor($async, $state, EndpointProvider, Notifications, RegistryService, RegistryGitlabService) {
+    Object.assign(this, { $async, $state, EndpointProvider, Notifications, RegistryService, RegistryGitlabService });
 
-    $scope.state = {
+    this.RegistryTypes = RegistryTypes;
+    this.state = {
       actionInProgress: false,
       overrideConfiguration: false,
       gitlab: {
@@ -26,94 +16,106 @@ angular.module('portainer.app').controller('CreateRegistryController', [
         },
         selectedItems: [],
       },
+      originViewReference: 'portainer.registries',
     };
 
-    function useDefaultQuayConfiguration() {
-      $scope.model.Quay.useOrganisation = false;
-      $scope.model.Quay.organisationName = '';
-    }
+    this.createRegistry = this.createRegistry.bind(this);
+    this.retrieveGitlabRegistries = this.retrieveGitlabRegistries.bind(this);
+    this.createGitlabRegistries = this.createGitlabRegistries.bind(this);
+  }
 
-    function selectQuayRegistry() {
-      $scope.model.Name = 'Quay';
-      $scope.model.URL = 'quay.io';
-      $scope.model.Authentication = true;
-      $scope.model.Quay = {};
-      useDefaultQuayConfiguration();
-    }
+  useDefaultQuayConfiguration() {
+    this.model.Quay.useOrganisation = false;
+    this.model.Quay.organisationName = '';
+  }
 
-    function useDefaultGitlabConfiguration() {
-      $scope.model.URL = 'https://registry.gitlab.com';
-      $scope.model.Gitlab.InstanceURL = 'https://gitlab.com';
-    }
+  selectQuayRegistry() {
+    this.model.Name = 'Quay';
+    this.model.URL = 'quay.io';
+    this.model.Authentication = true;
+    this.model.Quay = {};
+    this.useDefaultQuayConfiguration();
+  }
 
-    function selectGitlabRegistry() {
-      $scope.model.Name = '';
-      $scope.model.Authentication = true;
-      $scope.model.Gitlab = {};
-      useDefaultGitlabConfiguration();
-    }
+  useDefaultGitlabConfiguration() {
+    this.model.URL = 'https://registry.gitlab.com';
+    this.model.Gitlab.InstanceURL = 'https://gitlab.com';
+  }
 
-    function selectAzureRegistry() {
-      $scope.model.Name = '';
-      $scope.model.URL = '';
-      $scope.model.Authentication = true;
-    }
+  selectGitlabRegistry() {
+    this.model.Name = '';
+    this.model.Authentication = true;
+    this.model.Gitlab = {};
+    this.useDefaultGitlabConfiguration();
+  }
 
-    function selectCustomRegistry() {
-      $scope.model.Name = '';
-      $scope.model.URL = '';
-      $scope.model.Authentication = false;
-    }
+  selectAzureRegistry() {
+    this.model.Name = '';
+    this.model.URL = '';
+    this.model.Authentication = true;
+  }
 
-    function retrieveGitlabRegistries() {
-      $scope.state.actionInProgress = true;
-      RegistryGitlabService.projects($scope.model.Gitlab.InstanceURL, $scope.model.Token)
-        .then((data) => {
-          $scope.gitlabProjects = data;
-        })
-        .catch((err) => {
-          Notifications.error('Failure', err, 'Unable to retrieve projects');
-        })
-        .finally(() => {
-          $scope.state.actionInProgress = false;
-        });
-    }
+  selectCustomRegistry() {
+    this.model.Name = '';
+    this.model.URL = '';
+    this.model.Authentication = false;
+  }
 
-    function createGitlabRegistries() {
-      $scope.state.actionInProgress = true;
-      RegistryService.createGitlabRegistries($scope.model, $scope.state.gitlab.selectedItems)
-        .then(() => {
-          Notifications.success('Registries successfully created');
-          $state.go('portainer.registries');
-        })
-        .catch((err) => {
-          Notifications.error('Failure', err, 'Unable to create registries');
-        })
-        .finally(() => {
-          $scope.state.actionInProgress = false;
-        });
-    }
+  selectDockerHub() {
+    this.model.Name = '';
+    this.model.URL = 'docker.io';
+    this.model.Authentication = true;
+  }
 
