@ENOTTY Apologies for the delay in response and all the inconvenience caused because of the issue.
Enabling access only to the networking blade on AKS could be done through custom RBAC roles. Below command will give the list of available RBAC's-
Get-AzProviderOperation "Microsoft.Containerservice/*" | FT Operation, Description
I have tried to create one with below. however, it was not working as expected could you please try this once ? & if its not please open a support case for more investigation.
{
"Name": "Authrized IP AKS-admin",
"IsCustom": true,
"Description": "Manage Authrized IPs in AKS.",
"Actions": [
"Microsoft.ContainerService/managedClusters/read"
],
"NotActions": [],
"DataActions": [
"Microsoft.ContainerService/managedClusters/limitranges/*",
"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/"
],
"NotDataActions": [],
"AssignableScopes": [
"/subscriptions/75674f20-4004-48a8-aa99-1f92ebaba884"
]
}
To create a Custom Role please check this document :https://learn.microsoft.com/en-us/azure/aks/manage-azure-rbac#create-custom-roles-definitions
Reference document : https://learn.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#containers
Hope it helps!!!
Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.