Document URL: https://docs.openshift.com/container-platform/3.11/architecture/additional_concepts/authorization.html#rbac-to-scc Section Number and Name: Role-based access to SCCs Describe the issue: Specified verb does not exist 'use'. Suggestions for improvement: Reference the upstream k8s documentation [1] for a list of valid verbs. ``` verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] ``` Additional Information: Perhaps also document how users might obtain a list of valid verbs themselves via an API request using oc. This can be achieved using kubectl thus `kubectl get --raw /apis/v1`. As per [2]. - [1] https://kubernetes.io/docs/reference/access-authn-authz/rbac/ - [2] https://www.reddit.com/r/kubernetes/comments/dgf20r/kubernetes_rbac_verb_list/
Found another relevant section of the OCP docs. - https://docs.openshift.com/container-platform/3.11/architecture/additional_concepts/authorization.html#evaluating-authorization
I have corrected the verb list in the docs via the following PR: https://github.com/openshift/openshift-docs/pull/24388 There is a section at the bottom of the authorization docs on how to use "$ oc policy can-i <verb> <resource>" in order to get a list of verbs the user can perform. https://docs.openshift.com/container-platform/3.11/architecture/additional_concepts/authorization.html#authorization-determining-what-you-can-do-as-an-authenticated-user
The doc changes have been merged and verified. https://docs.openshift.com/container-platform/3.11/architecture/additional_concepts/authorization.html#evaluating-authorization Closing out this bug.