diff --git a/.github/workflows/rotate-ci-apikey.yml b/.github/workflows/rotate-ci-apikey.yml
new file mode 100644
index 0000000..ea3c4de
--- /dev/null
+++ b/.github/workflows/rotate-ci-apikey.yml
@@ -0,0 +1,22 @@
+name: Rotate API Key for CI/CD
+on: 
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  rotate:
+    name: Rotate API Key 
+    runs-on: ubuntu-latest
+    steps:
+      - name: rotate gcp keys
+        uses: anekkanti/github-action-rotate-temporalcloud-apikey@v0.1.0
+        with:
+          apikey: "${{ secrets.TEMPORAL_CLOUD_API_KEY }}"
+          serviceAccountId: "${{ secrets.TEMPORAL_CLOUD_SERVICE_ACCOUNT_ID }}"
+          apikeyNamePrefix: "${{ github.repository }}-ci"
+          duration: 90
+          description: "Apikey used for CI/CD"
+          deleteOldApikeys: true
+          personalAccessToken: "${{ secrets.PERSONAL_ACCESS_TOKEN }}"
+          repositories: ${{ github.repository }}
+          secretName: "TEMPORAL_CLOUD_API_KEY"