Add Quota

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: add-ns-quota
 5  annotations:
 6    policies.kyverno.io/title: Add Quota
 7    policies.kyverno.io/category: Multi-Tenancy, EKS Best Practices
 8    policies.kyverno.io/subject: ResourceQuota, LimitRange
 9    policies.kyverno.io/minversion: 1.6.0
10    policies.kyverno.io/description: >-
11      To better control the number of resources that can be created in a given
12      Namespace and provide default resource consumption limits for Pods,
13      ResourceQuota and LimitRange resources are recommended.
14      This policy will generate ResourceQuota and LimitRange resources when
15      a new Namespace is created.      
16spec:
17  rules:
18  - name: generate-resourcequota
19    match:
20      any:
21      - resources:
22          kinds:
23          - Namespace
24    generate:
25      apiVersion: v1
26      kind: ResourceQuota
27      name: default-resourcequota
28      synchronize: true
29      namespace: "{{request.object.metadata.name}}"
30      data:
31        spec:
32          hard:
33            requests.cpu: '4'
34            requests.memory: '16Gi'
35            limits.cpu: '4'
36            limits.memory: '16Gi'
37  - name: generate-limitrange
38    match:
39      any:
40      - resources:
41          kinds:
42          - Namespace
43    generate:
44      apiVersion: v1
45      kind: LimitRange
46      name: default-limitrange
47      synchronize: true
48      namespace: "{{request.object.metadata.name}}"
49      data:
50        spec:
51          limits:
52          - default:
53              cpu: 500m
54              memory: 1Gi
55            defaultRequest:
56              cpu: 200m
57              memory: 256Mi
58            type: Container