I know. Thats why I confirmed the answer of the knowledge base (at least according to my own additional research & test). “Not possible to grant that permission”.
nt authority\system is even a bit more rights for the service…yes, that works as well if security is negligible.
My problem with this check was, that the error given to Icinga by Powershell is a bit misleading. It pretends that 6 checks are good (no missing updates) followed by an unspecified access denied. As I had no missing updates this was “correct”, not knowing at first, that it always returns “0” in case of access denied even if Updates are pending.
I prefer *nix.