To restrict anonymous access to a single repository, you can create your own anonymous role with targeted permissions and assign it to the anonymous user.
1. Create a new role with the permissions you would like to grant to the anonymous user.
For example, the following allows read and browse privileges to a maven2 repository:nx-repository-view-maven2-<nx-repository-view-maven2-<
The read privilege allows downloads, and the browse privilege allows a user to see the repository's contents in the UI.
You may also want to add the "nx-search-read" privilege to allow searching.
2. Security > Users, remove the default nx-anonymous role from the anonymous user, and replace it with the new role.
3. Make sure anonymous access is enabled in Security > Realms. Verify that the "local authenticating realm" and "local authorizing realm" are in the active realm list.
4. Make sure anonymous access is enabled. In Security > Anonymous make sure the check box to Allow anonymous access to the server is checked. Also make sure the realm of the anonymous user is "local authorizing realm".
Additional documentation regarding anonymous access is provided here:
https://help.sonatype.com/repomanager3/system-configuration/user-authentication/anonymous-access