Looking under this link:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/security/governance-and-risk

Interested in the following:
"
mustonlyhave: Indicates that an object must exist with the exact name and relevant fields.

musthave: Indicates an object must exist with the same name as specified object-template. The other fields in the template are a subset of what exists in the object.
"

The last sentence of musthave isn't clear and should be re-phrased: "The other fields in the template are a subset of what exists in the object."