diff --git a/README.md b/README.md
index f7dc4b8..7bb8bba 100644
--- a/README.md
+++ b/README.md
@@ -132,7 +132,7 @@ Set up GitHub actions, variables and secrets:
   - Secrets and variables / Actions / Actions secrets and variables
     - Secrets
       - **New repository secret**
-        - `APP_PEM_FILE` (`GITHUB_APP_PEM_FILE` contents)
+        - `GH_APP_PEM_FILE` (`GITHUB_APP_PEM_FILE` contents)
         - `AWS_ACCESS_KEY_ID`
         - `AWS_SECRET_ACCESS_KEY`
     - Variables
@@ -176,9 +176,14 @@ organization:
       - name: "Main Branch"
         target: branch # REQUIRED, VALUES branch or tag
         enforcement: active # REQUIRED, VALUES disabled or active
+        bypass_actors: # OPTIONAL, DEFAULT empty
+            # Xebis GitHub Semantic Release https://github.com/apps/xebis-github-semantic-release
+          - actor_id: 1527160 # REQUIRED, VALUE The ID of the actor
+            actor_type: Integration # REQUIRED, VALUES RepositoryRole, Team, Integration, OR OrganizationAdmin
+            bypass_mode: always # REQUIRED, VALUES always or pull_request
         conditions: # OPTIONAL, DEFAULT empty
           ref_name:
-            include: # OPTIONAL, DEFAULT empty, VALUE array of ref names or patterns to include, special values ~ALL and ~DEFAULT_BRANCH also accepted
+            include: # OPTIONAL, DEFAULT empty, VALUE array of ref names or patterns to include, SPECIAL VALUES ~ALL and ~DEFAULT_BRANCH also accepted
               - ~DEFAULT_BRANCH
             exclude: # OPTIONAL, DEFAULT empty
         rules:
diff --git a/terraform/main.tf b/terraform/main.tf
index 35f3cbb..c0d183a 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -49,6 +49,16 @@ resource "github_repository_ruleset" "all_repositories" {
   target      = try(each.value.ruleset.target, null)
   enforcement = try(each.value.ruleset.enforcement, null)
 
+  # Bypass actors
+  dynamic "bypass_actors" {
+    for_each = try(each.value.ruleset.bypass_actors, [])
+    content {
+      actor_id    = bypass_actors.value.actor_id
+      actor_type  = bypass_actors.value.actor_type
+      bypass_mode = bypass_actors.value.bypass_mode
+    }
+  }
+
   # Conditions
   dynamic "conditions" {
     for_each = try(length(each.value.ruleset.conditions) > 0 ? [each.value.ruleset.conditions] : [], [])
diff --git a/test.yaml b/test.yaml
index 7f391b1..acd9d37 100644
--- a/test.yaml
+++ b/test.yaml
@@ -8,18 +8,21 @@ organization:
       - name: "Main Branch"
         target: branch
         enforcement: active
+        bypass_actors:
+            # Xebis GitHub Semantic Release https://github.com/apps/xebis-github-semantic-release
+          - actor_id: 1527160
+            actor_type: Integration
+            bypass_mode: always
         conditions:
           ref_name:
             include:
               - ~DEFAULT_BRANCH
         rules:
           creation: true
-          update: true
           deletion: true
           pull_request:
             required_approving_review_count: 0
           required_linear_history: true
-          required_signatures: true
 repositories:
   - name: .github
     # Repository metadata