Merge pull request #2555 from EyalGur74/docs-editor/containers-permissions-1772026493

prmerger-automator[bot] · web-flow · commit 281a0326524c · 2026-02-25T13:53:46.000Z
Update containers-permissions.md
diff --git a/articles/defender-for-cloud/containers-permissions.md b/articles/defender-for-cloud/containers-permissions.md
@@ -62,26 +62,26 @@ The Azure Arc built-in role **Defender Kubernetes Agent Operator** to provision
   - sqs:*
   - s3:*
 
-- AzureDefenderKubernetesScubaReaderRole:
-  - sts:AssumeRole
-  - sts:AssumeRoleWithWebIdentity
-  - sqs:ReceiveMessage
-  - sqs:DeleteMessage
-  - s3:GetObject
-  - s3:GetBucketLocation
-
-- AzureDefenderCloudWatchToKinesisRole:
-  - sts:AssumeRole
-  - firehose:*
-
-- AzureDefenderKinesisToS3Role:
-  - sts:AssumeRole
-  - s3:AbortMultipartUpload
-  - s3:GetBucketLocation
-  - s3:GetObject
-  - s3:ListBucket
-  - s3:ListBucketMultipartUploads
-  - s3:PutObject
+- AzureDefenderKubernetesScubaReaderRole (default role name: **MDCContainersK8sDataCollectionRole**):
+- sts:AssumeRole
+- sts:AssumeRoleWithWebIdentity
+- sqs:ReceiveMessage
+- sqs:DeleteMessage
+- s3:GetObject
+- s3:GetBucketLocation
+
+- AzureDefenderCloudWatchToKinesisRole (default role name: **MDCContainersK8sCloudWatchToKinesisRole**):
+- sts:AssumeRole
+- firehose:*
+
+- AzureDefenderKinesisToS3Role (default role name: **MDCContainersK8sKinesisToS3Role**):
+- sts:AssumeRole
+- s3:AbortMultipartUpload
+- s3:GetBucketLocation
+- s3:GetObject
+- s3:ListBucket
+- s3:ListBucketMultipartUploads
+- s3:PutObject
 
 - MDCContainersAgentlessDiscoveryK8sRole
   - sts:AssumeRoleWithWebIdentity