-    function createRegistry() {
-      $scope.state.actionInProgress = true;
-      RegistryService.createRegistry($scope.model)
-        .then(function success() {
-          Notifications.success('Registry successfully created');
-          $state.go('portainer.registries');
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to create registry');
-        })
-        .finally(function final() {
-          $scope.state.actionInProgress = false;
-        });
-    }
+  retrieveGitlabRegistries() {
+    return this.$async(async () => {
+      this.state.actionInProgress = true;
+      try {
+        this.gitlabProjects = await this.RegistryGitlabService.projects(this.model.Gitlab.InstanceURL, this.model.Token);
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to retrieve projects');
+      } finally {
+        this.state.actionInProgress = false;
+      }
+    });
+  }
 
-    function initView() {
-      $scope.RegistryTypes = RegistryTypes;
-      $scope.model = new RegistryDefaultModel();
-    }
+  createGitlabRegistries() {
+    return this.$async(async () => {
+      try {
+        this.state.actionInProgress = true;
+        await this.RegistryService.createGitlabRegistries(this.model, this.state.gitlab.selectedItems);
+        this.Notifications.success('Registries successfully created');
+        this.$state.go(this.state.originViewReference, { endpointId: this.EndpointProvider.endpointID() });
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to create registries');
+        this.state.actionInProgress = false;
+      }
+    });
+  }
 
-    initView();
-  },
-]);
+  createRegistry() {
+    return this.$async(async () => {
+      try {
+        this.state.actionInProgress = true;
+        await this.RegistryService.createRegistry(this.model);
+        this.Notifications.success('Registry successfully created');
+        this.$state.go(this.state.originViewReference, { endpointId: this.EndpointProvider.endpointID() });
+      } catch (err) {
+        this.Notifications.error('Failure', err, 'Unable to create registry');
+        this.state.actionInProgress = false;
+      }
+    });
+  }
+
+  $onInit() {
+    this.model = new RegistryCreateFormValues();
+
+    const origin = this.$transition$.originalTransition().from();
+    if (origin.name && /^[a-z]+\.registries$/.test(origin.name)) {
+      this.state.originViewReference = origin;
+    }
+  }
+}
+
+export default CreateRegistryController;
diff --git a/app/portainer/views/registries/edit/registryController.js b/app/portainer/views/registries/edit/registryController.js
index 52bb669ae..2ea6d5784 100644
--- a/app/portainer/views/registries/edit/registryController.js
+++ b/app/portainer/views/registries/edit/registryController.js
@@ -3,11 +3,9 @@ import { RegistryTypes } from '@/portainer/models/registryTypes';
 angular.module('portainer.app').controller('RegistryController', [
   '$scope',
   '$state',
-  '$transition$',
-  '$filter',
   'RegistryService',
   'Notifications',
-  function ($scope, $state, $transition$, $filter, RegistryService, Notifications) {
+  function ($scope, $state, RegistryService, Notifications) {
     $scope.state = {
       actionInProgress: false,
     };
@@ -36,7 +34,7 @@ angular.module('portainer.app').controller('RegistryController', [
     };
 
     function initView() {
-      var registryID = $transition$.params().id;
+      var registryID = $state.params.id;
       RegistryService.registry(registryID)
         .then(function success(data) {
           $scope.registry = data;
diff --git a/app/portainer/views/registries/registries.html b/app/portainer/views/registries/registries.html
index 420f06612..219a1886f 100644
--- a/app/portainer/views/registries/registries.html
+++ b/app/portainer/views/registries/registries.html
@@ -7,79 +7,6 @@
   <rd-header-content>Registry management</rd-header-content>
 </rd-header>
 
