diff --git a/Chart.yaml b/Chart.yaml
index 26cf9bf25a81dd2b619b2ad5833a660c60806431..40073ea34090ca69386d4d9fb64abe60dc17ccd7 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -1,4 +1,4 @@
 apiVersion: v2
 name: constraint-templates
-version: 1.5.0
+version: 1.5.1
 appVersion: 1.0.0
diff --git a/rego/allow_rollout_restart/policy_test.rego b/rego/allow_rollout_restart/policy_test.rego
index ba82538e08d1a0f07446a5558ec50d62dc207257..7dcd75d091cf1d51e5778a8c500fe5a66adcf7b5 100644
--- a/rego/allow_rollout_restart/policy_test.rego
+++ b/rego/allow_rollout_restart/policy_test.rego
@@ -1,7 +1,7 @@
 package allow_rollout_restart
 
 test_with_deployment_and_correct_annotation {
-  input := review_deployment_patch_existing("kubectl.kubernetes.io.restartedAt","14oclock","randomuser","13oclock")
+  input := review_deployment_patch_existing("kubectl.kubernetes.io.restartedAt","14oclock","randomuser","randomgroup","13oclock")
 
   results := violation
     with input as input
@@ -10,7 +10,7 @@ test_with_deployment_and_correct_annotation {
 }
 
 test_with_deployment_and_incorrect_annotation {
-  input := review_deployment_patch_existing("wrongAnnotation","wrong","randomuser","13oclock")
+  input := review_deployment_patch_existing("wrongAnnotation","wrong","randomuser","randomgroup","13oclock")
 
   results := violation
     with input as input
@@ -19,7 +19,16 @@ test_with_deployment_and_incorrect_annotation {
 }
 
 test_with_deployment_and_incorrect_annotation_with_flux {
-  input := review_deployment_patch_existing("wrongAnnotation","wrong","flux","13oclock")
+  input := review_deployment_patch_existing("wrongAnnotation","wrong","flux","randomgroup","13oclock")
+
+  results := violation
+    with input as input
+
+  count(results) == 0
+}
+
+test_with_deployment_and_incorrect_annotation_with_platform_admin_group {
+  input := review_deployment_patch_existing("wrongAnnotation","wrong","randomuser","oidc:it.platform.roles.admin","13oclock")
 
   results := violation
     with input as input
@@ -28,7 +37,7 @@ test_with_deployment_and_incorrect_annotation_with_flux {
 }
 
 test_with_deployment_and_too_many_annotations{
-  input := review_deployment_patch_extra_annotations("kubectl.kubernetes.io.restartedAt","14oclock","randomuser","13oclock")
+  input := review_deployment_patch_extra_annotations("kubectl.kubernetes.io.restartedAt","14oclock","randomuser","randomgroup","13oclock")
 
   results := violation
     with input as input
@@ -37,7 +46,7 @@ test_with_deployment_and_too_many_annotations{
 }
 
 test_with_deployment_and_correct_annotation_no_existing_annotation {
-  input := review_deployment_patch_absent("kubectl.kubernetes.io.restartedAt","14oclock","randomuser")
+  input := review_deployment_patch_absent("kubectl.kubernetes.io.restartedAt","14oclock","randomuser","randomgroup")
 
   results := violation
     with input as input
@@ -46,7 +55,7 @@ test_with_deployment_and_correct_annotation_no_existing_annotation {
 }
 
 test_with_deployment_and_incorrect_annotation_no_existing_annotation {
-  input := review_deployment_patch_absent("wrongAnnotation","wrong","randomuser")
+  input := review_deployment_patch_absent("wrongAnnotation","wrong","randomuser","randomgroup")
 
   results := violation
     with input as input
@@ -54,19 +63,22 @@ test_with_deployment_and_incorrect_annotation_no_existing_annotation {
   count(results) == 1
 }
 
-review_deployment_patch_extra_annotations(annotationname,annotationvalue,username,previousrestarted) = out {
+review_deployment_patch_extra_annotations(annotationname,annotationvalue,username,groupname,previousrestarted) = out {
   out = {
     "review": {
       "userInfo": {
-        "username": username
+        "username": username,
+        "groups": [
+          groupname
+        ]
       },
-      "operation": "PATCH",
+      "operation": "UPDATE",
       "kind": {
         "kind": "Deployment"
       },
       "object": {
         "spec": {
-          "template: {
+          "template": {
             "metadata": {
               "annotations": {
                   "dreaded_gazebo": "indeed",
@@ -78,7 +90,7 @@ review_deployment_patch_extra_annotations(annotationname,annotationvalue,usernam
       },
       "oldObject": {
         "spec": {
-          "template: {
+          "template:" {
             "metadata": {
               "annotations": {
                 "kubectl.kubernetes.io.restartedAt": previousrestarted
@@ -91,13 +103,16 @@ review_deployment_patch_extra_annotations(annotationname,annotationvalue,usernam
   }
 }
 
-review_deployment_patch_existing(annotationname,annotationvalue,username,previousrestarted) = out {
+review_deployment_patch_existing(annotationname,annotationvalue,username,groupname,previousrestarted) = out {
   out = {
     "review": {
       "userInfo": {
-        "username": username
+        "username": username,
+        "groups": [
+          groupname
+        ]
       },
-      "operation": "PATCH",
+      "operation": "UPDATE",
       "kind": {
         "kind": "Deployment"
       },
@@ -127,13 +142,16 @@ review_deployment_patch_existing(annotationname,annotationvalue,username,previou
   }
 }
 
-review_deployment_patch_absent(annotationname,annotationvalue,username) = out {
+review_deployment_patch_absent(annotationname,annotationvalue,username,groupname) = out {
   out = {
     "review": {
       "userInfo": {
-        "username": username
+        "username": username,
+        "groups": [
+          groupname
+        ]
       },
-      "operation": "PATCH",
+      "operation": "UPDATE",
       "kind": {
         "kind": "Deployment"
       },