Skip to content

Docs CSC now features an automatic Finnish translation. Click here for more information.

Warning!

Puhti and Mahti are being decommissioned in stages, and their storage areas will become fully unavailable from 15 October 2026. Clean up unnecessary files and move any data you need to keep by 31 August 2026. See the Roihu data migration guide for instructions on transferring your data to Roihu.

Puhti scratch is very full: keep only active data there and move or delete everything else. No new Puhti scratch quota will be granted.

Getting Access to Satama

Login Using a CSC Account

In order to use the Satama container registry with a CSC account, you need:

  1. A CSC user account. You can check which is your "CSC username" in MyCSC profile page. You can also change the password from there. If you don't have a CSC account already, you can create one by following Create a new CSC user account

  2. Multi Factor Authentication (MFA) is required when login. For more information, visit the Multi-Factor Authentication (MFA) Guide

  3. A CSC project with Satama service enabled. To create a new CSC project, follow Create a new CSC project or ask to be added to an existing project. The project should have Satama service enabled to access. Follow Apply for Satama access to enable Satama in your CSC project.

Please contact servicedesk@csc.fi in case you need assistance.

Change Role of Individual Members

The user must be added to the MyCSC project and then log in to the Satama platform. This will automatically create a username on Satama. When a user logs in for the first time, only library project will be visible. After 15 minutes, other CSC projects with Satama enabled will appear.

By default, everyone having access to project have Project admin role. Members with project admin role, can remove members and change the role of other members in the project. However, please note that these changes are temporary and may be overridden by the periodic synchronization process. Satama enforces role-based access control to ensure that only authorized users can perform specific actions.

  1. Click on your project
  2. Click on Members tab
  3. Select the member from the list
  4. Click on Action..
  5. A list will appear
  6. Remove/change role of that member.

Change Role

The primary roles are Limited Guest, Guest, Developer, Maintainer, and Project Admin.

  • Limited Guest can pull images but cannot push, and they cannot see logs or the other members of a project.
  • Guest has read-only permission, they can only retag and pull images.
  • Developer can both push and pull images.
  • Maintainer have extended rights, such as the ability to scan images, view replications jobs, and delete images and helm charts.
  • Project Admin can manage project members, assign roles, configure project settings and starting a vulnerability scan.

If you find that you cannot perform certain actions, such as pushing an image or initiating a scan, it’s likely due to insufficient permissions. In such cases, you should contact your project administrator to adjust your role or confirm your access level. You can check detail permission of the role here.

It is also possible to have read-only access to public projects when user is not logged in. That type of user is known as Anonymous user.