diff --git a/terraform/environments/delius-jitbit/secrets.tf b/terraform/environments/delius-jitbit/secrets.tf
index 9287aa535dc..bf51b56a18c 100644
--- a/terraform/environments/delius-jitbit/secrets.tf
+++ b/terraform/environments/delius-jitbit/secrets.tf
@@ -21,3 +21,39 @@ resource "aws_secretsmanager_secret_version" "db_app_connection_string" {
     ignore_changes = [secret_string]
   }
 }
+
+resource "aws_secretsmanager_secret" "s3_user_access_key" {
+  # checkov:skip=CKV_AWS_149: "KMS key not required standard encryption is fine here"
+  # checkov:skip=CKV2_AWS_57:Auto rotation not currently possible
+  name                    = "${local.application_name}-s3-user-access-key"
+  recovery_window_in_days = 0
+  tags = merge(
+    local.tags,
+    {
+      Name = "${local.application_name}-s3-user-access-key"
+    }
+  )
+}
+
+resource "aws_secretsmanager_secret_version" "s3_user_access_key" {
+  secret_id     = aws_secretsmanager_secret.s3_user_access_key.id
+  secret_string = aws_iam_access_key.s3_user.id
+}
+
+resource "aws_secretsmanager_secret" "s3_user_secret_key" {
+  # checkov:skip=CKV_AWS_149: "KMS key not required standard encryption is fine here"
+  # checkov:skip=CKV2_AWS_57:Auto rotation not currently possible
+  name                    = "${local.application_name}-s3-user-secret-key"
+  recovery_window_in_days = 0
+  tags = merge(
+    local.tags,
+    {
+      Name = "${local.application_name}-s3-user-secret-key"
+    }
+  )
+}
+
+resource "aws_secretsmanager_secret_version" "s3_user_secret_key" {
+  secret_id     = aws_secretsmanager_secret.s3_user_secret_key.id
+  secret_string = aws_iam_access_key.s3_user.secret
+}
\ No newline at end of file