diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index a5d86ba..bdc13a5 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -6,6 +6,10 @@ on:
   pull_request:
     types: [ opened, synchronize, reopened ]
 
+permissions:
+  id-token: write   # This is required for requesting the JWT
+  contents: read
+
 jobs:
   lint-flag:
     runs-on: ubuntu-latest
@@ -16,4 +20,12 @@ jobs:
       - name: data_export_file
         uses: go-feature-flag/gofeatureflag-lint-action@v1
         with:
-          flag-file: ./flags/flags.goff.yaml
\ No newline at end of file
+          flag-file: ./flags/flags.goff.yaml
+
+      - uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: eu-west-1
+          role-to-assume: arn:aws:iam::763196386653:role/goff_deployer_role
+          role-session-name: gha-flags-deployer-session
+
+      - run: aws s3 ls go-feature-flag
\ No newline at end of file