# Project objects logically group team members, secrets, and Shoot clusters. They result in Kubernetes namespaces # prefixed with "garden-". --- apiVersion: core.gardener.cloud/v1beta1 kind: Project metadata: name: dev spec: owner: apiGroup: rbac.authorization.k8s.io kind: User name: john.doe@example.com members: - apiGroup: rbac.authorization.k8s.io kind: User name: alice.doe@example.com role: admin # roles: # Additional roles go here # - viewer # - uam # User access manager - apiGroup: rbac.authorization.k8s.io kind: User name: bob.doe@example.com role: viewer # roles: # Additional roles go here # - extension:myrole # description: "This is my first project" # purpose: "Experimenting with Gardener" # The `spec.namespace` field is optional and will be initialized if unset - the resulting # namespace will be generated and look like "garden-dev-", e.g. "garden-dev-5z43z". # If the namespace is set then the namespace must be labelled with `gardener.cloud/role: project` # and `project.gardener.cloud/name: ` (=dev in this case). namespace: garden-dev # tolerations: # defaults: # - key: # whitelist: # - key: