cluster-manifests/cluster-baseline-settings/rbac.yaml

# Mapping k8s user facing roles to Microsoft Entra groups: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
#apiVersion: rbac.authorization.k8s.io/v1
#kind: RoleBinding
#metadata:
#  name: namespace-admin
#roleRef:
#  apiGroup: rbac.authorization.k8s.io
#  kind: ClusterRole
#  name: admin
#subjects:
#  - kind: Group
#    name: <replace-with-a-microsoft-entra-group-object-id-for-this-namespace-admin-role>
#---
#apiVersion: rbac.authorization.k8s.io/v1
#kind: RoleBinding
#metadata:
#  name: namespace-editor
#roleRef:
#  apiGroup: rbac.authorization.k8s.io
#  kind: ClusterRole
#  name: edit
#subjects:
#  - kind: Group
#    name: <replace-with-a-microsoft-entra-group-object-id-for-this-namespace-edit-role>
#---
#apiVersion: rbac.authorization.k8s.io/v1
#kind: RoleBinding
#metadata:
#  name: namespace-viewer
#roleRef:
#  apiGroup: rbac.authorization.k8s.io
#  kind: ClusterRole
#  name: view
#subjects:
#  - kind: Group
#    name: <replace-with-a-microsoft-entra-group-object-id-for-this-namespace-view-role>