diff --git a/.github/workflows/crc-cloud.yml b/.github/workflows/crc-cloud.yml
new file mode 100644
index 0000000..f1ffa28
--- /dev/null
+++ b/.github/workflows/crc-cloud.yml
@@ -0,0 +1,81 @@
+name: crc-cloud
+
+on:
+  pull_request:
+    branches:
+      - main
+
+  workflow_dispatch:
+
+jobs:
+  crc-cloud:
+    runs-on: ubuntu-latest
+
+    permissions:
+      id-token: write
+      contents: write
+
+    steps:
+      - name: Write pullsecret
+        env:
+          PULLSECRET_BASE64: ${{ secrets.PS_64 }}
+        run: |
+          echo $PULLSECRET_BASE64 | base64 --decode > pullsecret.txt
+
+      - name: Write boot key
+        run: |
+          echo "${{ secrets.ID_ECDSA }}" > key.txt
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          role-to-assume: ${{ secrets.ROLE }}
+          aws-region: eu-west-2
+
+      - name: Create cluster
+        run: |
+          docker run -d --name crc-cloud-create --rm \
+          -v ${PWD}:/workspace:z \
+          -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
+          -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
+          -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
+          -e AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION} \
+          quay.io/crcont/crc-cloud:v0.0.2 \
+          create aws \
+          --project-name "crc-ocp412" \
+          --backed-url "file:///workspace" \
+          --output "/workspace" \
+          --aws-ami-id "ami-019669c0960dbcf14" \
+          --pullsecret-filepath /workspace/pullsecret.txt \
+          --key-filepath /workspace/key.txt
+
+      - name: View cluster creation logs
+        continue-on-error: true
+        run: |
+          docker logs -f crc-cloud-create
+
+      - name: Check cluster config
+        continue-on-error: true
+        run: |
+          ls -al /tmp
+          pwd
+          ls -al
+          ssh -i id_rsa core@$(cat host) "cat /opt/kubeconfig"
+
+      - name: Destroy cluster
+        run: |
+          docker run -d --name crccloud-destroy --rm \
+          -v ${PWD}:/workspace:z \
+          -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
+          -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
+          -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
+          -e AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION} \
+          quay.io/crcont/crc-cloud:v0.0.2 \
+          destroy \
+          --project-name "crc-ocp412" \
+          --backed-url "file:///workspace" \
+          --provider "aws"
+
+      - name: View cluster destroy logs
+        run: |
+          docker logs -f crccloud-destroy