diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 263d85fa..4b4ee82b 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -18,6 +18,8 @@ env:
   PYTHON_VERSION: "3.12"
   POETRY_VERSION: "1.8.1"
 
+permissions: {}
+
 jobs:
   test:
     name: Build and test docker image
diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml
index 52f77613..3e606d92 100644
--- a/.github/workflows/python.yml
+++ b/.github/workflows/python.yml
@@ -41,6 +41,8 @@ env:
   TESTS_REPORTS_ARTIFACT: tests-reports
   PIPENV_VENV_IN_PROJECT: 1
 
+permissions: {}
+
 jobs:
   coding-standards:
     name: Linting & Coding Standards
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ee7a4ca5..9f75599b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -42,6 +42,8 @@ env:
   PYTHON_VERSION_DEFAULT: "3.12"
   POETRY_VERSION: "1.8.1"
 
+permissions: {}
+
 jobs:
   quicktest:
     runs-on: ubuntu-latest
@@ -160,6 +162,8 @@ jobs:
       needs.release-PyPI.outputs.version &&
       needs.release-PyPI.outputs.tag
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     env:
       VERSION: ${{ needs.release-PyPI.outputs.version }}
       ARTIFACT_DOCKER_SBOM: 'docker-image-bom'