ContainerServiceBuiltInRole Struct
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Built-in ContainerService roles that you can assign to users, groups, service principals, and managed identities.
public readonly struct ContainerServiceBuiltInRole : IEquatable<Azure.Provisioning.ContainerService.ContainerServiceBuiltInRole>
type ContainerServiceBuiltInRole = struct
Public Structure ContainerServiceBuiltInRole
Implements IEquatable(Of ContainerServiceBuiltInRole)
- Inheritance
-
ContainerServiceBuiltInRole
- Implements
Constructors
ContainerServiceBuiltInRole(String) |
Built-in ContainerService roles that you can assign to users, groups, service principals, and managed identities. |
Properties
AzureKubernetesServiceClusterAdminRole |
List cluster admin credential action. |
AzureKubernetesServiceClusterMonitoringUser |
List cluster monitoring user credential action. |
AzureKubernetesServiceClusterUserRole |
List cluster user credential action. |
AzureKubernetesServiceContributorRole |
Grants access to read and write Azure Kubernetes Service clusters |
AzureKubernetesServiceRbacAdmin |
Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. |
AzureKubernetesServiceRbacClusterAdmin |
Lets you manage all resources in the cluster. |
AzureKubernetesServiceRbacReader |
Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. |
AzureKubernetesServiceRbacWriter |
Allows read/write access to most objects in a namespace. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. |
Methods
Equals(ContainerServiceBuiltInRole) |
Indicates whether the current object is equal to another object of the same type. |
ToString() |
Returns the fully qualified type name of this instance. |
Operators
Equality(ContainerServiceBuiltInRole, ContainerServiceBuiltInRole) |
Determines if two ContainerServiceBuiltInRole values are the same. |
Implicit(String to ContainerServiceBuiltInRole) |
Converts a string to a ContainerServiceBuiltInRole. |
Inequality(ContainerServiceBuiltInRole, ContainerServiceBuiltInRole) |
Determines if two ContainerServiceBuiltInRole values are different. |