Kubernetes (registry.k8s.io)
The Kubernetes project registry - a redirector in front of cloud-regional backends.
| Host | Ports | Purpose | |
|---|---|---|---|
| registry.k8s.io | 443 | Front-end redirector (manifests, redirect responses) | required |
| *.pkg.dev | 443 | Google Artifact Registry backends (redirect targets) | required |
| *.amazonaws.com | 443 | AWS S3 blob backends (redirect targets, regional buckets) | required |
Notes
registry.k8s.io is explicitly designed to redirect to the nearest backend, and the project states the set of backends can change at any time without notice. Hostname allowlists need broad rules (*.pkg.dev plus the regional prod-registry-k8s-io-* S3 buckets). For strict environments the upstream recommendation is: do not allowlist this registry at all - mirror the images into your own registry instead.
Copy-paste
Plain domain list: registry-k8s-io.txt · JSON: registry-k8s-io.json · connectivity test: check-registry-k8s-io.sh
registry.k8s.io *.pkg.dev *.amazonaws.com
Verify from inside the network
curl -fsSL https://pullist.d0t.se/check-registry-k8s-io.sh | sh