-<information-panel title-text="Registry usage">
-  <span class="small">
-    <p class="text-muted">
-      <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
-      DockerHub credentials and registries can only be used with Docker endpoints at the time.
-    </p>
-  </span>
-</information-panel>
-
-<div class="row" ng-if="dockerhub && isAdmin">
-  <div class="col-sm-12">
-    <rd-widget>
-      <rd-widget-header icon="fa-database" title-text="DockerHub"> </rd-widget-header>
-      <rd-widget-body>
-        <form class="form-horizontal">
-          <!-- note -->
-          <div class="form-group">
-            <span class="col-sm-12 text-muted small">
-              The DockerHub registry can be used by any user. You can specify the credentials that will be used to push &amp; pull images here.
-            </span>
-          </div>
-          <!-- !note -->
-          <!-- authentication-checkbox -->
-          <div class="form-group">
-            <div class="col-sm-12">
-              <label for="registry_auth" class="control-label text-left">
-                Authentication
-                <portainer-tooltip position="bottom" message="Enable this option if you need to specify credentials to connect to push/pull private images."></portainer-tooltip>
-              </label>
-              <label class="switch" style="margin-left: 20px;"> <input type="checkbox" ng-model="dockerhub.Authentication" /><i></i> </label>
-            </div>
-          </div>
-          <!-- !authentication-checkbox -->
-          <!-- authentication-credentials -->
-          <div ng-if="dockerhub.Authentication">
-            <!-- credentials-user -->
-            <div class="form-group">
-              <label for="hub_username" class="col-sm-3 col-lg-2 control-label text-left">Username</label>
-              <div class="col-sm-9 col-lg-10">
-                <input type="text" class="form-control" id="hub_username" ng-model="dockerhub.Username" />
-              </div>
-            </div>
-            <!-- !credentials-user -->
-            <!-- credentials-password -->
-            <div class="form-group">
-              <label for="hub_password" class="col-sm-3 col-lg-2 control-label text-left">Password</label>
-              <div class="col-sm-9 col-lg-10">
-                <input type="password" class="form-control" id="hub_password" ng-model="formValues.dockerHubPassword" placeholder="*******" />
-              </div>
-            </div>
-            <!-- !credentials-password -->
-          </div>
-          <!-- !authentication-credentials -->
-          <div class="form-group">
-            <div class="col-sm-12">
-              <button
-                type="button"
-                class="btn btn-primary btn-sm"
-                ng-disabled="state.actionInProgress || dockerhub.Authentication && (!dockerhub.Username || !formValues.dockerHubPassword)"
-                ng-click="updateDockerHub()"
-                button-spinner="state.actionInProgress"
-              >
-                <span ng-hide="state.actionInProgress">Update</span>
-                <span ng-show="state.actionInProgress">Updating DockerHub settings...</span>
-              </button>
-            </div>
-          </div>
-        </form>
-      </rd-widget-body>
-    </rd-widget>
-  </div>
-</div>
-
 <div class="row">
   <div class="col-sm-12">
     <registries-datatable
@@ -88,7 +15,6 @@
       dataset="registries"
       table-key="registries"
       order-by="Name"
-      access-management="isAdmin"
       remove-action="removeAction"
       can-browse="canBrowse"
     ></registries-datatable>
diff --git a/app/portainer/views/registries/registriesController.js b/app/portainer/views/registries/registriesController.js
index c0e40acf8..e9bf00071 100644
--- a/app/portainer/views/registries/registriesController.js
+++ b/app/portainer/views/registries/registriesController.js
@@ -1,43 +1,23 @@
 import _ from 'lodash-es';
+import { RegistryTypes } from 'Portainer/models/registryTypes';
+import { DockerHubViewModel } from 'Portainer/models/dockerhub';
 
 angular.module('portainer.app').controller('RegistriesController', [
   '$q',
   '$scope',
   '$state',
   'RegistryService',
-  'DockerHubService',
   'ModalService',
   'Notifications',
-  'Authentication',
-  function ($q, $scope, $state, RegistryService, DockerHubService, ModalService, Notifications, Authentication) {
+  function ($q, $scope, $state, RegistryService, ModalService, Notifications) {
     $scope.state = {
       actionInProgress: false,
     };
 
-    $scope.formValues = {
-      dockerHubPassword: '',
-    };
-
-    const nonBrowsableUrls = ['quay.io'];
+    const nonBrowsableTypes = [RegistryTypes.ANONYMOUS, RegistryTypes.DOCKERHUB, RegistryTypes.QUAY];
 
     $scope.canBrowse = function (item) {
-      return !_.includes(nonBrowsableUrls, item.URL);
-    };
-
-    $scope.updateDockerHub = function () {
-      var dockerhub = $scope.dockerhub;
-      dockerhub.Password = $scope.formValues.dockerHubPassword;
-      $scope.state.actionInProgress = true;
-      DockerHubService.update(dockerhub)
-        .then(function success() {
-          Notifications.success('DockerHub registry updated');
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to update DockerHub details');
-        })
-        .finally(function final() {
-          $scope.state.actionInProgress = false;
-        });
+      return !_.includes(nonBrowsableTypes, item.Type);
     };
 
