diff --git a/.github/workflows/aws-publish.yml b/.github/workflows/aws-publish.yml
index 3143f99..300944a 100644
--- a/.github/workflows/aws-publish.yml
+++ b/.github/workflows/aws-publish.yml
@@ -1,40 +1,42 @@
 name: Build and Deploy to AWS S3
 on:
+  pull_request:
+    branches:
+      - master  # Trigger on PRs targeting 'master' branch
   workflow_dispatch:
-
 jobs:
   build-and-deploy:
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # Required for OIDC
+      contents: read   # Required to fetch repo contents
     steps:
-    # Step 1: Check out the code
-    - name: Checkout code
-      uses: actions/checkout@v4
-    # Step 2: Set up Node.js
-    - name: Setup Node
-      uses: actions/setup-node@v4
-      with:
-        node-version: 18
-        cache: 'npm'
-        registry-url: 'https://registry.npmjs.org'
-    # Step 3: Install dependencies
-    - name: Install dependencies
-      shell: bash
-      run: npm ci --include=dev
-    # Step 4: Build the project
-    - name: Build package
-      shell: bash
-      run: npm run build
-    # Step 5: Zip the build output
-    - name: Create deployment package
-      run: zip -r build.zip ./build
-    # Step 6: Upload to S3
-    - name: Upload to S3
-      uses: jakejarvis/s3-sync-action@v1
-      with:
-        args: --acl public-read --follow-symlinks
-      env:
-        AWS_S3_BUCKET: ${{ secrets.S3_BUCKET_NAME }}
-        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        AWS_REGION: ${{ secrets.AWS_REGION }}
-        SOURCE_DIR: ./build
\ No newline at end of file
+      # Step 1: Checkout the code
+      - name: Checkout code
+        uses: actions/checkout@v4
+      # Step 2: Set up Node.js
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 18
+          cache: 'npm'
+          registry-url: 'https://registry.npmjs.org'
+      # Step 3: Install dependencies
+      - name: Install dependencies
+        run: npm ci --include=dev
+      # Step 4: Build the project
+      - name: Build package
+        run: npm run build
+      # Step 5: Zip the build output
+      # - name: Create deployment package
+      #   run: zip -r build.zip ./build
+      # Step 6: Configure AWS credentials via OIDC
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::913524902005:role/GA_UL_Sample_App
+          aws-region: ap-southeast-2
+      # Step 7: Upload to S3
+      - name: Upload to S3
+        run: |
+          aws s3 cp ./dist s3://universal-login-sample-app --acl public-read
\ No newline at end of file