| Name | Azure Kubernetes Fleet Manager RBAC Writer for Member Clusters | ||||||||||
| Id | 50346970-0998-40f2-b47d-f3b8809840f8 | ||||||||||
| Description | Allows read/write access to most objects in a namespace. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | ||||||||||
| Category | None | ||||||||||
| CreatedOn | 2025-10-22 18:33:37 UTC | ||||||||||
| UpdatedOn | 2025-10-22 18:33:37 UTC | ||||||||||
| Permissions summary | Effective control plane and data plane operations: 119 (unique operations) •action: 2 •delete: 25 •read: 67 •write: 25 Actions: 4 Resolved control plane operations from Actions: 34 Effective control plane operations: 34 •read: 34 NotActions: 0 Resolved control plane operations from NotActions: 0 Effective denied control plane operations: 17431 DataActions: 35 Resolved data plane operations: 85 Effective data plane operations: 85 •action: 2 •delete: 25 •read: 33 •write: 25 NotDataActions: 0 Resolved data plane operations from NotDataActions: 0 Effective denied data plane operations: 3996 |
||||||||||
| Actions |
|
||||||||||
| NotActions | n/a | ||||||||||
| DataActions | |||||||||||
| NotDataActions | n/a | ||||||||||
| Used in BuiltIn Policy |
none | ||||||||||
| History |
|
||||||||||
| JSON |
|
||||||||||
| Condition | none |