akash-gautam/deny-lb-type-svc.yaml

## deny-lb-type-svc.yaml
apiVersion: templates.gatekeeper.sh/v1beta1
kind: ConstraintTemplate
metadata:
  name: lbtypesvcnotallowed
spec:
  crd:
    spec:
      names:
        kind: LBTypeSvcNotAllowed
        listKind: LBTypeSvcNotAllowedList
        plural: lbtypesvcnotallowed
        singular: lbtypesvcnotallowed
  targets:
    - target: admission.k8s.gatekeeper.sh
      rego: |
        package kubernetes.admission
        violation[{"msg": msg}] {
                    input.review.kind.kind = "Service"
                    input.review.operation = "CREATE"
                    input.review.object.spec.type = "LoadBalancer"
                    msg := "LoadBalancer Services are not permitted"
        }
	apiVersion: templates.gatekeeper.sh/v1beta1
	kind: ConstraintTemplate
	metadata:
	name: lbtypesvcnotallowed
	spec:
	crd:
	spec:
	names:
	kind: LBTypeSvcNotAllowed
	listKind: LBTypeSvcNotAllowedList
	plural: lbtypesvcnotallowed
	singular: lbtypesvcnotallowed
	targets:
	- target: admission.k8s.gatekeeper.sh
	rego: \|
	package kubernetes.admission
	violation[{"msg": msg}] {
	input.review.kind.kind = "Service"
	input.review.operation = "CREATE"
	input.review.object.spec.type = "LoadBalancer"
	msg := "LoadBalancer Services are not permitted"
	}