ContainerServiceBuiltInRole Struct

Reference

Definition

Namespace:: Azure.Provisioning.ContainerService

Assembly:: Azure.Provisioning.ContainerService.dll

Package:: Azure.Provisioning.ContainerService v1.0.0-beta.2

Source:: ContainerServiceBuiltInRole.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Built-in ContainerService roles that you can assign to users, groups, service principals, and managed identities.

public readonly struct ContainerServiceBuiltInRole : IEquatable<Azure.Provisioning.ContainerService.ContainerServiceBuiltInRole>

type ContainerServiceBuiltInRole = struct

Public Structure ContainerServiceBuiltInRole
Implements IEquatable(Of ContainerServiceBuiltInRole)

Inheritance: ValueType
ContainerServiceBuiltInRole

Implements: IEquatable<ContainerServiceBuiltInRole>

Constructors

ContainerServiceBuiltInRole(String)

Built-in ContainerService roles that you can assign to users, groups, service principals, and managed identities.

Properties

AzureKubernetesServiceClusterAdminRole	List cluster admin credential action.
AzureKubernetesServiceClusterMonitoringUser	List cluster monitoring user credential action.
AzureKubernetesServiceClusterUserRole	List cluster user credential action.
AzureKubernetesServiceContributorRole	Grants access to read and write Azure Kubernetes Service clusters
AzureKubernetesServiceRbacAdmin	Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.
AzureKubernetesServiceRbacClusterAdmin	Lets you manage all resources in the cluster.
AzureKubernetesServiceRbacReader	Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.
AzureKubernetesServiceRbacWriter	Allows read/write access to most objects in a namespace. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.

Methods

Equals(ContainerServiceBuiltInRole)	Indicates whether the current object is equal to another object of the same type.
ToString()	Returns the fully qualified type name of this instance.

Operators

Equality(ContainerServiceBuiltInRole, ContainerServiceBuiltInRole)	Determines if two ContainerServiceBuiltInRole values are the same.
Implicit(String to ContainerServiceBuiltInRole)	Converts a string to a ContainerServiceBuiltInRole.
Inequality(ContainerServiceBuiltInRole, ContainerServiceBuiltInRole)	Determines if two ContainerServiceBuiltInRole values are different.

Applies to

Share via