From 8608cfe76b9b6e6cfa862c91bdb7817beb1786d3 Mon Sep 17 00:00:00 2001
From: Jo <jdbass@users.noreply.github.com>
Date: Mon, 6 May 2024 13:57:20 -0400
Subject: [PATCH] validate workflow test

---
 .github/workflows/deploy-production.yml | 4 ++++
 .github/workflows/deploy-staging.yml    | 4 ++++
 .github/workflows/validate.yml          | 4 ++++
 3 files changed, 12 insertions(+)

diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml
index 96e1a1226..8ae3f3aae 100644
--- a/.github/workflows/deploy-production.yml
+++ b/.github/workflows/deploy-production.yml
@@ -7,6 +7,10 @@ concurrency:
 on:
   workflow_dispatch
 
+permissions:
+  id-token: write   # This is required for requesting the JWT
+  contents: read    # This is required for actions/checkout
+
 jobs:
   detect-changes:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml
index 7296f7f34..2834195ff 100644
--- a/.github/workflows/deploy-staging.yml
+++ b/.github/workflows/deploy-staging.yml
@@ -9,6 +9,10 @@ on:
     branches:
     - main
 
+permissions:
+  id-token: write   # This is required for requesting the JWT
+  contents: read    # This is required for actions/checkout
+
 jobs:
   detect-changes:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
index 0024edfeb..7238ca7d8 100644
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -9,6 +9,10 @@ on:
     branches:
     - add-tf-iac
 
+permissions:
+  id-token: write   # This is required for requesting the JWT
+  contents: read    # This is required for actions/checkout
+
 jobs:
   detect-changes:
     runs-on: ubuntu-latest