Document URL: https://docs.openshift.com/container-platform/4.8/authentication/managing-security-context-constraints.html#scc-prioritization_configuring-internal-oauth

Section Number and Name: Security context constraints prioritization

Describe the issue: In a recent case, my Customer had a custom SCC created by a 3rd party Tool that was assigned priority 150. Since this priority is greater then anyuid's (10), the config-operator selected said custom SCC and crashed due to lack of permissions. Reducing priority has fixed the issue.

Since KCS https://access.redhat.com/solutions/4727461 indicates that this behavior is expected, we believe that this needs to be documented so it's more visible than a Solutions Article.

Suggestions for improvement: If config operator pods (and other operators) are allowed to use any SCCs (including custom ones), this should be specified in the official documentation.

Additional information: Please refer to case 03179203.