i am trying to give a user access to the AKS in azure portal only , we have RBAC enabled/AAD managed cluster. My use case is to use one of the azure RBAC roles to give user permissions to view contents under the 'Kubernetes resources' pane (Namespaces, Workloads, services & ingresses, storage, configuration). The only RBAC role that seems to give that info is the 'Azure Kubernetes Service RBAC Cluster Admin' role , which also gives them admin permission on the cluster which is unacceptable for us. I tried the other AKS RBAC Reader / Writer roles but they dont display any of the information on Azure Portal.
If i give user RBAC Cluster Admin then it tends to stick even after i have removed the permissions, user is still able to do everything in azure portal as well as on AKS which sounds like a blarring bug.
I have not found any info on this online and i have talked to support who referred me initially to AKS docs and then to this channel