diff --git a/Makefile b/Makefile
index 0a83f9912..4a819b56a 100644
--- a/Makefile
+++ b/Makefile
@@ -296,8 +296,8 @@ dev-templates: templates-generate
 	$(KUBECTL) -n $(NAMESPACE) apply -f $(PROVIDER_TEMPLATES_DIR)/hmc-templates/files/templates
 
 .PHONY: dev-aws-creds
-dev-aws-creds: yq
-	@$(YQ) e ".stringData.AWS_B64ENCODED_CREDENTIALS = \"${AWS_CREDENTIALS}\"" config/dev/awscredentials.yaml | $(KUBECTL) -n $(NAMESPACE) apply -f -
+dev-aws-creds: envsubst
+	@NAMESPACE=$(NAMESPACE) $(ENVSUBST) -no-unset -i config/dev/aws-credentials.yaml | $(KUBECTL) apply -f -
 
 .PHONY: dev-azure-creds
 dev-azure-creds: envsubst
@@ -315,9 +315,6 @@ dev-destroy: kind-undeploy registry-undeploy ## Destroy the development environm
 
 .PHONY: dev-mcluster-apply
 dev-mcluster-apply: envsubst
-	@if [ $(DEV_PROVIDER) = "aws" ]; then \
-		$(MAKE) dev-aws-creds; \
-	fi
 	@NAMESPACE=$(NAMESPACE) $(ENVSUBST) -no-unset -i config/dev/$(DEV_PROVIDER)-managedcluster.yaml | $(KUBECTL) apply -f -
 
 .PHONY: dev-mcluster-delete
diff --git a/api/v1alpha1/common.go b/api/v1alpha1/common.go
index 615bedbe7..906843e91 100644
--- a/api/v1alpha1/common.go
+++ b/api/v1alpha1/common.go
@@ -26,8 +26,7 @@ type Providers struct {
 
 const (
 	// Provider CAPA
-	ProviderCAPAName       = "cluster-api-provider-aws"
-	ProviderCAPASecretName = "aws-variables"
+	ProviderCAPAName = "cluster-api-provider-aws"
 	// Provider Azure
 	ProviderAzureName   = "cluster-api-provider-azure"
 	ProviderVSphereName = "cluster-api-provider-vsphere"
diff --git a/config/dev/aws-credentials.yaml b/config/dev/aws-credentials.yaml
new file mode 100644
index 000000000..cba60ee0e
--- /dev/null
+++ b/config/dev/aws-credentials.yaml
@@ -0,0 +1,21 @@
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+kind: AWSClusterStaticIdentity
+metadata:
+  name: aws-cluster-identity
+  namespace: ${NAMESPACE}
+spec:
+  secretRef: aws-cluster-identity-secret
+  allowedNamespaces:
+    selector:
+      matchLabels: {}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: aws-cluster-identity-secret
+  namespace: ${NAMESPACE}
+type: Opaque
+stringData:
+  AccessKeyID: ${AWS_ACCESS_KEY_ID}
+  SecretAccessKey: ${AWS_SECRET_ACCESS_KEY}
diff --git a/config/dev/aws-managedcluster.yaml b/config/dev/aws-managedcluster.yaml
index c0ece7fcd..5e76f4b10 100644
--- a/config/dev/aws-managedcluster.yaml
+++ b/config/dev/aws-managedcluster.yaml
@@ -5,6 +5,9 @@ metadata:
   namespace: ${NAMESPACE}
 spec:
   config:
+    clusterIdentity:
+      name: aws-cluster-identity
+      namespace: ${NAMESPACE}
     controlPlane:
       instanceType: t3.small
     controlPlaneNumber: 1
diff --git a/config/dev/awscredentials.yaml b/config/dev/awscredentials.yaml
deleted file mode 100644
index 56ae826f7..000000000
--- a/config/dev/awscredentials.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v1
-stringData:
-  AWS_B64ENCODED_CREDENTIALS: Cg==
-kind: Secret
-metadata:
-  labels:
-    cluster.x-k8s.io/provider: infrastructure-aws
-    clusterctl.cluster.x-k8s.io: ""
-  name: aws-variables
-  namespace: hmc-system
-type: Opaque
diff --git a/docs/dev.md b/docs/dev.md
index 1bf47bad8..19b40cec4 100644
--- a/docs/dev.md
+++ b/docs/dev.md
@@ -23,6 +23,11 @@ make cli-install
 
