diff --git a/data.tf b/data.tf
new file mode 100644
index 0000000..2502393
--- /dev/null
+++ b/data.tf
@@ -0,0 +1 @@
+data "aws_region" "current" {}
diff --git a/iam_policy/session_configuration.json b/iam_policy/session_configuration.json
new file mode 100644
index 0000000..e0b8197
--- /dev/null
+++ b/iam_policy/session_configuration.json
@@ -0,0 +1,27 @@
+{
+  "Statement": [
+    {
+      "Action": "s3:*",
+      "Effect": "Allow",
+      "Resource": [
+        "arn:aws-us-gov:s3:::inf-test-08230846-acc4-7788-94df-5730ed20c008/*"
+      ]
+    },
+    {
+      "Action": "ssm:*",
+      "Effect": "Allow",
+      "Resource": "*"
+    },
+    {
+      "Action": "secretsmanager:*",
+      "Effect": "Allow",
+      "Resource": "*"
+    },
+    {
+      "Action": "dynamodb:*",
+      "Effect": "Allow",
+      "Resource": "arn:aws-us-gov:dynamodb:us-gov-west-1:229685449397:table/tf_remote_state"
+    }
+  ],
+  "Version": "2012-10-17"
+}
diff --git a/main.tf b/main.tf
index c21d29e..b865579 100644
--- a/main.tf
+++ b/main.tf
@@ -206,4 +206,3 @@ module "ghe_runners" {
   enforce_prs       = false
   collaborators     = local.collaborators
 }
-
diff --git a/morpheus.tf b/morpheus.tf
index dde3497..b8abed3 100644
--- a/morpheus.tf
+++ b/morpheus.tf
@@ -21,6 +21,22 @@ module "morpheus_repos" {
   enforce_prs            = true
   collaborators          = { gomez385 = "admin", arnol377 = "admin" }
   pull_request_bypassers = local.pull_request_bypassers
+  vars = [
+    {
+      name  = "aws_access_key_id",
+      value = module.aws_session_configuration.iam_credentials.iam_access_key_id
+    },
+    {
+      name  = "aws_default_region",
+      value = data.aws_region.current.name
+    }
+  ]
+  secrets = [
+    {
+      name  = "aws_secret_access_key"
+      value = module.aws_session_configuration.iam_credentials.iam_secret_access_key
+    }
+  ]
   managed_extra_files = [
     {
       path = ".github/workflows/terraform-plan.yaml"
@@ -47,4 +63,4 @@ module "morpheus_repos" {
       )
     }
   ]
-}
\ No newline at end of file
+}
diff --git a/service-accounts.tf b/service-accounts.tf
new file mode 100644
index 0000000..3be2ed5
--- /dev/null
+++ b/service-accounts.tf
@@ -0,0 +1,5 @@
+module "aws_session_configuration" {
+  source        = "HappyPathway/service-account/aws"
+  iam_policy    = file("${path.root}/iam_policy/session_configuration.json")
+  iam_user_name = "github-actions-s3_upload"
+}