diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf
index 4477bb032..bf4000a06 100644
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -1435,11 +1435,14 @@ resourceTypes = {
       add_child = {
         description = "add a child resource"
       }
+      "list_children" = {
+        description = "List child resources"
+      }
     }
     ownerRoleName = "steward"
     roles = {
       steward = {
-        roleActions = ["share_policy::steward", "share_policy::custodian", "update_passport_identifier", "view_journal"]
+        roleActions = ["share_policy::steward", "share_policy::custodian", "update_passport_identifier", "view_journal", "list_children"]
         includedRoles = ["custodian"]
         descendantRoles = {
           snapshot-builder-request = ["approver"]
@@ -1484,11 +1487,26 @@ resourceTypes = {
       create_with_parent = {
         description = "Enables creating the request object with a parent"
       }
+      share_policy = {
+        description = "Can grant and revoke a users' permission"
+      }
+      read_policies = {
+        description = "Can read policies"
+      }
+      alter_policies = {
+        description = "Can alter policies"
+      }
+      set_parent = {
+        description = "Set the parent of the snapshot builder request"
+      }
+      get_parent = {
+        description = "Get the parent of the snapshot builder request"
+      }
     }
     ownerRoleName = "owner"
     roles = {
       owner = {
-        roleActions = ["get", "update", "delete", "create_with_parent"]
+        roleActions = ["get", "update", "delete", "create_with_parent", "share_policy", "read_policies", "alter_policies", "set_parent", "get_parent"]
       }
       approver = {
         roleActions = ["get", "approve", "delete"]