services / Azure / Kubernetes Roles (AKS)

In-cluster Kubernetes RBAC Role (and ClusterRole) objects that define permission rule sets within an AKS managed cluster; subjects gain these permissions when bound via RoleBindings.

Roles define the permission surface of the cluster's RBAC; crafting/expanding a role and binding it grants control over cluster resources, workloads, and data.


Microsoft.​ContainerService/​managedClusters/​rbac.​authorization.​k8s.​io/​roles/​bind/​action

The Kubernetes bind verb authorizes referencing a role in a RoleBinding even without holding that role's permissions, letting an attacker grant a role's privileges to a controlled subject for direct privilege escalation.

Risks

Scope: CRITICAL

This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​ContainerService
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog