services / Azure / Kubernetes Roles
Kubernetes Roles in an AKS-managed aiManagers cluster, which define sets of RBAC permission rules (verbs over resources) that are granted to subjects via bindings.
Role definitions are core cluster access-control policy; manipulating them governs the permission surface up to cluster-admin.
Microsoft.ContainerService/aiManagers/rbac.authorization.k8s.io/roles/delete
Deleting Roles destroys RBAC policy definitions and revokes the permissions legitimate workloads/operators depend on.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog