policyDefinitions/Kubernetes/block-usage-of-the-default-namespace-in-a-kubernetes-cluster/constraint.yaml (10 lines of code) (raw):
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: K8sAzureBlockDefault
metadata:
name: block-default-namespace
spec:
match:
excludedNamespaces: {{ .Values.excludedNamespaces }}
kinds:
- apiGroups: [""]
kinds: ["ConfigMap", "Pod", "Secret", "Service", "ServiceAccount"]