kubectl auth can-i

$ kubectl auth can-i
error: you must specify two arguments: verb resource or verb resource/resourceName.
See 'kubectl auth can-i -h' for help and examples.

$ kubectl auth can-i delete deployments
yes

$ kubectl auth can-i delete nodes
Warning: resource 'nodes' is not namespace scoped

yes

$ kubectl auth can-i delete deployments -v=8
I1010 08:09:54.779769   37656 loader.go:395] Config loaded from file:  /root/.kube/config
I1010 08:09:54.784646   37656 round_trippers.go:463] GET https://172.30.1.2:6443/apis/apps/v1
I1010 08:09:54.784780   37656 round_trippers.go:469] Request Headers:
I1010 08:09:54.784872   37656 round_trippers.go:473]     Accept: application/json, */*
I1010 08:09:54.784956   37656 round_trippers.go:473]     User-Agent: kubectl/v1.28.1 (linux/amd64) kubernetes/8dc49c4
I1010 08:09:54.790853   37656 round_trippers.go:574] Response Status: 200 OK in 5 milliseconds
I1010 08:09:54.790968   37656 round_trippers.go:577] Response Headers:
I1010 08:09:54.791051   37656 round_trippers.go:580]     Content-Length: 2254
I1010 08:09:54.791114   37656 round_trippers.go:580]     Date: Tue, 10 Oct 2023 08:09:54 GMT
I1010 08:09:54.791187   37656 round_trippers.go:580]     Audit-Id: cd966326-90eb-4483-88b6-5cafe14deff5
I1010 08:09:54.791263   37656 round_trippers.go:580]     Cache-Control: no-cache, private
I1010 08:09:54.791337   37656 round_trippers.go:580]     Content-Type: application/json
I1010 08:09:54.791400   37656 round_trippers.go:580]     X-Kubernetes-Pf-Flowschema-Uid: 8c33586e-ee7a-479c-be7e-ed74009b9abc
I1010 08:09:54.791475   37656 round_trippers.go:580]     X-Kubernetes-Pf-Prioritylevel-Uid: 4a585b22-fb51-4e7c-b990-a99fea8ebe8f
I1010 08:09:54.791600   37656 request.go:1212] Response Body: {"kind":"APIResourceList","apiVersion":"v1","groupVersion":"apps/v1","resources":[{"name":"controllerrevisions","singularName":"controllerrevision","namespaced":true,"kind":"ControllerRevision","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"storageVersionHash":"85nkx63pcBU="},{"name":"daemonsets","singularName":"daemonset","namespaced":true,"kind":"DaemonSet","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"shortNames":["ds"],"categories":["all"],"storageVersionHash":"dd7pWHUlMKQ="},{"name":"daemonsets/status","singularName":"","namespaced":true,"kind":"DaemonSet","verbs":["get","patch","update"]},{"name":"deployments","singularName":"deployment","namespaced":true,"kind":"Deployment","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"shortNames":["deploy"],"categories":["all"],"storageVersionHash":"8aSe+NMegvE="},{"name":"deployments/scale","singularName":"","namespaced":true,"group":"autoscaling","v [truncated 1230 chars]
I1010 08:09:54.791978   37656 request.go:1212] Request Body: {"kind":"SelfSubjectAccessReview","apiVersion":"authorization.k8s.io/v1","metadata":{"creationTimestamp":null},"spec":{"resourceAttributes":{"namespace":"default","verb":"delete","group":"apps","resource":"deployments"}},"status":{"allowed":false}}
I1010 08:09:54.792096   37656 round_trippers.go:463] POST https://172.30.1.2:6443/apis/authorization.k8s.io/v1/selfsubjectaccessreviews
I1010 08:09:54.792159   37656 round_trippers.go:469] Request Headers:
I1010 08:09:54.792228   37656 round_trippers.go:473]     Accept: application/json, */*
I1010 08:09:54.792294   37656 round_trippers.go:473]     Content-Type: application/json
I1010 08:09:54.792351   37656 round_trippers.go:473]     User-Agent: kubectl/v1.28.1 (linux/amd64) kubernetes/8dc49c4
I1010 08:09:54.794949   37656 round_trippers.go:574] Response Status: 201 Created in 2 milliseconds
I1010 08:09:54.795049   37656 round_trippers.go:577] Response Headers:
I1010 08:09:54.795136   37656 round_trippers.go:580]     Content-Length: 516
I1010 08:09:54.795232   37656 round_trippers.go:580]     Date: Tue, 10 Oct 2023 08:09:54 GMT
I1010 08:09:54.795332   37656 round_trippers.go:580]     Audit-Id: ad485c33-171a-4bf0-9c77-213ad6b31545
I1010 08:09:54.795426   37656 round_trippers.go:580]     Cache-Control: no-cache, private
I1010 08:09:54.795516   37656 round_trippers.go:580]     Content-Type: application/json
I1010 08:09:54.795616   37656 round_trippers.go:580]     X-Kubernetes-Pf-Flowschema-Uid: 8c33586e-ee7a-479c-be7e-ed74009b9abc
I1010 08:09:54.795753   37656 round_trippers.go:580]     X-Kubernetes-Pf-Prioritylevel-Uid: 4a585b22-fb51-4e7c-b990-a99fea8ebe8f
I1010 08:09:54.795864   37656 request.go:1212] Response Body: {"kind":"SelfSubjectAccessReview","apiVersion":"authorization.k8s.io/v1","metadata":{"creationTimestamp":null,"managedFields":[{"manager":"kubectl","operation":"Update","apiVersion":"authorization.k8s.io/v1","time":"2023-10-10T08:09:54Z","fieldsType":"FieldsV1","fieldsV1":{"f:spec":{"f:resourceAttributes":{".":{},"f:group":{},"f:namespace":{},"f:resource":{},"f:verb":{}}}}}]},"spec":{"resourceAttributes":{"namespace":"default","verb":"delete","group":"apps","resource":"deployments"}},"status":{"allowed":true}}
yes

