@Tanul Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.
This policy makes use of a CRD which enforces the rejection of privilegeEscalation enabled containers at the admission controller of the API server.
may I know what kind RBAC auth policy. In that case Pod Security Policies are the only option. A Rolebinding/Clusterrolebinding the user (auth) with the Pod Security Policy (admission control).
You can't enforce securityContext policy associated with RBAC objects at this time.
There are different ways to authenticate, control access/authorize and secure Kubernetes clusters. Using Kubernetes role-based access control (Kubernetes RBAC), you can grant users, groups, and service accounts access to only the resources they need. With Azure Kubernetes Service (AKS), you can further enhance the security and permissions structure by using Azure Active Directory and Azure RBAC. These approaches help you secure your cluster access and provide only the minimum required permissions to developers and operators.
Azure Policy for Kubernetes clusters
This article introduces the core concepts that help you authenticate and assign permissions in AKS: https://learn.microsoft.com/en-us/azure/aks/concepts-identity
Control access to cluster resources using Kubernetes role-based access control and Azure Active Directory identities in Azure Kubernetes Service
AKS provides the following four built-in roles:https://learn.microsoft.com/en-us/azure/aks/manage-azure-rbac
Kindly let us know if you still have more questions on this. . I wish to engage with you offline for a closer look and provide a quick and specialized assistance, please send an email with subject line “Attn:subm” to AzCommunity[at]Microsoft[dot]com referencing this thread and the Azure subscription ID, I will follow-up with you. Once again, apologies for any inconvenience with this issue.
Thanks for your patience and co-operation.
Hope this helps!
Kindly let us know if the above helps or you need further assistance on this issue.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.