AzRoleAdvertizer

last sync: 2025-Apr-29 17:15:48 UTC

Kubernetes Cluster - Azure Arc Onboarding

Azure BuiltIn RBAC Role definition

NameKubernetes Cluster - Azure Arc Onboarding
Microsoft Learn
Id34e09817-6cbe-4d01-b1a2-e0eac5743d41
DescriptionRole definition to authorize any user/service to create connectedClusters resource
CategoryContainers
Microsoft Learn
CreatedOn2019-11-18 17:00:02 UTC
UpdatedOn2024-10-31 01:30:51 UTC
Permissions summary Effective control plane and data plane operations: 57 (unique operations)
•Action: 6
•Delete: 2
•read: 44
•Write: 5

Actions: 13
Resolved control plane operations from Actions: 57
Effective control plane operations: 57
•Action: 6
•Delete: 2
•read: 44
•Write: 5

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16433

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3371
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.Kubernetes/connectedClusters/readRead connectedClusters
Microsoft.Kubernetes/connectedClusters/WriteWrites connectedClusters
Microsoft.KubernetesConfiguration/extensions/deleteDeletes extension instance resource.
Microsoft.KubernetesConfiguration/extensions/operations/readGets Async Operation status.
Microsoft.KubernetesConfiguration/extensions/readGets extension instance resource.
Microsoft.KubernetesConfiguration/extensions/writeCreates or updates extension resource.
Microsoft.Resources/deployments/writeCreates or updates an deployment.
Microsoft.Resources/subscriptions/operationresults/readGet the subscription operation results.
Microsoft.Resources/subscriptions/readGets the list of subscriptions.
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Support/*wildcarded / no description
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
Policy DisplayName Policy Id Category State
Configure Azure Arc Private Link Scopes with private endpoints d6eeba80-df61-4de5-8772-bc1b7852ba6b Azure Arc GA
Configure Azure Arc-enabled Kubernetes clusters to use an Azure Arc Private Link Scope 4002015b-1272-4dfb-8943-fed4aeec39b6 Azure Arc GA
History
Date/Time (UTC ymd) (i) Change Change detail
2024-10-31 18:50:49 change: Actions Actions: 'add Microsoft.KubernetesConfiguration/extensions/write; add Microsoft.KubernetesConfiguration/extensions/read; add Microsoft.KubernetesConfiguration/extensions/delete; add Microsoft.KubernetesConfiguration/extensions/operations/read'
2020-02-11 08:11:18 change: DisplayName Old DisplayName: Kubernetes Cluster - Azure Arc Onborading
2019-12-13 11:23:49 change: DisplayName Old DisplayName: Kubernetes Cluster - Azure Arc Onborading Role
JSON
api-version=2023-07-01-preview
Condition none