Google Distributed Cloud deploys Pods to your nodes that have elevated role-based
access control (RBAC) permissions such as the ability to modify all Deployments
and to read all cluster Secrets. These permissions are required for
Google Distributed Cloud to function correctly.
The following components have elevated RBAC permissions:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-05 UTC."],[[["Google Distributed Cloud utilizes Pods with elevated role-based access control (RBAC) permissions to modify Deployments and read cluster Secrets."],["These elevated RBAC permissions are essential for the proper functioning of Google Distributed Cloud."],["Several components, including gke-connect-agent, ais, and coredns-autoscaler, are among those that have these elevated permissions."],["Other components such as kube-proxy, calico-node, onprem-user-cluster-controller, gke-usage-metering and metrics-server, are also among the components with elevated RBAC permissions."]]],[]]