last sync: 2024-Jun-14 18:20:25 UTC

Kubernetes Agentless Operator

Azure BuiltIn RBAC Role definition

NameKubernetes Agentless Operator
Idd5a2ae44-610b-4500-93be-660a0c5f5ca6
DescriptionGrants Microsoft Defender for Cloud access to Azure Kubernetes Services
CreatedOn2023-01-13 13:11:09 UTC
UpdatedOn2023-08-24 15:22:26 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2023-08-25 17:59:51 change: Actions Actions: 'add Microsoft.Security/pricings/securityoperators/read'
2023-04-17 17:43:03 change: Actions Actions: 'remove Microsoft.Features/register/action; remove Microsoft.Features/featureProviders/subscriptionFeatureRegistrations/write; remove Microsoft.Features/featureProviders/subscriptionFeatureRegistrations/read; add Microsoft.Features/features/read; add Microsoft.Features/providers/features/read; add Microsoft.Features/providers/features/register/action'
2023-04-07 17:41:18 change: Actions Actions: 'add Microsoft.Features/register/action; add Microsoft.Features/featureProviders/subscriptionFeatureRegistrations/write; add Microsoft.Features/featureProviders/subscriptionFeatureRegistrations/read'
2023-02-24 18:48:53 add: Role d5a2ae44-610b-4500-93be-660a0c5f5ca6
Permissions summary Effective control plane and data plane operations: 8 (unique operations)
•action: 1
•delete: 1
•read: 5
•write: 1

Actions: 8
Resolved control plane operations from Actions: 8
Effective control plane operations: 8
•action: 1
•delete: 1
•read: 5
•write: 1

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15671

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3167
Actions
Operation Description
Microsoft.ContainerService/managedClusters/readGet a managed cluster
Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/deleteDelete trusted access role bindings for managed cluster
Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/readGet trusted access role bindings for managed cluster
Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/writeCreate or update trusted access role bindings for managed cluster
Microsoft.Features/features/readGets the features of a subscription.
Microsoft.Features/providers/features/readGets the feature of a subscription in a given resource provider.
Microsoft.Features/providers/features/register/actionRegisters the feature for a subscription in a given resource provider.
Microsoft.Security/pricings/securityoperators/readGets the security operators for the scope
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
none
JSON
api-version=2023-07-01-preview
Condition none