 Follow the instruction to configure AWS Provider: [AWS Provider Setup](aws/main.md#prepare-the-aws-infra-provider)
 
+The following env variables must be set in order to deploy dev cluster on AWS:
+
+- `AWS_ACCESS_KEY_ID`
+- `AWS_SECRET_ACCESS_KEY`
+
 ### Azure Provider Setup
 
 Follow the instruction on how to configure [Azure Provider](azure/main.md).
diff --git a/templates/cluster/aws-hosted-cp/Chart.yaml b/templates/cluster/aws-hosted-cp/Chart.yaml
index 51672276a..2917fb012 100644
--- a/templates/cluster/aws-hosted-cp/Chart.yaml
+++ b/templates/cluster/aws-hosted-cp/Chart.yaml
@@ -7,7 +7,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.3
+version: 0.1.4
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
diff --git a/templates/cluster/aws-hosted-cp/templates/awscluster.yaml b/templates/cluster/aws-hosted-cp/templates/awscluster.yaml
index 4c23f4b49..668383a67 100644
--- a/templates/cluster/aws-hosted-cp/templates/awscluster.yaml
+++ b/templates/cluster/aws-hosted-cp/templates/awscluster.yaml
@@ -9,9 +9,9 @@ metadata:
   - hmc.mirantis.com/cleanup
 spec:
   region: {{ .Values.region }}
-  # identityRef:
-    # kind: AWSClusterStaticIdentity
-    # name: aws-identity-name
+  identityRef:
+    kind: {{ .Values.clusterIdentity.kind }}
+    name: {{ .Values.clusterIdentity.name }}
   network:
     vpc:
       id: {{ .Values.vpcID }}
diff --git a/templates/cluster/aws-hosted-cp/values.schema.json b/templates/cluster/aws-hosted-cp/values.schema.json
index 0b437deb0..4a1786d9f 100644
--- a/templates/cluster/aws-hosted-cp/values.schema.json
+++ b/templates/cluster/aws-hosted-cp/values.schema.json
@@ -9,7 +9,8 @@
     "amiID",
     "iamInstanceProfile",
     "instanceType",
-    "securityGroupIDs"
+    "securityGroupIDs",
+    "clusterIdentity"
   ],
   "properties": {
     "workersNumber": {
@@ -107,6 +108,24 @@
           }
       }
     },
+    "clusterIdentity": {
+      "type": "object",
+      "description": "AWS Cluster Identity object reference",
+      "required": [
+        "name",
+	"kind"
+      ],
+      "properties": {
+        "name": {
+	  "description": "AWS ClusterIdentity object name",
+          "type": "string"
+        },
+        "kind": {
+	  "description": "AWS ClusterIdentity object kind",
+          "type": "string"
+        }
+      }
+    },
     "amiID": {
       "description": "The ID of Amazon Machine Image",
       "type": "string"
diff --git a/templates/cluster/aws-hosted-cp/values.yaml b/templates/cluster/aws-hosted-cp/values.yaml
index 3208000f8..4949d631b 100644
--- a/templates/cluster/aws-hosted-cp/values.yaml
+++ b/templates/cluster/aws-hosted-cp/values.yaml
@@ -23,6 +23,9 @@ bastion:
   allowedCIDRBlocks: []
   instanceType: t2.micro
   ami: ""
+clusterIdentity:
+  name: ""
+  kind: "AWSClusterStaticIdentity"
 # AWS machines parameters
 amiID: ""
 imageLookup:
diff --git a/templates/cluster/aws-standalone-cp/Chart.yaml b/templates/cluster/aws-standalone-cp/Chart.yaml
index 2d1da1cd7..20e783367 100644
--- a/templates/cluster/aws-standalone-cp/Chart.yaml
+++ b/templates/cluster/aws-standalone-cp/Chart.yaml
@@ -6,7 +6,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.3
+version: 0.1.4
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
diff --git a/templates/cluster/aws-standalone-cp/templates/awscluster.yaml b/templates/cluster/aws-standalone-cp/templates/awscluster.yaml
index c199c7227..7b098d678 100644
--- a/templates/cluster/aws-standalone-cp/templates/awscluster.yaml
+++ b/templates/cluster/aws-standalone-cp/templates/awscluster.yaml
@@ -6,9 +6,9 @@ metadata:
     aws.cluster.x-k8s.io/external-resource-gc: "true"
 spec:
   region: {{ .Values.region }}
-  # identityRef:
-    # kind: AWSClusterStaticIdentity
-    # name: aws-identity-name
+  identityRef:
+    kind: {{ .Values.clusterIdentity.kind }}
+    name: {{ .Values.clusterIdentity.name }}
   controlPlaneLoadBalancer:
     healthCheckProtocol: TCP
   network:
diff --git a/templates/cluster/aws-standalone-cp/values.schema.json b/templates/cluster/aws-standalone-cp/values.schema.json
index 97c111488..7b39a7d0c 100644
--- a/templates/cluster/aws-standalone-cp/values.schema.json
+++ b/templates/cluster/aws-standalone-cp/values.schema.json
@@ -5,7 +5,8 @@
   "required": [
     "controlPlaneNumber",
     "workersNumber",
-    "region"
+    "region",
+    "clusterIdentity"
   ],
   "properties": {
     "controlPlaneNumber": {
@@ -85,6 +86,24 @@
           }
       }
     },
+    "clusterIdentity": {
+      "type": "object",
+      "description": "AWS Cluster Identity object reference",
+      "required": [
+        "name",
+	"kind"
+      ],
+      "properties": {
+        "name": {
+	  "description": "AWS ClusterIdentity object name",
+          "type": "string"
+        },
+        "kind": {
+	  "description": "AWS ClusterIdentity object kind",
+          "type": "string"
+        }
+      }
+    },
     "controlPlane": {
       "description": "The configuration of the control plane machines",
       "type": "object",
diff --git a/templates/cluster/aws-standalone-cp/values.yaml b/templates/cluster/aws-standalone-cp/values.yaml
index 68f75376b..2d09cf5c8 100644
--- a/templates/cluster/aws-standalone-cp/values.yaml
+++ b/templates/cluster/aws-standalone-cp/values.yaml
@@ -20,6 +20,9 @@ bastion:
   allowedCIDRBlocks: []
   instanceType: t2.micro
   ami: ""
+clusterIdentity:
+  name: ""
+  kind: "AWSClusterStaticIdentity"
 # AWS machines parameters
 controlPlane:
   amiID: ""
diff --git a/templates/provider/cluster-api-provider-aws/values.yaml b/templates/provider/cluster-api-provider-aws/values.yaml
index 99a9d8659..98a6fb0f3 100644
--- a/templates/provider/cluster-api-provider-aws/values.yaml
+++ b/templates/provider/cluster-api-provider-aws/values.yaml
@@ -1,6 +1,7 @@
 configSecret:
-  create: false
+  create: true
   name: "aws-variables"
   namespace: ""
 
