From d3a8a7223247ce9edf817d9da7802bb0c553f718 Mon Sep 17 00:00:00 2001
From: Scot Wells <wells.scot@gmail.com>
Date: Fri, 25 Jul 2025 13:30:05 -0500
Subject: [PATCH] chore: create policy binding for admission policy

---
 .../validation/organization-update-policy.yaml         | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/config/policies/validation/organization-update-policy.yaml b/config/policies/validation/organization-update-policy.yaml
index d67c948..a5a08cc 100644
--- a/config/policies/validation/organization-update-policy.yaml
+++ b/config/policies/validation/organization-update-policy.yaml
@@ -1,7 +1,7 @@
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingAdmissionPolicy
 metadata:
-  name: "organization-update-policy.miloapis.com"
+  name: "disallow-personal-org-name-change"
 spec:
   failurePolicy: Fail
   matchConstraints:
@@ -13,3 +13,11 @@ spec:
   validations:
   - expression: "object.spec.type != 'Personal' || oldObject.metadata.annotations['kubernetes.io/display-name'] == object.metadata.annotations['kubernetes.io/display-name']"
     message: "The display name of a personal organization cannot be changed."
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingAdmissionPolicyBinding
+metadata:
+  name: "disallow-personal-org-name-change"
+spec:
+  policyName: "disallow-personal-org-name-change"
+  validationActions: [Deny]