built-in-references/Kubernetes/block-default-namespace/constraint.yaml (10 lines of code) (raw):
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: K8sAzureBlockDefault
metadata:
name: block-default-namespace
spec:
match:
excludedNamespaces: {{ .Values.excludedNamespaces }}
kinds:
- apiGroups: [""]
kinds: ["ConfigMap", "Pod", "Secret", "Service", "ServiceAccount"]