From 15baa5158c406a79102eb126f6a62d775d4e8853 Mon Sep 17 00:00:00 2001
From: Igor Zalutski <izalutski@gmail.com>
Date: Tue, 30 Jan 2024 14:51:22 +0000
Subject: [PATCH 1/3] Add actions:write permission to AWS quickstart

---
 docs/getting-started/github-actions-+-aws.mdx | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/getting-started/github-actions-+-aws.mdx b/docs/getting-started/github-actions-+-aws.mdx
index 343c3e6c9..ad64ac4fc 100644
--- a/docs/getting-started/github-actions-+-aws.mdx
+++ b/docs/getting-started/github-actions-+-aws.mdx
@@ -41,6 +41,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:    
       contents: write      # required to merge PRs
+      actions: write       # required for plan persistence
       id-token: write      # required for workload-identity-federation
       pull-requests: write # required to post PR comments
       statuses: write      # required to validate combined PR status

From ada5f37921558ed5b97bd6977b890b9ca4144fae Mon Sep 17 00:00:00 2001
From: Igor Zalutski <izalutski@gmail.com>
Date: Tue, 30 Jan 2024 14:53:10 +0000
Subject: [PATCH 2/3] Add action permissions to GCP quickstart

---
 docs/getting-started/github-actions-and-gcp.mdx | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/getting-started/github-actions-and-gcp.mdx b/docs/getting-started/github-actions-and-gcp.mdx
index 1c57ee057..665644d1d 100644
--- a/docs/getting-started/github-actions-and-gcp.mdx
+++ b/docs/getting-started/github-actions-and-gcp.mdx
@@ -40,6 +40,12 @@ jobs:
   digger-job:
     name: Digger
     runs-on: ubuntu-latest
+    permissions:    
+      contents: write      # required to merge PRs
+      actions: write       # required for plan persistence
+      id-token: write      # required for workload-identity-federation
+      pull-requests: write # required to post PR comments
+      statuses: write      # required to validate combined PR status
     steps:
     - uses: actions/checkout@v4
     - id: 'auth'

From d8afac2b59c0a0b91ce453217deb5cd2f375b25c Mon Sep 17 00:00:00 2001
From: Igor Zalutski <izalutski@gmail.com>
Date: Tue, 30 Jan 2024 14:56:14 +0000
Subject: [PATCH 3/3] Docs: add permissions to plan-persistence page

---
 docs/features/plan-persistence.mdx | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docs/features/plan-persistence.mdx b/docs/features/plan-persistence.mdx
index 3b96ce6f3..07bc5dfc3 100644
--- a/docs/features/plan-persistence.mdx
+++ b/docs/features/plan-persistence.mdx
@@ -13,6 +13,9 @@ Or to use a GCP bucket:
 upload-plan-destination: gcp
 ```
 
+## Permissions
+Make sure to set `actions:write` permission in your workflow; otherwise plan storage might fail
+
 ## Plan json file naming convention
 
 The location of plan json output file is: