diff --git a/.github/workflows/automated_approval_test.yml b/.github/workflows/automated_approval_test.yml
new file mode 100644
index 000000000..29b034d9b
--- /dev/null
+++ b/.github/workflows/automated_approval_test.yml
@@ -0,0 +1,49 @@
+name: Auto approve PRs by Tagging Bot
+
+on:
+  pull_request:
+    types: [opened, synchronize, labeled]  # ← Fixed: Added 'labeled'
+
+# add permission to read contents
+permissions:
+  contents: write
+  pull-requests: write
+  issues: write
+
+jobs:
+  auto-approve:
+    runs-on:
+      group: databricks-deco-testing-runner-group
+      labels: ubuntu-latest-deco
+    environment: "release-is"  # Required to access GitHub App secrets
+    permissions:
+      pull-requests: write
+      contents: read
+    
+    steps:
+      - name: Generate GitHub App Token
+        id: generate-token
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ secrets.DECO_SDK_TAGGING_APP_ID }}
+          private-key: ${{ secrets.DECO_SDK_TAGGING_PRIVATE_KEY }}
+
+      # Optional: Debug step to see who the author is
+      - name: Debug PR Info
+        run: |
+          echo "PR Number: ${{ github.event.pull_request.number }}"
+          echo "PR Author: ${{ github.event.pull_request.user.login }}"
+          echo "PR Labels: ${{ toJson(github.event.pull_request.labels.*.name) }}"
+          echo "Trigger Event: ${{ github.event.action }}"
+
+      - name: Approve PR based on conditions
+        if: |
+          github.event.pull_request.user.login == 'deco-sdk-tagging[bot]' ||
+          contains(github.event.pull_request.labels.*.name, 'zzz:automated-update')
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh pr review ${{ github.event.pull_request.number }} \
+            --repo ${{ github.repository }} \
+            --approve \
+            --body "Auto-approved by Databricks SDK Release Bot"
\ No newline at end of file