projects-operator
The projects-operator is a Kubernetes extension that introduces a Project Custom Resource Definition (CRD) and a corresponding controller to simplify resource organization and isolation within a single cluster. A Project functions as a Kubernetes namespace augmented with a predefined set of Role-Based Access Control rules, allowing administrators to create isolated environments with consistent permissions. The operator supports defining access for users, groups, and service accounts within each project. It utilizes three webhooks to enforce validation and automate configuration: preventing namespace name collisions during project creation, mutating ProjectAccess requests to reflect user permissions, and automatically adding the creating user as a project member if no explicit access rules are defined. Deployment requires building a custom container image, defining a base ClusterRole for RBAC rules, and installing via k14s or kapp scripts. This tool is ideal for teams needing standardized multi-tenancy pattern