diff --git a/HACKING.rst b/HACKING.rst
index cd85d840..2dfb28cb 100644
--- a/HACKING.rst
+++ b/HACKING.rst
@@ -64,7 +64,7 @@ Role Overriding
 ---------------
 
 Correct role overriding is vital to correct RBAC testing within Patrole. If a
-test does not call ``rbac_utils.override_role`` within the RBAC test, followed
+test does not call ``self.override_role()`` within the RBAC test, followed
 by the API endpoint that enforces the expected policy action, then the test is
 **not** a valid Patrole test: The API endpoint under test will be performed
 with admin role, which is always wrong unless ``CONF.patrole.rbac_test_role``
diff --git a/REVIEWING.rst b/REVIEWING.rst
index 4ee847f7..9993f2c7 100644
--- a/REVIEWING.rst
+++ b/REVIEWING.rst
@@ -80,7 +80,7 @@ Test duplication means:
 * testing the same policy in more than one test
 
 For the first bullet, try to avoid calling the same API inside the
-``self.rbac_utils.override_role`` call.
+``self.override_role()`` call.
 
 .. note::
 
diff --git a/doc/source/multi-policy-validation.rst b/doc/source/multi-policy-validation.rst
index 576fd68e..441bd35e 100644
--- a/doc/source/multi-policy-validation.rst
+++ b/doc/source/multi-policy-validation.rst
@@ -66,7 +66,7 @@ Below is an example of multi-policy validation for a carefully chosen Nova API:
       self.os_admin.servers_client.lock_server(self.server['id'])
       self.addCleanup(self.servers_client.unlock_server, self.server['id'])
 
-      with self.rbac_utils.override_role(self):
+      with self.override_role():
           self.servers_client.unlock_server(self.server['id'])
 
 While the ``expected_error_codes`` parameter is omitted in the example above,
@@ -96,7 +96,7 @@ attribute that is added only following successful policy authorization.
         # Verify specific fields of a port
         fields = ['binding:vif_type']
 
-        with self.rbac_utils.override_role(self):
+        with self.override_role():
             retrieved_port = self.ports_client.show_port(
                 self.port['id'], fields=fields)['port']
 
@@ -131,7 +131,7 @@ A basic Neutron example that only expects 403's to be raised:
 
         RBAC test for the neutron create_network:router:external policy
         """
-        with self.rbac_utils.override_role(self):
+        with self.override_role():
             self._create_network(router_external=True)
 
 Note that above the following expected error codes/rules relationship is
@@ -158,7 +158,7 @@ subsequent policy authorization failure:
 
         RBAC test for the neutron update_network:shared policy
         """
-        with self.rbac_utils.override_role(self):
+        with self.override_role():
             self._update_network(shared_network=True)
         self.addCleanup(self._update_network, shared_network=False)
 
diff --git a/doc/source/test_writing_guide.rst b/doc/source/test_writing_guide.rst
index 4e0f0bed..ac502103 100644
--- a/doc/source/test_writing_guide.rst
+++ b/doc/source/test_writing_guide.rst
@@ -34,7 +34,7 @@ The role workflow is as follows:
 #. Setup: Admin role is used automatically. The primary credentials are
    overridden with the admin role.
 #. Test execution: ``[patrole] rbac_test_roles`` is used manually via the
-   call to ``with rbac_utils.override_role(self)``. Everything that
+   call to ``with self.override_role()``. Everything that
    is executed within this contextmanager uses the primary
    credentials overridden with the ``[patrole] rbac_test_roles``.
 #. Teardown: Admin role is used automatically. The primary credentials have
@@ -68,7 +68,7 @@ Manual role override required.
 "Test execution" here means calling the API endpoint that enforces the policy
 action expected by the ``rbac_rule_validation`` decorator. Test execution
 should be performed *only after* calling
-``with rbac_utils.override_role(self)``.
+``with self.override_role()``.
 
 Immediately after that call, the API endpoint that enforces the policy should
 be called.
@@ -89,7 +89,7 @@ Example::
         aggregate_id = self._create_aggregate()
         # Call the ``override_role`` method so that the primary credentials
         # have the test role needed for test execution.
-        with self.rbac_utils.override_role(self):
+        with self.override_role():
             self.aggregates_client.show_aggregate(aggregate_id)
 
 When using a waiter, do the wait outside the contextmanager. "Waiting" always
@@ -113,7 +113,7 @@ Example using waiter::
         self.addCleanup(self.servers_client.change_password, self.server['id'],
                         adminPass=original_password)
 
-        with self.rbac_utils.override_role(self):
+        with self.override_role():
             self.servers_client.change_password(
                 self.server['id'], adminPass=data_utils.rand_password())
         # Call the waiter outside the ``override_role`` contextmanager, so that
@@ -145,7 +145,7 @@ Incorrect::
         # Never call a helper function inside the contextmanager that calls a
         # bunch of APIs. Only call the API that enforces the policy action
         # contained in the decorator above.
-        with self.rbac_utils.override_role(self):
+        with self.override_role():
             self._complex_setup_method()
 
 To fix this test, see the "Example using waiter" section above. It is
diff --git a/patrole_tempest_plugin/rbac_rule_validation.py b/patrole_tempest_plugin/rbac_rule_validation.py
index 95bf36a6..288ec293 100644
--- a/patrole_tempest_plugin/rbac_rule_validation.py
+++ b/patrole_tempest_plugin/rbac_rule_validation.py
@@ -461,7 +461,7 @@ def _check_for_expected_mismatch_exception(expected_exception,
 
 
 def _validate_override_role_called(test_obj, actual_exception):
-    """Validates that :func:`rbac_utils.RbacUtils.override_role` is called
+    """Validates that :func:`rbac_utils.RbacUtilsMixin.override_role` is called
     during each Patrole test.
 
     Useful for validating that the expected exception isn't raised too early