$ kubectl auth can-i delete nodes -v=8
I1010 08:09:21.710615   36907 loader.go:395] Config loaded from file:  /root/.kube/config
I1010 08:09:21.715051   36907 round_trippers.go:463] GET https://172.30.1.2:6443/api/v1
I1010 08:09:21.715154   36907 round_trippers.go:469] Request Headers:
I1010 08:09:21.715229   36907 round_trippers.go:473]     Accept: application/json, */*
I1010 08:09:21.715291   36907 round_trippers.go:473]     User-Agent: kubectl/v1.28.1 (linux/amd64) kubernetes/8dc49c4
I1010 08:09:21.721499   36907 round_trippers.go:574] Response Status: 200 OK in 6 milliseconds
I1010 08:09:21.721609   36907 round_trippers.go:577] Response Headers:
I1010 08:09:21.721678   36907 round_trippers.go:580]     Audit-Id: 458d82ff-ddd5-44d2-a388-5f54ed7bf00f
I1010 08:09:21.721740   36907 round_trippers.go:580]     Cache-Control: no-cache, private
I1010 08:09:21.721811   36907 round_trippers.go:580]     Content-Type: application/json
I1010 08:09:21.721898   36907 round_trippers.go:580]     X-Kubernetes-Pf-Flowschema-Uid: 8c33586e-ee7a-479c-be7e-ed74009b9abc
I1010 08:09:21.721960   36907 round_trippers.go:580]     X-Kubernetes-Pf-Prioritylevel-Uid: 4a585b22-fb51-4e7c-b990-a99fea8ebe8f
I1010 08:09:21.722024   36907 round_trippers.go:580]     Date: Tue, 10 Oct 2023 08:09:21 GMT
I1010 08:09:21.722199   36907 request.go:1212] Response Body: {"kind":"APIResourceList","groupVersion":"v1","resources":[{"name":"bindings","singularName":"binding","namespaced":true,"kind":"Binding","verbs":["create"]},{"name":"componentstatuses","singularName":"componentstatus","namespaced":false,"kind":"ComponentStatus","verbs":["get","list"],"shortNames":["cs"]},{"name":"configmaps","singularName":"configmap","namespaced":true,"kind":"ConfigMap","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"shortNames":["cm"],"storageVersionHash":"qFsyl6wFWjQ="},{"name":"endpoints","singularName":"endpoints","namespaced":true,"kind":"Endpoints","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"shortNames":["ep"],"storageVersionHash":"fWeeMqaN/OA="},{"name":"events","singularName":"event","namespaced":true,"kind":"Event","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"shortNames":["ev"],"storageVersionHash":"r2yiGXH7wu8="},{"name":"limitranges","singularName":"limitrange" [truncated 5359 chars]
Warning: resource 'nodes' is not namespace scoped

