diff --git a/.github/workflows/aws-lambda-java-core.yml b/.github/workflows/aws-lambda-java-core.yml index c8064513..c6902081 100644 --- a/.github/workflows/aws-lambda-java-core.yml +++ b/.github/workflows/aws-lambda-java-core.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-core/**' - '.github/workflows/aws-lambda-java-core.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-events-sdk-transformer.yml b/.github/workflows/aws-lambda-java-events-sdk-transformer.yml index 285848a9..f20a776f 100644 --- a/.github/workflows/aws-lambda-java-events-sdk-transformer.yml +++ b/.github/workflows/aws-lambda-java-events-sdk-transformer.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-events-sdk-transformer/**' - '.github/workflows/aws-lambda-java-events-sdk-transformer.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-events.yml b/.github/workflows/aws-lambda-java-events.yml index b3b360b4..0665e77d 100644 --- a/.github/workflows/aws-lambda-java-events.yml +++ b/.github/workflows/aws-lambda-java-events.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-events/**' - '.github/workflows/aws-lambda-java-events.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-log4j2.yml b/.github/workflows/aws-lambda-java-log4j2.yml index 03718e60..fe2db0d9 100644 --- a/.github/workflows/aws-lambda-java-log4j2.yml +++ b/.github/workflows/aws-lambda-java-log4j2.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-log4j2/**' - '.github/workflows/aws-lambda-java-log4j2.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-serialization.yml b/.github/workflows/aws-lambda-java-serialization.yml index b2700e08..91a15ce6 100644 --- a/.github/workflows/aws-lambda-java-serialization.yml +++ b/.github/workflows/aws-lambda-java-serialization.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-serialization/**' - '.github/workflows/aws-lambda-java-serialization.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/aws-lambda-java-tests.yml b/.github/workflows/aws-lambda-java-tests.yml index 1b818014..fbc704de 100644 --- a/.github/workflows/aws-lambda-java-tests.yml +++ b/.github/workflows/aws-lambda-java-tests.yml @@ -14,6 +14,10 @@ on: - 'aws-lambda-java-tests/**' - '.github/workflows/aws-lambda-java-tests.yml' + +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index 300341c1..c65183fd 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -9,6 +9,11 @@ on: - '.github/workflows/repo-sync.yml' workflow_dispatch: + +permissions: + contents: write + pull-requests: write + jobs: repo-sync: name: Repo Sync diff --git a/.github/workflows/runtime-interface-client_pr.yml b/.github/workflows/runtime-interface-client_pr.yml index 35c6ca06..ae11c354 100644 --- a/.github/workflows/runtime-interface-client_pr.yml +++ b/.github/workflows/runtime-interface-client_pr.yml @@ -10,6 +10,11 @@ on: - 'aws-lambda-java-runtime-interface-client/**' - '.github/workflows/runtime-interface-client_*.yml' + +permissions: + contents: read + actions: write + jobs: smoke-test: diff --git a/.github/workflows/samples.yml b/.github/workflows/samples.yml index 2b5e7833..06981ec4 100644 --- a/.github/workflows/samples.yml +++ b/.github/workflows/samples.yml @@ -14,6 +14,10 @@ on: - 'samples/**' - '.github/workflows/samples.yml' + +permissions: + contents: read + jobs: build: runs-on: ubuntu-latest