-config: {}
+config:
+  AWS_B64ENCODED_CREDENTIALS: Cg==
diff --git a/templates/provider/hmc-templates/files/templates/aws-hosted-cp.yaml b/templates/provider/hmc-templates/files/templates/aws-hosted-cp.yaml
index d2aa2b417..dc54e981f 100644
--- a/templates/provider/hmc-templates/files/templates/aws-hosted-cp.yaml
+++ b/templates/provider/hmc-templates/files/templates/aws-hosted-cp.yaml
@@ -5,4 +5,4 @@ metadata:
 spec:
   helm:
     chartName: aws-hosted-cp
-    chartVersion: 0.1.3
+    chartVersion: 0.1.4
diff --git a/templates/provider/hmc-templates/files/templates/aws-standalone-cp.yaml b/templates/provider/hmc-templates/files/templates/aws-standalone-cp.yaml
index d26c386e3..aa0ac7d1f 100644
--- a/templates/provider/hmc-templates/files/templates/aws-standalone-cp.yaml
+++ b/templates/provider/hmc-templates/files/templates/aws-standalone-cp.yaml
@@ -5,4 +5,4 @@ metadata:
 spec:
   helm:
     chartName: aws-standalone-cp
-    chartVersion: 0.1.3
+    chartVersion: 0.1.4