diff --git a/testing/aws-testing-cdk/lib/common/GitHubAccessStack.ts b/testing/aws-testing-cdk/lib/common/GitHubAccessStack.ts
index ec2cfa5669..a563ce35ab 100644
--- a/testing/aws-testing-cdk/lib/common/GitHubAccessStack.ts
+++ b/testing/aws-testing-cdk/lib/common/GitHubAccessStack.ts
@@ -1,6 +1,10 @@
 /*
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
+ *
+ * The OpenSearch Contributors require contributions made to
+ * this file be licensed under the Apache-2.0 license or a
+ * compatible open source license.
  */
 
 import {Stack, StackProps} from 'aws-cdk-lib';
@@ -10,6 +14,7 @@ import {
   CompositePrincipal,
   OpenIdConnectPrincipal,
   OpenIdConnectProvider,
+  PolicyStatement,
   Role
 } from 'aws-cdk-lib/aws-iam'
 
@@ -57,5 +62,10 @@ export class GitHubAccessStack extends Stack {
         currentAccountPrincipal
       )
     });
+
+    this.gitHubActionsTestingRole.addToPolicy(new PolicyStatement({
+      actions: ['cloudformation:DescribeStacks'],
+      resources: [`arn:aws:cloudformation:*:${this.account}:stack/*`],
+    }));
   }
 }
diff --git a/testing/aws-testing-cdk/lib/common/KmsStack.ts b/testing/aws-testing-cdk/lib/common/KmsStack.ts
index fbc236f879..5ab0da13f6 100644
--- a/testing/aws-testing-cdk/lib/common/KmsStack.ts
+++ b/testing/aws-testing-cdk/lib/common/KmsStack.ts
@@ -1,9 +1,13 @@
 /*
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
+ *
+ * The OpenSearch Contributors require contributions made to
+ * this file be licensed under the Apache-2.0 license or a
+ * compatible open source license.
  */
 
-import {Stack, StackProps} from 'aws-cdk-lib';
+import {CfnOutput, Stack, StackProps} from 'aws-cdk-lib';
 import {Construct} from 'constructs';
 import {Role} from 'aws-cdk-lib/aws-iam';
 import {Key} from 'aws-cdk-lib/aws-kms';
@@ -27,6 +31,11 @@ export class KmsStack extends Stack {
     });
 
     this.kmsKey.grantEncryptDecrypt(props.testingRole)
+
+    new CfnOutput(this, 'KmsKeyId', {
+      value: this.kmsKey.keyArn,
+      exportName: 'DataPrepperAwsTesting-KmsKeyId',
+    });
   }
 }
 
diff --git a/testing/aws-testing-cdk/lib/s3/S3SinkStack.ts b/testing/aws-testing-cdk/lib/s3/S3SinkStack.ts
index 89fe05d836..146cf93c40 100644
--- a/testing/aws-testing-cdk/lib/s3/S3SinkStack.ts
+++ b/testing/aws-testing-cdk/lib/s3/S3SinkStack.ts
@@ -1,9 +1,13 @@
 /*
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
+ *
+ * The OpenSearch Contributors require contributions made to
+ * this file be licensed under the Apache-2.0 license or a
+ * compatible open source license.
  */
 
-import {Duration, RemovalPolicy, Stack, StackProps} from 'aws-cdk-lib';
+import {CfnOutput, Duration, RemovalPolicy, Stack, StackProps} from 'aws-cdk-lib';
 import {Construct} from 'constructs';
 import {Role} from 'aws-cdk-lib/aws-iam';
 import {Bucket} from 'aws-cdk-lib/aws-s3';
@@ -13,7 +17,7 @@ export interface S3SinkStackProps extends StackProps {
 }
 
 /**
- * CDK stack that creates a common KMS key.
+ * CDK stack for resources needed by the S3 sink integration tests.
  */
 export class S3SinkStack extends Stack {
   readonly bucket: Bucket;
@@ -30,7 +34,12 @@ export class S3SinkStack extends Stack {
       ]
     });
 
-    this.bucket.grantWrite(props.testingRole)
+    this.bucket.grantReadWrite(props.testingRole)
+
+    new CfnOutput(this, 'BucketName', {
+      value: this.bucket.bucketName,
+      exportName: 'DataPrepperAwsTesting-S3SinkBucketName',
+    });
   }
 }