diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/BUILD b/plugin/pkg/admission/resourcequota/apis/resourcequota/BUILD
new file mode 100644
index 0000000000..711a80f1b9
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/BUILD
@@ -0,0 +1,43 @@
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "register.go",
+        "types.go",
+        "zz_generated.deepcopy.go",
+    ],
+    tags = ["automanaged"],
+    deps = [
+        "//vendor:k8s.io/apimachinery/pkg/apis/meta/v1",
+        "//vendor:k8s.io/apimachinery/pkg/conversion",
+        "//vendor:k8s.io/apimachinery/pkg/runtime",
+        "//vendor:k8s.io/apimachinery/pkg/runtime/schema",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota/install:all-srcs",
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1:all-srcs",
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota/validation:all-srcs",
+    ],
+    tags = ["automanaged"],
+)
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS b/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS
new file mode 100755
index 0000000000..6c48a1a83e
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS
@@ -0,0 +1,7 @@
+reviewers:
+- deads2k
+- derekwaynecarr
+approvers:
+- deads2k
+- derekwaynecarr
+- smarterclayton
\ No newline at end of file
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/doc.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/doc.go
new file mode 100644
index 0000000000..fd56cc64a2
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package,register
+
+package resourcequota // import "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/install/BUILD b/plugin/pkg/admission/resourcequota/apis/resourcequota/install/BUILD
new file mode 100644
index 0000000000..ce41938096
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/install/BUILD
@@ -0,0 +1,34 @@
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["install.go"],
+    tags = ["automanaged"],
+    deps = [
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota:go_default_library",
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1:go_default_library",
+        "//vendor:k8s.io/apimachinery/pkg/apimachinery/announced",
+        "//vendor:k8s.io/apimachinery/pkg/apimachinery/registered",
+        "//vendor:k8s.io/apimachinery/pkg/runtime",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/install/install.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/install/install.go
new file mode 100644
index 0000000000..048d40749a
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/install/install.go
@@ -0,0 +1,44 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package install installs the experimental API group, making it available as
+// an option to all of the API encoding/decoding machinery.
+package install
+
+import (
+	"k8s.io/apimachinery/pkg/apimachinery/announced"
+	"k8s.io/apimachinery/pkg/apimachinery/registered"
+	"k8s.io/apimachinery/pkg/runtime"
+	resourcequotaapi "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
+	resourcequotav1alpha1 "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1"
+)
+
+// Install registers the API group and adds types to a scheme
+func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *registered.APIRegistrationManager, scheme *runtime.Scheme) {
+	if err := announced.NewGroupMetaFactory(
+		&announced.GroupMetaFactoryArgs{
+			GroupName:                  resourcequotaapi.GroupName,
+			VersionPreferenceOrder:     []string{resourcequotav1alpha1.SchemeGroupVersion.Version},
+			ImportPrefix:               "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota",
+			AddInternalObjectsToScheme: resourcequotaapi.AddToScheme,
+		},
+		announced.VersionToSchemeFunc{
+			resourcequotav1alpha1.SchemeGroupVersion.Version: resourcequotav1alpha1.AddToScheme,
+		},
+	).Announce(groupFactoryRegistry).RegisterAndEnable(registry, scheme); err != nil {
+		panic(err)
+	}
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/register.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/register.go
new file mode 100644
index 0000000000..3003db25df
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/register.go
@@ -0,0 +1,53 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package resourcequota
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+var (
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	AddToScheme   = SchemeBuilder.AddToScheme
+)
+
+// GroupName is the group name use in this package
+const GroupName = "resourcequota.admission.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
+
+// Kind takes an unqualified kind and returns a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+	return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	// TODO this will get cleaned up with the scheme types are fixed
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&Configuration{},
+	)
+	return nil
+}
+
+func (obj *Configuration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/types.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/types.go
new file mode 100644
index 0000000000..15b8904be9
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/types.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package resourcequota
+
+import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+// Configuration provides configuration for the ResourceQuota admission controller.
+type Configuration struct {
+	metav1.TypeMeta
+
+	// LimitedResources whose consumption is limited by default.
+	// +optional
+	LimitedResources []LimitedResource
+}
+
+// LimitedResource matches a resource whose consumption is limited by default.
+// To consume the resource, there must exist an associated quota that limits
+// its consumption.
+type LimitedResource struct {
+
+	// APIGroup is the name of the APIGroup that contains the limited resource.
+	// +optional
+	APIGroup string `json:"apiGroup,omitempty"`
+
+	// Resource is the name of the resource this rule applies to.
+	// For example, if the administrator wants to limit consumption
+	// of a storage resource associated with persistent volume claims,
+	// the value would be "persistentvolumeclaims".
