diff --git a/pages/astro.yml b/pages/astro.yml
index 25db103f04..53f9ce786e 100644
--- a/pages/astro.yml
+++ b/pages/astro.yml
@@ -12,12 +12,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -31,6 +25,9 @@ env:
 jobs:
   build:
     name: Build
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -82,6 +79,12 @@ jobs:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
     needs: build
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     name: Deploy
     steps:
diff --git a/pages/gatsby.yml b/pages/gatsby.yml
index 1bcc667f5b..a5abf3e6c0 100644
--- a/pages/gatsby.yml
+++ b/pages/gatsby.yml
@@ -12,12 +12,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -32,6 +26,9 @@ defaults:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -89,6 +86,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/hugo.yml b/pages/hugo.yml
index b4f316a3b3..0ccf4b4092 100644
--- a/pages/hugo.yml
+++ b/pages/hugo.yml
@@ -9,12 +9,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -29,6 +23,9 @@ defaults:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     env:
       HUGO_VERSION: 0.128.0
@@ -66,6 +63,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/jekyll-gh-pages.yml b/pages/jekyll-gh-pages.yml
index 2874cc0c98..b5fc26411d 100644
--- a/pages/jekyll-gh-pages.yml
+++ b/pages/jekyll-gh-pages.yml
@@ -9,12 +9,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -24,6 +18,9 @@ concurrency:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -43,6 +40,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/jekyll.yml b/pages/jekyll.yml
index f07bc39085..b52328f137 100644
--- a/pages/jekyll.yml
+++ b/pages/jekyll.yml
@@ -14,12 +14,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -29,6 +23,9 @@ concurrency:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -56,6 +53,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/mdbook.yml b/pages/mdbook.yml
index cf79f4e071..a9fc6b1a71 100644
--- a/pages/mdbook.yml
+++ b/pages/mdbook.yml
@@ -12,12 +12,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -27,6 +21,9 @@ concurrency:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     env:
       MDBOOK_VERSION: 0.4.36
@@ -52,6 +49,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/nextjs.yml b/pages/nextjs.yml
index e2c9ab62a2..186dec0f0f 100644
--- a/pages/nextjs.yml
+++ b/pages/nextjs.yml
@@ -12,12 +12,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -27,6 +21,9 @@ concurrency:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -85,6 +82,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/nuxtjs.yml b/pages/nuxtjs.yml
index 25a6862718..dc0f0a7959 100644
--- a/pages/nuxtjs.yml
+++ b/pages/nuxtjs.yml
@@ -12,12 +12,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -27,6 +21,9 @@ concurrency:
 jobs:
   # Build job
   build:
+    permissions:
+      contents: read
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -82,6 +79,12 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     needs: build
     steps:
diff --git a/pages/static.yml b/pages/static.yml
index 5640380712..7a56685804 100644
--- a/pages/static.yml
+++ b/pages/static.yml
@@ -9,12 +9,6 @@ on:
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
@@ -27,6 +21,13 @@ jobs:
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}
+
+    # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+    permissions:
+      contents: read
+      pages: write
+      id-token: write
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout