RBAC permissions for patch management
To create Patching Jobs and deploying patches, the patch administrator must be assigned a role that includes the necessary permissions.
To facilitate division of responsibilities, you can assign permissions to one role or split between several roles, as required.
RBAC permissions for managing patches
Ensure that the patch administrator has the following permissions.
Defining permissions for
Gives the user the ability to
Perform all operations related to Patch Analysis Jobs (only Patch Analysis, not Patch Remediation)
Perform all operations related to Patch Remediation Jobs (including their Deploy Jobs)
Perform all operations related to Patch Autoremediation Jobs (Patch Analysis and Patch Remediation)
Modify Patch Global Configuration settings
ACLPolicy.* (This permission is only required if ACL policies used in catalog must be created because they do not already exist).
Perform all operations related to Catalog Update Job for Windows/Solaris/Linux/AIX
For more information on RAC permissions for virtualization management, see System authorizations.