diff --git a/docs/features/plan-persistence.mdx b/docs/features/plan-persistence.mdx
index 3b96ce6f3..07bc5dfc3 100644
--- a/docs/features/plan-persistence.mdx
+++ b/docs/features/plan-persistence.mdx
@@ -13,6 +13,9 @@ Or to use a GCP bucket:
 upload-plan-destination: gcp
 ```
 
+## Permissions
+Make sure to set `actions:write` permission in your workflow; otherwise plan storage might fail
+
 ## Plan json file naming convention
 
 The location of plan json output file is:
diff --git a/docs/getting-started/github-actions-+-aws.mdx b/docs/getting-started/github-actions-+-aws.mdx
index 343c3e6c9..ad64ac4fc 100644
--- a/docs/getting-started/github-actions-+-aws.mdx
+++ b/docs/getting-started/github-actions-+-aws.mdx
@@ -41,6 +41,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:    
       contents: write      # required to merge PRs
+      actions: write       # required for plan persistence
       id-token: write      # required for workload-identity-federation
       pull-requests: write # required to post PR comments
       statuses: write      # required to validate combined PR status
diff --git a/docs/getting-started/github-actions-and-gcp.mdx b/docs/getting-started/github-actions-and-gcp.mdx
index 1c57ee057..665644d1d 100644
--- a/docs/getting-started/github-actions-and-gcp.mdx
+++ b/docs/getting-started/github-actions-and-gcp.mdx
@@ -40,6 +40,12 @@ jobs:
   digger-job:
     name: Digger
     runs-on: ubuntu-latest
+    permissions:    
+      contents: write      # required to merge PRs
+      actions: write       # required for plan persistence
+      id-token: write      # required for workload-identity-federation
+      pull-requests: write # required to post PR comments
+      statuses: write      # required to validate combined PR status
     steps:
     - uses: actions/checkout@v4
     - id: 'auth'