AzRoleAdvertizer

last sync: 2025-May-29 17:22:29 UTC

Azure Kubernetes Service Arc Cluster User Role

Azure BuiltIn RBAC Role definition

NameAzure Kubernetes Service Arc Cluster User Role
Microsoft Learn
Id233ca253-b031-42ff-9fba-87ef12d6b55f
DescriptionList cluster user credential action.
CategoryContainers
Microsoft Learn
CreatedOn2024-03-07 00:25:47 UTC
UpdatedOn2024-03-07 00:25:47 UTC
Permissions summary Effective control plane and data plane operations: 3 (unique operations)
•action: 1
•read: 2

Actions: 3
Resolved control plane operations from Actions: 3
Effective control plane operations: 3
•action: 1
•read: 2

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16602

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3558
Actions
Operation Description
Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/actionLists the AAD user credentials of a provisioned cluster instance used only in direct mode.
Microsoft.HybridContainerService/provisionedClusterInstances/readGets the Hybrid AKS provisioned cluster instances associated with the connected cluster
Microsoft.Kubernetes/connectedClusters/ReadRead connectedClusters
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2024-03-08 20:25:26 add: Role 233ca253-b031-42ff-9fba-87ef12d6b55f
JSON
api-version=2023-07-01-preview
 
{9 items
  • roleName: "Azure Kubernetes Service Arc Cluster User Role",
  • type: "BuiltInRole",
  • description: "List cluster user credential action.",
  • assignableScopes: [1 item
    • "/"
    ],
  • permissions: [1 item
    • {4 items
      • actions: [3 items
        • "Microsoft.HybridContainerService/provisionedClusterInstances/read",
        • "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action",
        • "Microsoft.Kubernetes/connectedClusters/Read"
        ],
      • notActions: [],
      • dataActions: [],
      • notDataActions: []
      }
    ],
  • createdOn: "2024-03-07T00:25:47.4117596Z",
  • updatedOn: "2024-03-07T00:25:47.4117596Z",
  • createdBy: null,
  • updatedBy: null
}
Condition none