diff --git a/.github/workflows/build-scan-commit-status.yml b/.github/workflows/build-scan-commit-status.yml
new file mode 100644
index 00000000..b0c726e5
--- /dev/null
+++ b/.github/workflows/build-scan-commit-status.yml
@@ -0,0 +1,32 @@
+name: Publish BuildScan Commit Status
+
+on:
+  status
+
+permissions:
+  statuses: write
+  id-token: write
+
+jobs:
+  build_scan_commit_status:
+    runs-on: ubuntu-latest
+    steps:
+      - name: configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          role-to-assume: arn:aws:iam::992382829881:role/GHASecrets_native-platform_all
+          aws-region: "eu-central-1"
+      - name: get secrets
+        uses: aws-actions/aws-secretsmanager-get-secrets@v2
+        with:
+          secret-ids: |
+            GH_PAT, gha/gradle-profiler/_all/GH_BOT_GITHUB_TOKEN
+      - name: Checkout gradle-github-actions Repo
+        uses: actions/checkout@v4
+        with:
+          repository: gradle/gradle-github-actions
+          ref: main
+          token: ${{ env.GH_PAT }}
+          path: .github/actions/gradle-github-actions
+      - name: Publish BuildScan Commit Status
+        uses: ./.github/actions/gradle-github-actions/buildscan-commit-status-action