     $scope.removeAction = function (selectedItems) {
@@ -73,12 +53,10 @@ angular.module('portainer.app').controller('RegistriesController', [
     function initView() {
       $q.all({
         registries: RegistryService.registries(),
-        dockerhub: DockerHubService.dockerhub(),
       })
         .then(function success(data) {
           $scope.registries = data.registries;
-          $scope.dockerhub = data.dockerhub;
-          $scope.isAdmin = Authentication.isAdmin();
+          $scope.registries.push(new DockerHubViewModel());
         })
         .catch(function error(err) {
           $scope.registries = [];
diff --git a/app/portainer/views/sidebar/sidebar.html b/app/portainer/views/sidebar/sidebar.html
index d1d181d92..c1be6661b 100644
--- a/app/portainer/views/sidebar/sidebar.html
+++ b/app/portainer/views/sidebar/sidebar.html
@@ -108,7 +108,7 @@
       <li class="sidebar-list" ng-if="isAdmin && applicationState.application.enableEdgeComputeFeatures">
         <a ui-sref="edge.jobs" ui-sref-active="active">Edge Jobs <span class="menu-icon fa fa-clock fa-fw"></span></a>
       </li>
-      <li class="sidebar-title">
+      <li class="sidebar-title" ng-if="isAdmin || isTeamLeader">
         <span>Settings</span>
       </li>
       <li class="sidebar-list" ng-if="isAdmin || isTeamLeader">
@@ -181,7 +181,7 @@
           <a ui-sref="portainer.tags" ui-sref-active="active">Tags</a>
         </div>
       </li>
-      <li class="sidebar-list">
+      <li class="sidebar-list" ng-if="isAdmin">
         <a ui-sref="portainer.registries" ui-sref-active="active">Registries <span class="menu-icon fa fa-database fa-fw"></span></a>
       </li>
       <li class="sidebar-list" ng-if="isAdmin">
diff --git a/app/portainer/views/sidebar/sidebarController.js b/app/portainer/views/sidebar/sidebarController.js
index 6e1d8ecef..29c12a27f 100644
--- a/app/portainer/views/sidebar/sidebarController.js
+++ b/app/portainer/views/sidebar/sidebarController.js
@@ -19,15 +19,20 @@ angular.module('portainer.app').controller('SidebarController', [
       $scope.isTeamLeader = isLeader;
     }
 
+    function isClusterAdmin() {
+      return Authentication.isAdmin();
+    }
+
     async function initView() {
       $scope.uiVersion = StateManager.getState().application.version;
       $scope.logo = StateManager.getState().application.logo;
-      $scope.showStacks = await shouldShowStacks();
+
+      $scope.endpointId = EndpointProvider.endpointID();
+      $scope.showStacks = shouldShowStacks();
 
       let userDetails = Authentication.getUserDetails();
-      let isAdmin = Authentication.isAdmin();
+      const isAdmin = isClusterAdmin();
       $scope.isAdmin = isAdmin;
-      $scope.endpointId = EndpointProvider.endpointID();
 
       $q.when(!isAdmin ? UserService.userMemberships(userDetails.ID) : [])
         .then(function success(data) {
@@ -36,18 +41,12 @@ angular.module('portainer.app').controller('SidebarController', [
         .catch(function error(err) {
           Notifications.error('Failure', err, 'Unable to retrieve user memberships');
         });
-
-      $transitions.onEnter({}, () => {
-        $scope.endpointId = EndpointProvider.endpointID();
-      });
     }
 
     initView();
 
-    async function shouldShowStacks() {
-      const isAdmin = Authentication.isAdmin();
-
-      if (isAdmin) {
+    function shouldShowStacks() {
+      if (isClusterAdmin()) {
         return true;
       }
 
@@ -60,7 +59,9 @@ angular.module('portainer.app').controller('SidebarController', [
     }
 
     $transitions.onEnter({}, async () => {
-      $scope.showStacks = await shouldShowStacks();
+      $scope.endpointId = EndpointProvider.endpointID();
+      $scope.showStacks = shouldShowStacks();
+      $scope.isAdmin = isClusterAdmin();
 
       if ($scope.applicationState.endpoint.name) {
         document.title = `${$rootScope.defaultTitle} | ${$scope.applicationState.endpoint.name}`;
diff --git a/jsconfig.json b/jsconfig.json
index 6e5e7a1af..a09392634 100644
--- a/jsconfig.json
+++ b/jsconfig.json
@@ -9,7 +9,8 @@
       "Azure/*": ["azure/*"],
       "Docker/*": ["docker/*"],
       "Kubernetes/*": ["kubernetes/*"],
-      "Portainer/*": ["portainer/*"]
+      "Portainer/*": ["portainer/*"],
+      "@/*": ["../app/*"],
     }
   },
   "exclude": ["api", "build", "dist", "distribution", "node_modules", "test", "webpack"]