diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml
index 781dfd1..1bf2904 100644
--- a/.github/workflows/deploy-docs.yml
+++ b/.github/workflows/deploy-docs.yml
@@ -6,6 +6,9 @@ on:
 jobs:
   deploy-docs:
     name: Build and Deploy to s3
+    permissions:
+      id-token: write
+      contents: read
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -25,11 +28,10 @@ jobs:
       - name: Build
         run: bun run build
       
-      - name: Configure Credentials
+      - name: Configure Credentials (OIDC)
         uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
           aws-region: "us-east-1"
       
       - name: Deploy to s3 bucket