diff --git a/.github/workflows/aro-hcp-dev-env-cd.yml b/.github/workflows/aro-hcp-dev-env-cd.yml
index 41efd6ebf..7df93bd5a 100644
--- a/.github/workflows/aro-hcp-dev-env-cd.yml
+++ b/.github/workflows/aro-hcp-dev-env-cd.yml
@@ -150,7 +150,7 @@
         - name: 'Deploy'
           run: |
             cd dev-infrastructure/
-            make svc svc.aks.admin-access svc.enable-aks-metrics
+            PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc svc.aks.admin-access svc.enable-aks-metrics
 
             # grant GH action user access to resources
             PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make dev-role-assignments
@@ -181,7 +181,7 @@
         - name: 'Deploy or Update'
           run: |
             cd dev-infrastructure/
-            make mgmt mgmt.aks.admin-access mgmt.enable-aks-metrics
+            PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make mgmt mgmt.aks.admin-access mgmt.enable-aks-metrics
 
     build_push_frontend:
       permissions:
diff --git a/dev-infrastructure/scripts/aks-admin-access.sh b/dev-infrastructure/scripts/aks-admin-access.sh
index 40000a091..9f37f3f4e 100755
--- a/dev-infrastructure/scripts/aks-admin-access.sh
+++ b/dev-infrastructure/scripts/aks-admin-access.sh
@@ -2,7 +2,11 @@
 set -e
 
 RESOURCEGROUP=$1
-CURRENTUSER_CLIENT_ID=$(az ad signed-in-user show -o json | jq -r '.id')
+if [ -z "$PRINCIPAL_ID" ]; then
+    CURRENTUSER_CLIENT_ID=$(az ad signed-in-user show -o json | jq -r '.id')
+else
+    CURRENTUSER_CLIENT_ID=$PRINCIPAL_ID
+fi
 CLUSTER_ID=$(az aks list -g $RESOURCEGROUP -o json | jq -r .[0].id)
 
 az role assignment create --assignee $CURRENTUSER_CLIENT_ID --role "Azure Kubernetes Service RBAC Cluster Admin" --scope $CLUSTER_ID