+	Resource string `json:"resource"`
+
+	// For each intercepted request, the quota system will evaluate
+	// its resource usage.  It will iterate through each resource consumed
+	// and if the resource contains any substring in this listing, the
+	// quota system will ensure that there is a covering quota.  In the
+	// absence of a covering quota, the quota system will deny the request.
+	// For example, if an administrator wants to globally enforce that
+	// that a quota must exist to consume persistent volume claims associated
+	// with any storage class, the list would include
+	// ".storageclass.storage.k8s.io/requests.storage"
+	MatchContains []string
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/BUILD b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/BUILD
new file mode 100644
index 0000000000..c69774f0a2
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/BUILD
@@ -0,0 +1,42 @@
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "defaults.go",
+        "doc.go",
+        "register.go",
+        "types.go",
+        "zz_generated.conversion.go",
+        "zz_generated.deepcopy.go",
+        "zz_generated.defaults.go",
+    ],
+    tags = ["automanaged"],
+    deps = [
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota:go_default_library",
+        "//vendor:k8s.io/apimachinery/pkg/apis/meta/v1",
+        "//vendor:k8s.io/apimachinery/pkg/conversion",
+        "//vendor:k8s.io/apimachinery/pkg/runtime",
+        "//vendor:k8s.io/apimachinery/pkg/runtime/schema",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/defaults.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/defaults.go
new file mode 100644
index 0000000000..9c417c91c5
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/defaults.go
@@ -0,0 +1,28 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import kruntime "k8s.io/apimachinery/pkg/runtime"
+
+func addDefaultingFuncs(scheme *kruntime.Scheme) error {
+	RegisterDefaults(scheme)
+	return scheme.AddDefaultingFuncs(
+		SetDefaults_Configuration,
+	)
+}
+
+func SetDefaults_Configuration(obj *Configuration) {}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/doc.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/doc.go
new file mode 100644
index 0000000000..582d9a35f5
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/doc.go
@@ -0,0 +1,23 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package,register
+// +k8s:conversion-gen=k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota
+// +k8s:defaulter-gen=TypeMeta
+
+// Package v1alpha1 is the v1alpha1 version of the API.
+// +groupName=resourcequota.admission.k8s.io
+package v1alpha1 // import "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1"
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/register.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/register.go
new file mode 100644
index 0000000000..fc69d881c6
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/register.go
@@ -0,0 +1,42 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "resourcequota.admission.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+
+var (
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes, addDefaultingFuncs)
+	AddToScheme   = SchemeBuilder.AddToScheme
+)
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&Configuration{},
+	)
+	return nil
+}
+
+func (obj *Configuration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/types.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/types.go
new file mode 100644
index 0000000000..1a5e1dc69e
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/types.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+// Configuration provides configuration for the ResourceQuota admission controller.
+type Configuration struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// LimitedResources whose consumption is limited by default.
+	// +optional
+	LimitedResources []LimitedResource `json:"limitedResources"`
+}
+
+// LimitedResource matches a resource whose consumption is limited by default.
+// To consume the resource, there must exist an associated quota that limits
+// its consumption.
+type LimitedResource struct {
+
+	// APIGroup is the name of the APIGroup that contains the limited resource.
+	// +optional
+	APIGroup string `json:"apiGroup,omitempty"`
+
+	// Resource is the name of the resource this rule applies to.
+	// For example, if the administrator wants to limit consumption
+	// of a storage resource associated with persistent volume claims,
+	// the value would be "persistentvolumeclaims".
+	Resource string `json:"resource"`
+
+	// For each intercepted request, the quota system will evaluate
+	// its resource usage.  It will iterate through each resource consumed
+	// and if the resource contains any substring in this listing, the
+	// quota system will ensure that there is a covering quota.  In the
+	// absence of a covering quota, the quota system will deny the request.
+	// For example, if an administrator wants to globally enforce that
+	// that a quota must exist to consume persistent volume claims associated
+	// with any storage class, the list would include
+	// ".storageclass.storage.k8s.io/requests.storage"
+	MatchContains []string `json:"matchContains,omitempty"`
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go
new file mode 100644
index 0000000000..02e232832a
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go
@@ -0,0 +1,83 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was autogenerated by conversion-gen. Do not edit it manually!
