diff --git a/modules/user-permissions-for-vulnerability-reports.adoc b/modules/user-permissions-for-vulnerability-reports.adoc
new file mode 100644
index 000000000000..d774e8ee7067
--- /dev/null
+++ b/modules/user-permissions-for-vulnerability-reports.adoc
@@ -0,0 +1,29 @@
+// Module included in the following assemblies:
+//
+// * operating/manage-vulnerabilities/vulnerability-reporting.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="user-permissions-for-vulnerability-reports_{context}"]
+= User permissions for vulnerability reports
+
+To access and manage vulnerability reporting features in {rh-rhacs-first}, you must have the following permissions:
+
+.Vulnerability report permissions
+[cols="2,4,4", options="header"]
+|===
+| Resource | Permission type | Purpose
+
+| `Image`
+| `Read`
+| Access to the image metadata required for vulnerability reporting.
+
+| `WorkflowAdministration`
+| `Read`
+| View the report configurations and report job history.
+
+| `WorkflowAdministration`
+| `Write`
+a|* Create and delete report configurations.
+* Initiate new report jobs.
+* Download the generated reports.
+|===
diff --git a/operating/manage-vulnerabilities/vulnerability-reporting.adoc b/operating/manage-vulnerabilities/vulnerability-reporting.adoc
index 673a69a1f084..a386364aef97 100644
--- a/operating/manage-vulnerabilities/vulnerability-reporting.adoc
+++ b/operating/manage-vulnerabilities/vulnerability-reporting.adoc
@@ -25,6 +25,14 @@ include::modules/vulnerability-management20-report-review-create.adoc[leveloffse
 //report permissions
 include::modules/vulnerability-management20-permissions.adoc[leveloffset=+2]
 
+//User permissions for vulnerability reports
+include::modules/user-permissions-for-vulnerability-reports.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+.Additional resources
+
+* xref:../../operating/manage-user-access/manage-role-based-access-control-3630.adoc#resource-definitions_manage-role-based-access-control[Resource definitions]
+
 //Exporting vulnerability report as a CSV file
 include::modules/exporting-vulnerability-report-as-a-csv-file.adoc[leveloffset=+2]