diff --git a/secrets_manager/secrets_manager.go b/secrets_manager/secrets_manager.go
index ca371ed263075000da2cdc2fe7e9a77a47be7424..871e82eedb18847457a154368ec344d576c6bd88 100644
--- a/secrets_manager/secrets_manager.go
+++ b/secrets_manager/secrets_manager.go
@@ -2,6 +2,7 @@ package secrets_manager
 
 import (
 	"encoding/base64"
+	credentials2 "github.com/aws/aws-sdk-go/aws/credentials"
 	"os"
 
 	"gitlab.bob.co.za/bob-public-utils/bobgroup-go-utils/logs"
@@ -24,6 +25,11 @@ type DatabaseCredentials struct {
 	ReadOnlyHost       string `json:"aurora_read_only_host"`
 }
 
+type S3UploadCredentials struct {
+	AccessKeyID     string `json:"accessKeyID"`
+	SecretAccessKey string `json:"secretAccessKey"`
+}
+
 var (
 	secretCache, _      = secretcache.New()
 	secretManagerRegion = "af-south-1"
@@ -39,6 +45,16 @@ func GetDatabaseCredentials(secretID string, isDebug bool) (DatabaseCredentials,
 	return credentials, nil
 }
 
+func GetS3UploadCredentials(secretID string, isDebug bool) (*credentials2.Credentials, error) {
+	secret, _ := GetSecret(secretID, isDebug)
+	var credentials S3UploadCredentials
+	err := struct_utils.UnmarshalJSON([]byte(secret), &credentials)
+	if err != nil {
+		return nil, err
+	}
+	return credentials2.NewStaticCredentials(credentials.AccessKeyID, credentials.SecretAccessKey, ""), nil
+}
+
 func GetSecret(secretID string, isDebug bool) (string, string) {
 	cachedSecret, err := secretCache.GetSecretString(secretID)
 	if err != nil {