Document URL: https://docs.openshift.com/container-platform/3.11/admin_guide/manage_nodes.html
Section: Note 1
# oc adm top nodes
Error from server (Forbidden): nodes.metrics.k8s.io is forbidden: User "tt" cannot list nodes.metrics.k8s.io at the cluster scope: no RBAC policy matched
# oc get clusterrolebinding | grep tt
cluster-reader-3 /cluster-reader tt
# oc describe clusterrole.rbac cluster-reader | grep metrics
nodes/metrics   [get]
cluster-reader does not have `apis/metrics.k8s.io/v1beta1` API access
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.