diff --git a/.github/workflows/aws-lambda-java-core.yml b/.github/workflows/aws-lambda-java-core.yml index c8064513c..c69020813 100644 --- a/.github/workflows/aws-lambda-java-core.yml +++ b/.github/workflows/aws-lambda-java-core.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-core/**' - '.github/workflows/aws-lambda-java-core.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-events-sdk-transformer.yml b/.github/workflows/aws-lambda-java-events-sdk-transformer.yml index 285848a9f..f20a776fe 100644 --- a/.github/workflows/aws-lambda-java-events-sdk-transformer.yml +++ b/.github/workflows/aws-lambda-java-events-sdk-transformer.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-events-sdk-transformer/**' - '.github/workflows/aws-lambda-java-events-sdk-transformer.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-events.yml b/.github/workflows/aws-lambda-java-events.yml index b3b360b45..0665e77d5 100644 --- a/.github/workflows/aws-lambda-java-events.yml +++ b/.github/workflows/aws-lambda-java-events.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-events/**' - '.github/workflows/aws-lambda-java-events.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-log4j2.yml b/.github/workflows/aws-lambda-java-log4j2.yml index 03718e602..fe2db0d93 100644 --- a/.github/workflows/aws-lambda-java-log4j2.yml +++ b/.github/workflows/aws-lambda-java-log4j2.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-log4j2/**' - '.github/workflows/aws-lambda-java-log4j2.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-serialization.yml b/.github/workflows/aws-lambda-java-serialization.yml index b2700e088..91a15ce68 100644 --- a/.github/workflows/aws-lambda-java-serialization.yml +++ b/.github/workflows/aws-lambda-java-serialization.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-serialization/**' - '.github/workflows/aws-lambda-java-serialization.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-tests.yml b/.github/workflows/aws-lambda-java-tests.yml index 1b818014a..fbc704def 100644 --- a/.github/workflows/aws-lambda-java-tests.yml +++ b/.github/workflows/aws-lambda-java-tests.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-tests/**' - '.github/workflows/aws-lambda-java-tests.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index 300341c1f..c65183fd4 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -9,6 +9,11 @@ on: - '.github/workflows/repo-sync.yml' workflow_dispatch: + +permissions: + contents: write + pull-requests: write + jobs: repo-sync: name: Repo Sync diff --git a/.github/workflows/runtime-interface-client_pr.yml b/.github/workflows/runtime-interface-client_pr.yml index 35c6ca06b..ae11c354c 100644 --- a/.github/workflows/runtime-interface-client_pr.yml +++ b/.github/workflows/runtime-interface-client_pr.yml @@ -10,6 +10,11 @@ on: - 'aws-lambda-java-runtime-interface-client/**' - '.github/workflows/runtime-interface-client_*.yml' + +permissions: + contents: read + actions: write + jobs: smoke-test: diff --git a/.github/workflows/samples.yml b/.github/workflows/samples.yml index 2b5e7833f..06981ec49 100644 --- a/.github/workflows/samples.yml +++ b/.github/workflows/samples.yml @@ -14,6 +14,10 @@ on: - 'samples/**' - '.github/workflows/samples.yml' + +permissions: + contents: read + jobs: build: runs-on: ubuntu-latest