diff --git a/action.yml b/action.yml
new file mode 100644
index 0000000..990eaff
--- /dev/null
+++ b/action.yml
@@ -0,0 +1,19 @@
+name: 'AWS Assume role GitHub Actions'
+description: 'Runs awscredswrap via GitHub Actions.'
+author: 'youyo <1003ni2@gmail.com>'
+branding:
+  icon: 'terminal'
+  color: 'blue'
+inputs:
+  duration_seconds:
+    description: 'The duration, in seconds, of the role session. (default 3600)'
+    default: 3600
+  role_arn:
+    description: 'The arn of the role to assume.'
+    required: true
+  role_session_name:
+    description: 'An identifier for the assumed role session.'
+    default: 'awscredswrap@GitHubActions'
+runs:
+  using: 'docker'
+  image: 'github-actions/Dockerfile'
diff --git a/github-actions/Dockerfile b/github-actions/Dockerfile
new file mode 100644
index 0000000..7e95098
--- /dev/null
+++ b/github-actions/Dockerfile
@@ -0,0 +1,7 @@
+FROM youyo/awscredswrap:latest
+
+LABEL maintainer "youyo <1003ni2@gmail.com>"
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/github-actions/entrypoint.sh b/github-actions/entrypoint.sh
new file mode 100755
index 0000000..bdca6f1
--- /dev/null
+++ b/github-actions/entrypoint.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+eval $(/awscredswrap --role-arn ${INPUT_ROLE_ARN} --role-session-name ${INPUT_ROLE_SESSION_NAME} --duration-seconds ${INPUT_DURATION_SECONDS})
+
+echo ::add-mask::${AWS_ACCESS_KEY_ID}
+echo ::add-mask::${AWS_SECRET_ACCESS_KEY}
+echo ::add-mask::${AWS_SESSION_TOKEN}
+echo ::add-mask::${AWS_DEFAULT_REGION}
+
+echo ::set-env name=AWS_ACCESS_KEY_ID::${AWS_ACCESS_KEY_ID}
+echo ::set-env name=AWS_SECRET_ACCESS_KEY::${AWS_SECRET_ACCESS_KEY}
+echo ::set-env name=AWS_SESSION_TOKEN::${AWS_SESSION_TOKEN}
+echo ::set-env name=AWS_DEFAULT_REGION::${AWS_DEFAULT_REGION}