diff --git a/auto-discovery/kubernetes/.helmignore b/auto-discovery/kubernetes/.helmignore
index b688299bba..6c837dab31 100644
--- a/auto-discovery/kubernetes/.helmignore
+++ b/auto-discovery/kubernetes/.helmignore
@@ -15,4 +15,7 @@ main.go
 Makefile
 PROJECT
 auto-discovery-config.yaml
-./tests/
\ No newline at end of file
+./tests/
+docs/
+auto-discovery-kubernetes.tar
+pull-secret-extractor/
diff --git a/auto-discovery/kubernetes/controllers/container_scan_controller.go b/auto-discovery/kubernetes/controllers/container_scan_controller.go
index 129fd6e110..b77b7d4c73 100644
--- a/auto-discovery/kubernetes/controllers/container_scan_controller.go
+++ b/auto-discovery/kubernetes/controllers/container_scan_controller.go
@@ -47,7 +47,7 @@ type ContainerAutoDiscoveryTemplateArgs struct {
 }
 
 // +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scantypes,verbs=get;list;watch
-// +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scheduledscans,verbs=get;list;watch;create;update;patch
+// +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scheduledscans,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups="execution.securecodebox.io/status",resources=scheduledscans,verbs=get;update;patch
 // +kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch
 // +kubebuilder:rbac:groups="",resources=services/status,verbs=get
@@ -427,7 +427,11 @@ func (r *ContainerScanReconciler) getOrphanedScanImageIDs(ctx context.Context, p
 			var scan executionv1.ScheduledScan
 			err := r.Client.Get(ctx, types.NamespacedName{Name: scanName, Namespace: pod.Namespace}, &scan)
 			if err != nil {
-				r.Log.Error(err, "Unable to fetch scan", "name", scanName)
+				if k8sErrors.IsNotFound(err) {
+					r.Log.Info("Scan was already deleted, nothing to do", "name", scanName)
+				} else {
+					r.Log.Error(err, "Unable to fetch scan", "name", scanName)
+				}
 			} else if !r.containerIDInUse(ctx, pod, imageID) {
 				result[cleanedImageID] = append(result[cleanedImageID], scanConfig)
 			}
diff --git a/auto-discovery/kubernetes/controllers/service_scan_controller.go b/auto-discovery/kubernetes/controllers/service_scan_controller.go
index 68a842d4d5..48487fbf97 100644
--- a/auto-discovery/kubernetes/controllers/service_scan_controller.go
+++ b/auto-discovery/kubernetes/controllers/service_scan_controller.go
@@ -48,7 +48,7 @@ type ServiceAutoDiscoveryTemplateArgs struct {
 const requeueInterval = 5 * time.Second
 
 // +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scantypes,verbs=get;list;watch
-// +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scheduledscans,verbs=get;list;watch;create;update;patch
+// +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scheduledscans,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups="execution.securecodebox.io/status",resources=scheduledscans,verbs=get;update;patch
 // +kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch
 // +kubebuilder:rbac:groups="",resources=services/status,verbs=get
diff --git a/auto-discovery/kubernetes/templates/rbac/role.yaml b/auto-discovery/kubernetes/templates/rbac/role.yaml
index a2453f5d3d..6ca2877f7e 100644
--- a/auto-discovery/kubernetes/templates/rbac/role.yaml
+++ b/auto-discovery/kubernetes/templates/rbac/role.yaml
@@ -64,6 +64,7 @@ rules:
   - scheduledscans
   verbs:
   - create
+  - delete
   - get
   - list
   - patch
diff --git a/auto-discovery/kubernetes/tests/__snapshot__/auto-discovery_test.yaml.snap b/auto-discovery/kubernetes/tests/__snapshot__/auto-discovery_test.yaml.snap
index d959744251..447d69b0e8 100644
--- a/auto-discovery/kubernetes/tests/__snapshot__/auto-discovery_test.yaml.snap
+++ b/auto-discovery/kubernetes/tests/__snapshot__/auto-discovery_test.yaml.snap
@@ -263,6 +263,7 @@ matches the snapshot:
           - scheduledscans
         verbs:
           - create
+          - delete
           - get
           - list
           - patch