diff --git a/.github/workflows/tf_apply.yml b/.github/workflows/tf_apply.yml
index 672b343a..e828ff7a 100644
--- a/.github/workflows/tf_apply.yml
+++ b/.github/workflows/tf_apply.yml
@@ -14,6 +14,8 @@ env:
   TERRAGRUNT_VERSION: 0.31.1
   TF_VAR_google_oauth_pickle_string: "${{ secrets.GOOGLE_PICKLE_STRING }}"
   TF_VAR_slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
+  TF_VAR_gcp_sre_service_account_key: ${{ secrets.GCP_SRE_SERVICE_ACCOUNT_KEY_FILE }}
+
 
   
 permissions:
diff --git a/.github/workflows/tf_plan.yml b/.github/workflows/tf_plan.yml
index 41481b20..e39070b1 100644
--- a/.github/workflows/tf_plan.yml
+++ b/.github/workflows/tf_plan.yml
@@ -11,6 +11,7 @@ env:
   TERRAGRUNT_VERSION: 0.31.1
   TF_VAR_google_oauth_pickle_string: "${{ secrets.GOOGLE_PICKLE_STRING }}"
   TF_VAR_slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
+  TF_VAR_gcp_sre_service_account_key: ${{ secrets.GCP_SRE_SERVICE_ACCOUNT_KEY_FILE }}
 
   
 permissions:
diff --git a/app/pytest.ini b/app/pytest.ini
index a0b34200..6073fe37 100644
--- a/app/pytest.ini
+++ b/app/pytest.ini
@@ -19,4 +19,7 @@ env =
     ATIP_ANNOUNCE_CHANNEL = "ATIP_ANNOUNCE_CHANNEL"
     TRELLO_APP_KEY = "TRELLO_APP_KEY"
     TRELLO_TOKEN = "TRELLO_TOKEN"
-    TRELLO_ATIP_BOARD = "TRELLO_ATIP_BOARD"
\ No newline at end of file
+    TRELLO_ATIP_BOARD = "TRELLO_ATIP_BOARD"
+    GCP_SRE_SERVICE_ACCOUNT_KEY_FILE = "GCP_SRE_SERVICE_ACCOUNT_KEY_FILE"
+
+    
\ No newline at end of file
diff --git a/terraform/ecs.tf b/terraform/ecs.tf
index f683504a..7b7e28b2 100644
--- a/terraform/ecs.tf
+++ b/terraform/ecs.tf
@@ -11,14 +11,15 @@ data "template_file" "sre-bot" {
   template = file("./templates/sre-bot.json.tpl")
 
   vars = {
-    awslogs-group         = aws_cloudwatch_log_group.sre-bot_group.name
-    awslogs-region        = "ca-central-1"
-    awslogs-stream-prefix = "ecs-sre-bot"
-    image                 = "${aws_ecr_repository.sre-bot.repository_url}:latest"
-    fargate_cpu           = var.fargate_cpu
-    fargate_memory        = var.fargate_memory
-    aws_region            = "ca-central-1"
-    PICKLE_STRING         = aws_ssm_parameter.google_oauth_pickle_string.arn
+    awslogs-group                    = aws_cloudwatch_log_group.sre-bot_group.name
+    awslogs-region                   = "ca-central-1"
+    awslogs-stream-prefix            = "ecs-sre-bot"
+    image                            = "${aws_ecr_repository.sre-bot.repository_url}:latest"
+    fargate_cpu                      = var.fargate_cpu
+    fargate_memory                   = var.fargate_memory
+    aws_region                       = "ca-central-1"
+    PICKLE_STRING                    = aws_ssm_parameter.google_oauth_pickle_string.arn
+    GCP_SRE_SERVICE_ACCOUNT_KEY_FILE = aws_ssm_parameter.gcp_sre_service_account_key.arn
   }
 }
 
diff --git a/terraform/iam.tf b/terraform/iam.tf
index da89b7fc..b281deb7 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -29,7 +29,8 @@ data "aws_iam_policy_document" "sre-bot_secrets_manager" {
     ]
     resources = [
       "arn:aws:ssm:ca-central-1:${data.aws_caller_identity.current.account_id}:parameter/sre-bot-config",
-      aws_ssm_parameter.google_oauth_pickle_string.arn
+      aws_ssm_parameter.google_oauth_pickle_string.arn,
+      aws_ssm_parameter.gcp_sre_service_account_key.arn
     ]
   }
 
diff --git a/terraform/ssm.tf b/terraform/ssm.tf
index 99e91627..61823b5a 100644
--- a/terraform/ssm.tf
+++ b/terraform/ssm.tf
@@ -7,4 +7,15 @@ resource "aws_ssm_parameter" "google_oauth_pickle_string" {
     CostCentre = var.billing_code
     Terraform  = true
   }
-}
\ No newline at end of file
+}
+
+resource "aws_ssm_parameter" "gcp_sre_service_account_key" {
+  name  = "gcp_sre_service_account_key"
+  type  = "SecureString"
+  value = var.gcp_sre_service_account_key
+
+  tags = {
+    CostCentre = var.billing_code
+    Terraform  = true
+  }
+}
diff --git a/terraform/templates/sre-bot.json.tpl b/terraform/templates/sre-bot.json.tpl
index 41e7db48..885a6c42 100644
--- a/terraform/templates/sre-bot.json.tpl
+++ b/terraform/templates/sre-bot.json.tpl
@@ -26,6 +26,10 @@
       {
         "name": "PICKLE_STRING",
         "valueFrom": "${PICKLE_STRING}"
+      },
+      {
+        "name": "GCP_SRE_SERVICE_ACCOUNT_KEY_FILE",
+        "valueFrom": "${GCP_SRE_SERVICE_ACCOUNT_KEY_FILE}"
       }
     ],
     "ulimits": [
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 4c2caca4..b08c93d9 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -19,6 +19,12 @@ variable "google_oauth_pickle_string" {
   sensitive   = true
 }
 
+variable "gcp_sre_service_account_key" {
+  description = "(Required) The GCP SRE service account key"
+  type        = string
+  sensitive   = true
+}
+
 variable "error_threshold" {
   description = "CloudWatch alarm threshold for the SRE Bot ERROR logs"
   type        = string