docs(KFLUXVNGD-38): update project permissions

Maintainers should not have delete permissions on Project* resources as they should not be allowed to delete applications or components. Signed-off-by: Yftach Herzog <[email protected]>
konflux-ci · Oct 7, 2024 · 19755ab · 19755ab
1 parent 8172904
commit 19755ab
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/ADR/0011-roles-and-permissions.md b/ADR/0011-roles-and-permissions.md
@@ -61,7 +61,7 @@ We will use the built-in Kubernetes RBAC system for Konflux's role and permissio
 |               | *Service Access*        | appstudio.redhat.com      | get, list, watch, create, update, patch         | spiaccesstokenbindings, spiaccesschecks, spiaccesstokens, spifilecontentrequests, spiaccesstokendataupdates
 |               | *Remote Secrets*        | appstudio.redhat.com      | get, list, watch                                | remotesecrets
 |               | Build Service           | appstudio.redhat.com      | get, list, watch, create                        | buildpipelineselectors
-|               | Project Controller      | projctl.konflux.dev       | get, list, watch, create, update, patch, delete | projects, projectdevelopmentstreams, projectdevelopmentstreamtemplates
+|               | Project Controller      | projctl.konflux.dev       | get, list, watch, create, update, patch         | projects, projectdevelopmentstreams, projectdevelopmentstreamtemplates
 |               | *Configs*               |                           | get, list, watch                                | configmaps
 |               | *Secrets*               |                           |                                                 | secrets
 |               | Add User                |