Getting User "user" cannot list resource "services" in API group "" ...

[adelton]

The page https://validatedpatterns.io/patterns/multicloud-gitops/mcg-getting-started/ says

To deploy the cluster by using the pattern.sh file, complete the following steps:

Login to your cluster by running the following command:

oc login

Yet when I do that with a regular user and then run ./pattern.sh make install, I get

$ ./pattern.sh make install
make -f common/Makefile operator-deploy
make[1]: Entering directory '/home/test/validatedpatterns/multicloud-gitops'
Checking prerequisites:
  Check for 'git helm oc ansible': OK
  Check for python-kubernetes: OK
  Check for kubernetes.core collection: OK
Checking repository:
  https://github.com/validatedpatterns/multicloud-gitops - branch main: Running inside a container: Skipping git ssh checks
Checking cluster:
  cluster-info: Error from server (Forbidden): services is forbidden: User "user" cannot list resource "services" in API group "" in the namespace "kube-system"
Error
make[1]: *** [common/Makefile:97: validate-cluster] Error 1
make[1]: Leaving directory '/home/test/validatedpatterns/multicloud-gitops'
make: *** [Makefile:12: operator-deploy] Error 2

Clearly the user used to log in the OCP cluster has to have some extra roles / privileges, potentially cloud-admin, but the documentation does not state which they are.

For security reasons all accounts used should be assumed to have minimal roles / privileges. So if some extra are needed for some of the steps in Validated Patterns, they should be clearly stated.