built-in-references/Kubernetes/allowed-external-ips/constraint.yaml (12 lines of code) (raw):
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: K8sAzureExternalIPs
metadata:
name: external-ips
spec:
match:
excludedNamespaces: {{ .Values.excludedNamespaces }}
kinds:
- apiGroups: [""]
kinds: ["Service"]
parameters:
allowedExternalIPs: {{ .Values.allowedExternalIPs }}