I1010 08:09:21.722732   36907 request.go:1212] Request Body: {"kind":"SelfSubjectAccessReview","apiVersion":"authorization.k8s.io/v1","metadata":{"creationTimestamp":null},"spec":{"resourceAttributes":{"namespace":"default","verb":"delete","resource":"nodes"}},"status":{"allowed":false}}
I1010 08:09:21.722853   36907 round_trippers.go:463] POST https://172.30.1.2:6443/apis/authorization.k8s.io/v1/selfsubjectaccessreviews
I1010 08:09:21.722930   36907 round_trippers.go:469] Request Headers:
I1010 08:09:21.722990   36907 round_trippers.go:473]     Accept: application/json, */*
I1010 08:09:21.723058   36907 round_trippers.go:473]     Content-Type: application/json
I1010 08:09:21.723124   36907 round_trippers.go:473]     User-Agent: kubectl/v1.28.1 (linux/amd64) kubernetes/8dc49c4
I1010 08:09:21.724326   36907 round_trippers.go:574] Response Status: 201 Created in 1 milliseconds
I1010 08:09:21.724428   36907 round_trippers.go:577] Response Headers:
I1010 08:09:21.724468   36907 round_trippers.go:580]     Audit-Id: 446d53c6-c797-49b5-968e-9f3ca46ff696
I1010 08:09:21.724545   36907 round_trippers.go:580]     Cache-Control: no-cache, private
I1010 08:09:21.724635   36907 round_trippers.go:580]     Content-Type: application/json
I1010 08:09:21.724707   36907 round_trippers.go:580]     X-Kubernetes-Pf-Flowschema-Uid: 8c33586e-ee7a-479c-be7e-ed74009b9abc
I1010 08:09:21.724774   36907 round_trippers.go:580]     X-Kubernetes-Pf-Prioritylevel-Uid: 4a585b22-fb51-4e7c-b990-a99fea8ebe8f
I1010 08:09:21.724834   36907 round_trippers.go:580]     Content-Length: 482
I1010 08:09:21.724902   36907 round_trippers.go:580]     Date: Tue, 10 Oct 2023 08:09:21 GMT
I1010 08:09:21.724978   36907 request.go:1212] Response Body: {"kind":"SelfSubjectAccessReview","apiVersion":"authorization.k8s.io/v1","metadata":{"creationTimestamp":null,"managedFields":[{"manager":"kubectl","operation":"Update","apiVersion":"authorization.k8s.io/v1","time":"2023-10-10T08:09:21Z","fieldsType":"FieldsV1","fieldsV1":{"f:spec":{"f:resourceAttributes":{".":{},"f:namespace":{},"f:resource":{},"f:verb":{}}}}}]},"spec":{"resourceAttributes":{"namespace":"default","verb":"delete","resource":"nodes"}},"status":{"allowed":true}}