From 1a83f488ad2ff1eeed1f53d4691ae94d2be6ecbe Mon Sep 17 00:00:00 2001
From: Ben Broderick Phillips <bebroder@microsoft.com>
Date: Mon, 19 Sep 2022 19:24:16 -0400
Subject: [PATCH] Update check enforcer yaml permissions and name (#23266)

---
 .github/workflows/event.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/event.yml b/.github/workflows/event.yml
index 3a88082782d2..76c184c71c20 100644
--- a/.github/workflows/event.yml
+++ b/.github/workflows/event.yml
@@ -1,4 +1,7 @@
-name: GitHub Event Handler
+# NOTE: currently azure-sdk-actions only hosts check enforcer code.
+# If further functionality is added, this name should be updated to reflect
+# the more generic behavior
+name: Check Enforcer
 
 on:
   check_suite:
@@ -6,8 +9,14 @@ on:
   issue_comment:
     types: [created]
 
+permissions: {}
+
 jobs:
   event-handler:
+    permissions:
+      statuses: write # to set status (azure/azure-sdk-actions)
+      pull-requests: read # to read pull requests (azure/azure-sdk-actions)
+      checks: read # to read check status (azure/azure-sdk-actions)
     name: Handle ${{ github.event_name }} ${{ github.event.action }} event
     runs-on: ubuntu-latest
     steps: