How to disallow any admins or users to run Docker exec?
To prevent them from getting into a container
Where is the container running? If it’s on a remote server you can do it with Linux user level permissions. Basically just make sure their user accounts are not sudoers, make sure they’re not in the docker user group, and make sure docker daemon is not allowing all user groups to access it. (This is the default configuration btw so I’m guessing your users are running as root on the host?)
If they have access to docker then I don’t think you can (unless you want to maintain an allow list of each docker command in the sudoers file). You would need to use kubernetes to get that sort of functionality.