+
+package v1alpha1
+
+import (
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	resourcequota "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
+	unsafe "unsafe"
+)
+
+func init() {
+	SchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1alpha1_Configuration_To_resourcequota_Configuration,
+		Convert_resourcequota_Configuration_To_v1alpha1_Configuration,
+		Convert_v1alpha1_LimitedResource_To_resourcequota_LimitedResource,
+		Convert_resourcequota_LimitedResource_To_v1alpha1_LimitedResource,
+	)
+}
+
+func autoConvert_v1alpha1_Configuration_To_resourcequota_Configuration(in *Configuration, out *resourcequota.Configuration, s conversion.Scope) error {
+	out.LimitedResources = *(*[]resourcequota.LimitedResource)(unsafe.Pointer(&in.LimitedResources))
+	return nil
+}
+
+func Convert_v1alpha1_Configuration_To_resourcequota_Configuration(in *Configuration, out *resourcequota.Configuration, s conversion.Scope) error {
+	return autoConvert_v1alpha1_Configuration_To_resourcequota_Configuration(in, out, s)
+}
+
+func autoConvert_resourcequota_Configuration_To_v1alpha1_Configuration(in *resourcequota.Configuration, out *Configuration, s conversion.Scope) error {
+	out.LimitedResources = *(*[]LimitedResource)(unsafe.Pointer(&in.LimitedResources))
+	return nil
+}
+
+func Convert_resourcequota_Configuration_To_v1alpha1_Configuration(in *resourcequota.Configuration, out *Configuration, s conversion.Scope) error {
+	return autoConvert_resourcequota_Configuration_To_v1alpha1_Configuration(in, out, s)
+}
+
+func autoConvert_v1alpha1_LimitedResource_To_resourcequota_LimitedResource(in *LimitedResource, out *resourcequota.LimitedResource, s conversion.Scope) error {
+	out.APIGroup = in.APIGroup
+	out.Resource = in.Resource
+	out.MatchContains = *(*[]string)(unsafe.Pointer(&in.MatchContains))
+	return nil
+}
+
+func Convert_v1alpha1_LimitedResource_To_resourcequota_LimitedResource(in *LimitedResource, out *resourcequota.LimitedResource, s conversion.Scope) error {
+	return autoConvert_v1alpha1_LimitedResource_To_resourcequota_LimitedResource(in, out, s)
+}
+
+func autoConvert_resourcequota_LimitedResource_To_v1alpha1_LimitedResource(in *resourcequota.LimitedResource, out *LimitedResource, s conversion.Scope) error {
+	out.APIGroup = in.APIGroup
+	out.Resource = in.Resource
+	out.MatchContains = *(*[]string)(unsafe.Pointer(&in.MatchContains))
+	return nil
+}
+
+func Convert_resourcequota_LimitedResource_To_v1alpha1_LimitedResource(in *resourcequota.LimitedResource, out *LimitedResource, s conversion.Scope) error {
+	return autoConvert_resourcequota_LimitedResource_To_v1alpha1_LimitedResource(in, out, s)
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go
new file mode 100644
index 0000000000..9a431b793d
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go
@@ -0,0 +1,72 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+
+package v1alpha1
+
+import (
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	reflect "reflect"
+)
+
+func init() {
+	SchemeBuilder.Register(RegisterDeepCopies)
+}
+
+// RegisterDeepCopies adds deep-copy functions to the given scheme. Public
+// to allow building arbitrary schemes.
+func RegisterDeepCopies(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedDeepCopyFuncs(
+		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_Configuration, InType: reflect.TypeOf(&Configuration{})},
+		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_LimitedResource, InType: reflect.TypeOf(&LimitedResource{})},
+	)
+}
+
+func DeepCopy_v1alpha1_Configuration(in interface{}, out interface{}, c *conversion.Cloner) error {
+	{
+		in := in.(*Configuration)
+		out := out.(*Configuration)
+		*out = *in
+		if in.LimitedResources != nil {
+			in, out := &in.LimitedResources, &out.LimitedResources
+			*out = make([]LimitedResource, len(*in))
+			for i := range *in {
+				if err := DeepCopy_v1alpha1_LimitedResource(&(*in)[i], &(*out)[i], c); err != nil {
+					return err
+				}
+			}
+		}
+		return nil
+	}
+}
+
+func DeepCopy_v1alpha1_LimitedResource(in interface{}, out interface{}, c *conversion.Cloner) error {
+	{
+		in := in.(*LimitedResource)
+		out := out.(*LimitedResource)
+		*out = *in
+		if in.MatchContains != nil {
+			in, out := &in.MatchContains, &out.MatchContains
+			*out = make([]string, len(*in))
+			copy(*out, *in)
+		}
+		return nil
+	}
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go
new file mode 100644
index 0000000000..53f9cb92ef
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go
@@ -0,0 +1,37 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was autogenerated by defaulter-gen. Do not edit it manually!
+
+package v1alpha1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// RegisterDefaults adds defaulters functions to the given scheme.
+// Public to allow building arbitrary schemes.
+// All generated defaulters are covering - they call all nested defaulters.
