diff --git a/internal/sync/roles_test.go b/internal/sync/roles_test.go
index 0d6e5c6..83ca1ca 100644
--- a/internal/sync/roles_test.go
+++ b/internal/sync/roles_test.go
@@ -173,6 +173,55 @@ func TestGenerateRoles(t *testing.T) {
 				},
 			},
 		},
+		"generate roles for multi-project project group": {
+			input: generateRolesInput{
+				groups: []keycloak.Group{
+					{
+						ID: "3fc60c90-b72d-4704-8a57-80438adac98d",
+						GroupUpdateRepresentation: keycloak.GroupUpdateRepresentation{
+							Name: "project-beta-ui",
+							Attributes: map[string][]string{
+								"type": {`project-default-group`},
+							},
+						},
+					},
+				},
+				projectNames: map[int]string{
+					26: "abc",
+					27: "beta-ui",
+					48: "somelongprojectname",
+				},
+				groupProjectsMap: map[string][]int{
+					"3fc60c90-b72d-4704-8a57-80438adac98d": {48, 27, 26},
+				},
+			},
+			expect: generateRolesOutput{
+				roles: map[string]opensearch.Role{
+					"p27": {
+						RolePermissions: opensearch.RolePermissions{
+							ClusterPermissions: []string{},
+							IndexPermissions: []opensearch.IndexPermission{
+								{
+									AllowedActions: []string{
+										"read",
+										"indices:monitor/settings/get",
+									},
+									IndexPatterns: []string{
+										"/^(application|container|lagoon|router)-logs-beta-ui-_-.+/",
+									},
+								},
+							},
+							TenantPermissions: []opensearch.TenantPermission{
+								{
+									AllowedActions: []string{"kibana_all_read"},
+									TenantPatterns: []string{"global_tenant"},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
 	}
 	log := zap.Must(zap.NewDevelopment(zap.AddStacktrace(zap.ErrorLevel)))
 	for name, tc := range testCases {