diff --git a/dataeng/resources/snowflake-public-grants-cleaner.sh b/dataeng/resources/snowflake-public-grants-cleaner.sh
index 6e6374229..a5da1a25e 100644
--- a/dataeng/resources/snowflake-public-grants-cleaner.sh
+++ b/dataeng/resources/snowflake-public-grants-cleaner.sh
@@ -10,13 +10,18 @@ source "${PYTHON_VENV}/bin/activate"
 cd $WORKSPACE/analytics-tools/snowflake
 make requirements
 
-source secrets-manager.sh analytics-secure/job-configs/SNOWFLAKE_PUBLIC_GRANTS_CLEANER_JOB_EXTRA_VARS KEY_PATH
-source secrets-manager.sh analytics-secure/job-configs/SNOWFLAKE_PUBLIC_GRANTS_CLEANER_JOB_EXTRA_VARS PASSPHRASE_PATH
-source secrets-manager.sh analytics-secure/job-configs/SNOWFLAKE_PUBLIC_GRANTS_CLEANER_JOB_EXTRA_VARS USER
-source secrets-manager.sh analytics-secure/job-configs/SNOWFLAKE_PUBLIC_GRANTS_CLEANER_JOB_EXTRA_VARS ACCOUNT
+python3 secrets-manager.py -w -n analytics-secure/snowflake/rsa_key_stitch_loader.p8 -v rsa_key_stitch_loader
+python3 secrets-manager.py -w -n analytics-secure/snowflake/rsa_key_passphrase_stitch_loader -v rsa_key_passphrase_stitch_loader
+
+unset KEY_PATH
+unset PASSPHRASE_PATH
 
 python snowflake_public_grants_cleaner.py \
-    --key_path $WORKSPACE/analytics-secure/$KEY_PATH \
-    --passphrase_path $WORKSPACE/analytics-secure/$PASSPHRASE_PATH \
-    --user $USER \
-    --account $ACCOUNT
+    --user "STITCH_LOADER" \
+    --account "edx.us-east-1" \ 
+    --key_file "$(cat "rsa_key_stitch_loader")" \
+    --passphrase_file "$(cat "rsa_key_passphrase_stitch_loader")"
+
+
+rm rsa_key_stitch_loader
+rm rsa_key_passphrase_stitch_loader