+func RegisterDefaults(scheme *runtime.Scheme) error {
+	scheme.AddTypeDefaultingFunc(&Configuration{}, func(obj interface{}) { SetObjectDefaults_Configuration(obj.(*Configuration)) })
+	return nil
+}
+
+func SetObjectDefaults_Configuration(in *Configuration) {
+	SetDefaults_Configuration(in)
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD b/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD
new file mode 100644
index 0000000000..36ad8ae610
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD
@@ -0,0 +1,40 @@
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+    "go_test",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["validation.go"],
+    tags = ["automanaged"],
+    deps = [
+        "//plugin/pkg/admission/resourcequota/apis/resourcequota:go_default_library",
+        "//vendor:k8s.io/apimachinery/pkg/util/validation/field",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["validation_test.go"],
+    library = ":go_default_library",
+    tags = ["automanaged"],
+    deps = ["//plugin/pkg/admission/resourcequota/apis/resourcequota:go_default_library"],
+)
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/validation.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/validation.go
new file mode 100644
index 0000000000..8e35811518
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/validation.go
@@ -0,0 +1,36 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validation
+
+import (
+	"k8s.io/apimachinery/pkg/util/validation/field"
+
+	resourcequotaapi "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
+)
+
+// ValidateConfiguration validates the configuration.
+func ValidateConfiguration(config *resourcequotaapi.Configuration) field.ErrorList {
+	allErrs := field.ErrorList{}
+	fldPath := field.NewPath("limitedResources")
+	for i, limitedResource := range config.LimitedResources {
+		idxPath := fldPath.Index(i)
+		if len(limitedResource.Resource) == 0 {
+			allErrs = append(allErrs, field.Required(idxPath.Child("resource"), ""))
+		}
+	}
+	return allErrs
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/validation_test.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/validation_test.go
new file mode 100644
index 0000000000..8c8d18b07e
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/validation_test.go
@@ -0,0 +1,60 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validation
+
+import (
+	"testing"
+
+	resourcequotaapi "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
+)
+
+func TestValidateConfiguration(t *testing.T) {
+	successCases := []resourcequotaapi.Configuration{
+		{
+			LimitedResources: []resourcequotaapi.LimitedResource{
+				{
+					Resource:      "pods",
+					MatchContains: []string{"requests.cpu"},
+				},
+			},
+		},
+		{
+			LimitedResources: []resourcequotaapi.LimitedResource{
+				{
+					Resource:      "persistentvolumeclaims",
+					MatchContains: []string{"requests.storage"},
+				},
+			},
+		},
+	}
+	for i := range successCases {
+		configuration := successCases[i]
+		if errs := ValidateConfiguration(&configuration); len(errs) != 0 {
+			t.Errorf("expected success: %v", errs)
+		}
+	}
+	errorCases := map[string]resourcequotaapi.Configuration{
+		"missing apiGroupResource": {LimitedResources: []resourcequotaapi.LimitedResource{
+			{MatchContains: []string{"requests.cpu"}},
+		}},
+	}
+	for k, v := range errorCases {
+		if errs := ValidateConfiguration(&v); len(errs) == 0 {
+			t.Errorf("expected failure for %s", k)
+		}
+	}
+}
diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go b/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go
new file mode 100644
index 0000000000..01a32d3eff
--- /dev/null
+++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go
@@ -0,0 +1,72 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+
+package resourcequota
+
+import (
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	reflect "reflect"
+)
+
+func init() {
+	SchemeBuilder.Register(RegisterDeepCopies)
+}
+
+// RegisterDeepCopies adds deep-copy functions to the given scheme. Public
+// to allow building arbitrary schemes.
+func RegisterDeepCopies(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedDeepCopyFuncs(
+		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_resourcequota_Configuration, InType: reflect.TypeOf(&Configuration{})},
+		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_resourcequota_LimitedResource, InType: reflect.TypeOf(&LimitedResource{})},
+	)
+}
+
+func DeepCopy_resourcequota_Configuration(in interface{}, out interface{}, c *conversion.Cloner) error {
+	{
+		in := in.(*Configuration)
+		out := out.(*Configuration)
+		*out = *in
+		if in.LimitedResources != nil {
+			in, out := &in.LimitedResources, &out.LimitedResources
+			*out = make([]LimitedResource, len(*in))
+			for i := range *in {
+				if err := DeepCopy_resourcequota_LimitedResource(&(*in)[i], &(*out)[i], c); err != nil {
+					return err
+				}
+			}
+		}
+		return nil
+	}
+}
+
+func DeepCopy_resourcequota_LimitedResource(in interface{}, out interface{}, c *conversion.Cloner) error {
+	{
+		in := in.(*LimitedResource)
+		out := out.(*LimitedResource)
+		*out = *in
+		if in.MatchContains != nil {
+			in, out := &in.MatchContains, &out.MatchContains
+			*out = make([]string, len(*in))
+			copy(*out, *in)
+		}
+		return nil
+	}
+}