Skip to main content

Image Registry prohibited

Kubernetes enforces strict policies regarding which container registries are allowed in the cluster. Using images from untrusted or unverified registries can pose significant security risks, such as introducing vulnerabilities, malicious code, or unmaintained software into the environment.

By default, many Kubernetes clusters are configured with an allowlist of trusted registries. Images from registries not included in this list will be blocked from being pulled by the container runtime.

Common reasons for prohibited image registries

  1. Unverified Registry: The registry is not listed in the organization's trusted sources.
  2. Outdated Policy: The registry was removed from the allowlist due to policy updates.
  3. Potential Threats: The registry has a history of hosting vulnerable or malicious images.

For more information, visit the Kubernetes documentation