diff --git a/plugins/modules/redhat_subscription.py b/plugins/modules/redhat_subscription.py
index 2995e5a03e9..d520b5dc3c1 100644
--- a/plugins/modules/redhat_subscription.py
+++ b/plugins/modules/redhat_subscription.py
@@ -291,7 +291,7 @@
 '''
 
 from os.path import isfile
-from os import unlink
+from os import getuid, unlink
 import re
 import shutil
 import tempfile
@@ -1074,6 +1074,11 @@ def main():
         required_if=[['state', 'present', ['username', 'activationkey', 'token'], True]],
     )
 
+    if getuid() != 0:
+        module.fail_json(
+            msg="Interacting with subscription-manager requires root permissions ('become: true')"
+        )
+
     rhsm.module = module
     state = module.params['state']
     username = module.params['username']
diff --git a/plugins/modules/rhsm_release.py b/plugins/modules/rhsm_release.py
index 8ad763a778d..0dfb1e64959 100644
--- a/plugins/modules/rhsm_release.py
+++ b/plugins/modules/rhsm_release.py
@@ -63,6 +63,7 @@
 
 from ansible.module_utils.basic import AnsibleModule
 
+import os
 import re
 
 # Matches release-like values such as 7.2, 5.10, 6Server, 8
@@ -109,6 +110,11 @@ def main():
         supports_check_mode=True
     )
 
+    if os.getuid() != 0:
+        module.fail_json(
+            msg="Interacting with subscription-manager requires root permissions ('become: true')"
+        )
+
     target_release = module.params['release']
 
     # sanity check: the target release at least looks like a valid release
diff --git a/plugins/modules/rhsm_repository.py b/plugins/modules/rhsm_repository.py
index 0517582403c..18bc2d010ba 100644
--- a/plugins/modules/rhsm_repository.py
+++ b/plugins/modules/rhsm_repository.py
@@ -100,9 +100,7 @@ def run_subscription_manager(module, arguments):
     lang_env = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
     rc, out, err = module.run_command("%s %s" % (rhsm_bin, " ".join(arguments)), environ_update=lang_env)
 
-    if rc == 1 and (err == 'The password you typed is invalid.\nPlease try again.\n' or os.getuid() != 0):
-        module.fail_json(msg='The executable file subscription-manager must be run using root privileges')
-    elif rc == 0 and out == 'This system has no repositories available through subscriptions.\n':
+    if rc == 0 and out == 'This system has no repositories available through subscriptions.\n':
         module.fail_json(msg='This system has no repositories available through subscriptions')
     elif rc == 1:
         module.fail_json(msg='subscription-manager failed with the following error: %s' % err)
@@ -243,6 +241,12 @@ def main():
         ),
         supports_check_mode=True,
     )
+
+    if os.getuid() != 0:
+        module.fail_json(
+            msg="Interacting with subscription-manager requires root permissions ('become: true')"
+        )
+
     name = module.params['name']
     state = module.params['state']
     purge = module.params['purge']
diff --git a/tests/unit/plugins/modules/test_redhat_subscription.py b/tests/unit/plugins/modules/test_redhat_subscription.py
index 58a9a8bea56..bc1bfffe66c 100644
--- a/tests/unit/plugins/modules/test_redhat_subscription.py
+++ b/tests/unit/plugins/modules/test_redhat_subscription.py
@@ -29,6 +29,8 @@ def patch_redhat_subscription(mocker):
                  return_value='/testbin/subscription-manager')
     mocker.patch('ansible_collections.community.general.plugins.modules.redhat_subscription.Rhsm._can_connect_to_dbus',
                  return_value=False)
+    mocker.patch('ansible_collections.community.general.plugins.modules.redhat_subscription.getuid',
+                 return_value=0)
 
 
 @pytest.mark.parametrize('patch_ansible_module', [{}], indirect=['patch_ansible_module'])
diff --git a/tests/unit/plugins/modules/test_rhsm_release.py b/tests/unit/plugins/modules/test_rhsm_release.py
index 9d371cec03a..c5696962b5d 100644
--- a/tests/unit/plugins/modules/test_rhsm_release.py
+++ b/tests/unit/plugins/modules/test_rhsm_release.py
@@ -30,9 +30,16 @@ def setUp(self):
         self.get_bin_path = self.mock_get_bin_path.start()
         self.get_bin_path.return_value = '/testbin/subscription-manager'
 
+        # subscription-manager needs to be run as root
+        self.mock_os_getuid = patch('ansible_collections.community.general.plugins.modules.rhsm_release.'
+                                    'os.getuid')
+        self.os_getuid = self.mock_os_getuid.start()
+        self.os_getuid.return_value = 0
+
     def tearDown(self):
         self.mock_run_command.stop()
         self.mock_get_bin_path.stop()
+        self.mock_os_getuid.stop()
         super(RhsmRepositoryReleaseModuleTestCase, self).tearDown()
 
     def module_main(self, exit_exc):