diff --git a/s3/s3.go b/s3/s3.go
index 17ca5223a4cbe6787dec5030e6b7dd11484b8144..7d41422739e0f2d4049e7de7964be89c9aca821b 100644
--- a/s3/s3.go
+++ b/s3/s3.go
@@ -4,6 +4,8 @@ import (
 	"bytes"
 	"encoding/binary"
 	"fmt"
+	"github.com/aws/aws-sdk-go/aws/credentials"
+	"gitlab.bob.co.za/bob-public-utils/bobgroup-go-utils/secrets_manager"
 	"net/url"
 	"os"
 	"path"
@@ -87,7 +89,7 @@ type SessionWithHelpers struct {
 	S3Session *s3.S3
 }
 
-func GetSession(region ...string) *SessionWithHelpers {
+func GetSession(isDebug bool, region ...string) *SessionWithHelpers {
 	s3Region := os.Getenv("AWS_REGION")
 
 	// Set custom region
@@ -101,9 +103,11 @@ func GetSession(region ...string) *SessionWithHelpers {
 	}
 
 	// Setup session
+	s3Credentials := GetS3SessionCredentials(isDebug)
 	options := session.Options{
 		Config: aws.Config{
-			Region: aws.String(s3Region),
+			Region:      aws.String(s3Region),
+			Credentials: s3Credentials,
 		},
 	}
 
@@ -117,6 +121,15 @@ func GetSession(region ...string) *SessionWithHelpers {
 	return s3Session
 }
 
+func GetS3SessionCredentials(isDebug bool) *credentials.Credentials {
+	secretID := os.Getenv("S3_SECRET_ID")
+	s3Credentials, err := secrets_manager.GetS3UploadCredentials(secretID, isDebug)
+	if err != nil {
+		return nil
+	}
+	return s3Credentials
+}
+
 func NewSession(session *session.Session) *SessionWithHelpers {
 	return &SessionWithHelpers{
 		S3Session: s3.New(session),