diff --git a/.github/workflows/cloud-runner-integrity-localstack.yml b/.github/workflows/cloud-runner-integrity-localstack.yml
index ec779bdb..17d67762 100644
--- a/.github/workflows/cloud-runner-integrity-localstack.yml
+++ b/.github/workflows/cloud-runner-integrity-localstack.yml
@@ -10,13 +10,9 @@ on:
         type: string
 
 permissions:
-  checks: write
   contents: read
-  actions: write
-  packages: read
-  pull-requests: write
+  checks: write
   statuses: write
-  id-token: write
 
 env:
   AWS_REGION: us-east-1
diff --git a/.github/workflows/cloud-runner-integrity.yml b/.github/workflows/cloud-runner-integrity.yml
index 5935dd42..dae86bc3 100644
--- a/.github/workflows/cloud-runner-integrity.yml
+++ b/.github/workflows/cloud-runner-integrity.yml
@@ -10,13 +10,9 @@ on:
         type: string
 
 permissions:
-  checks: write
   contents: read
-  actions: write
-  packages: read
-  pull-requests: write
+  checks: write
   statuses: write
-  id-token: write
 
 env:
   AWS_REGION: eu-west-2
diff --git a/.github/workflows/integrity-check.yml b/.github/workflows/integrity-check.yml
index b46fad84..714904b0 100644
--- a/.github/workflows/integrity-check.yml
+++ b/.github/workflows/integrity-check.yml
@@ -34,4 +34,3 @@ jobs:
     name: Cloud Runner Integrity
     uses: ./.github/workflows/cloud-runner-integrity.yml
     secrets: inherit
-