diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index d85945c..324f2ed 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -17,8 +17,9 @@ jobs:
       - uses: actions/checkout@v3
       - uses: aws-actions/configure-aws-credentials@v2
         with:
-          role-to-assume: arn:aws:iam::816188110262:role/lukeshay-cloud-terraform-state-ReadWrite
+          role-to-assume: ${{ secrets.AWS_READ_WRITE_ROLE_ARN }}
           aws-region: us-west-2
+          role-session-name: GitHubActions
       - uses: actions/setup-node@v2
         with:
           node-version: "18"
diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index 198ac37..0c61b6b 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -16,8 +16,9 @@ jobs:
       - uses: actions/checkout@v3
       - uses: aws-actions/configure-aws-credentials@v2
         with:
-          role-to-assume: arn:aws:iam::816188110262:role/lukeshay-cloud-terraform-state-Read
+          role-to-assume: ${{ secrets.AWS_READ_ROLE_ARN }}
           aws-region: us-west-2
+          role-session-name: GitHubActions
       - uses: actions/setup-node@v2
         with:
           node-version: "18"