diff --git a/src/servala/core/models/service.py b/src/servala/core/models/service.py
index 4c6ecd0..ba1871d 100644
--- a/src/servala/core/models/service.py
+++ b/src/servala/core/models/service.py
@@ -574,7 +574,7 @@ class ServiceInstance(ServalaModelMixin, models.Model):
         unique_together = [("name", "organization", "context")]
         rules_permissions = {
             "view": rules.is_staff | perms.is_organization_member,
-            "change": rules.is_staff | perms.is_organization_member,
+            "change": rules.is_staff | perms.is_organization_admin,
             "delete": rules.is_staff | perms.is_organization_admin,
             "add": rules.is_authenticated,
         }
diff --git a/src/servala/core/rules.py b/src/servala/core/rules.py
index 5ead2c3..cf4dc1c 100644
--- a/src/servala/core/rules.py
+++ b/src/servala/core/rules.py
@@ -13,15 +13,30 @@ def has_organization_role(user, org, roles):
 
 
 @rules.predicate
-def is_organization_owner(user, org):
+def is_organization_owner(user, obj):
+    if hasattr(obj, "organization"):
+        org = obj.organization
+    else:
+        org = obj
     return has_organization_role(user, org, ["owner"])
 
 
 @rules.predicate
-def is_organization_admin(user, org):
+def is_organization_admin(user, obj):
+    if hasattr(obj, "organization"):
+        org = obj.organization
+    else:
+        org = obj
     return has_organization_role(user, org, ["owner", "admin"])
 
 
 @rules.predicate
-def is_organization_member(user, org):
+def is_organization_member(user, obj):
+    if hasattr(obj, "organization"):
+        org = obj.organization
+    else:
+        org = obj
     return has_organization_role(user, org, None)
+
+
+rules.add_perm("core", rules.is_staff)