diff --git a/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java b/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
index facb4dfad..6470f26d3 100644
--- a/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
+++ b/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
@@ -45,6 +45,8 @@ public class ArchivaSystemAdministratorRoleProfile
         operations.add( ArchivaRoleConstants.OPERATION_ADD_REPOSITORY );
         operations.add( ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY );
         operations.add( ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY );
+        // we don't add access/upload repository operations. This isn't a sys-admin function, and we don't want to
+        // encourage the use of the sys admin role for such operations. They can grant it as necessary.
         return operations;
     }