pkg/manifests/policy/manifests/k8sdisallowanonymous.yaml (11 lines of code) (raw):

apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sDisallowAnonymous metadata: name: no-anonymous spec: match: kinds: - apiGroups: ["rbac.authorization.k8s.io"] kinds: ["ClusterRoleBinding"] - apiGroups: ["rbac.authorization.k8s.io"] kinds: ["RoleBinding"]