diff --git a/.github/workflows/assume-aws-role.yml b/.github/workflows/assume-aws-role.yml
new file mode 100644
index 000000000..792639060
--- /dev/null
+++ b/.github/workflows/assume-aws-role.yml
@@ -0,0 +1,18 @@
+inputs:
+  CRT_CI_ROLE:
+    required: true
+  AWS_DEFAULT_REGION:
+    required: true
+
+name: 'Assume Role'
+description: 'Assume AWS Role to be used during workflows'
+runs:
+  using: "composite"
+  permissions:
+    id-token: write # This is required for requesting the JWT
+  steps:
+    - name: configure AWS credentials (containers)
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: ${{ env.CRT_CI_ROLE }}
+        aws-region: ${{ env.AWS_DEFAULT_REGION }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b74636e19..c74fa3e44 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -31,14 +31,8 @@ jobs:
           - opensuse-leap
           - rhel8-x64
           - al2-x64
-    permissions:
-      id-token: write # This is required for requesting the JWT
     steps:
-    - name: configure AWS credentials (containers)
-      uses: aws-actions/configure-aws-credentials@v4
-      with:
-        role-to-assume: ${{ env.CRT_CI_ROLE }}
-        aws-region: ${{ env.AWS_DEFAULT_REGION }}
+    - uses: ./.github/actions/assume-aws-role.yml
     - name: Build ${{ env.PACKAGE_NAME }}
       run: |
         aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh