cluster-manifests/cluster-rbac.yaml

# This file is exclusively to be used when you are using Microsoft Entra ID direct assignment for Kubertnetes RBAC 
# and NOT when you are using Azure RBAC as your Kubernetes RBAC backing store.
#
#  Mapping k8s cluster user facing roles to Microsoft Entra groups: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
#apiVersion: rbac.authorization.k8s.io/v1
#kind: ClusterRoleBinding
#metadata:
#  name: cluster-admins
#roleRef:
#  apiGroup: rbac.authorization.k8s.io
#  kind: ClusterRole
#  name: cluster-admin
#subjects:
#  - kind: Group
#    name: <replace-with-a-microsoft-entra-group-object-id-for-this-cluster-role-binding>
#---
#apiVersion: rbac.authorization.k8s.io/v1
#kind: ClusterRoleBinding
#metadata:
#  name: cluster-viewers
#roleRef:
#  apiGroup: rbac.authorization.k8s.io
#  kind: ClusterRole
#  name: view
#subjects:
#  - kind: Group
#    name: <replace-with-a-microsoft-entra-group-object-id-for-this-cluster-role-binding>