gatekeeper: can not retrive data from data.inventory

Use Case : For the namespaces which does not contain resourcequota , Pods should not get created.

I have created below configurations : template :

apiVersion: templates.gatekeeper.sh/v1beta1 
kind: ConstraintTemplate 
metadata: 
  name: k8sresoucequota 
spec:
  crd:
    spec:
      names:
        kind: k8sResouceQuota
  targets:
    - target: admission.k8s.gatekeeper.sh
      rego: |
        package k8sresoucequota

        violation[{"msg": msg}] {
          input.request.kind.kind == "Pod"
          requestns := input.request.object.metadata.namespace
          existingrqs := {e | e := data.inventory.namespace[requestns]["v1beta1"]["ResourceQuota"].metadata.name}
          not ns_exists(requestns,existingrqs)
          msg := sprintf("container <%v> could not be created because the <%v> namespace does not have ResourceQuotas defined", [input.request.object.metadata.name,input.request.object.metadata.namespace])
        }

        ns_exists(ns,arr) {
          arr[_] = ns
        }

Constraint :

apiVersion: constraints.gatekeeper.sh/v1beta1
kind: k8sResouceQuota
metadata:
  name: namespace-must-have-resourcequota
spec:
  match:
    kinds:
      - apiGroups: [""]
        kinds: ["Pod"]
    excludedNamespaces:
      - kube-system
      - kube-public
      - kube-node-lease
      - default
      - gatekeeper-system
      - kubernetes-dashboard

using below sync.yaml

apiVersion: config.gatekeeper.sh/v1alpha1
kind: Config
metadata:
  name: config
  namespace: "gatekeeper-system"
spec:
  sync:
    syncOnly:
      - group: ""
        version: "v1beta1"
        kind: "Pod"
      - group: ""
        version: "v1beta1"
        kind: "Namespace"
      - group: ""
        version: "v1beta1"
        kind: "ResourceQuota"

What did you expect to happen: Pod should not get created if corresponding namespace does not have resourcequota set.

Don’t know exactly what I’m missing.