diff --git a/.github/workflows/delete-review-app.yml b/.github/workflows/delete-review-app.yml
deleted file mode 100644
index 39b2535bd..000000000
--- a/.github/workflows/delete-review-app.yml
+++ /dev/null
@@ -1,80 +0,0 @@
-name: Delete Review App
-
-on:
-  pull_request:
-    types: [closed]
-    branches: [main]
-
-jobs:
-  delete-review-app:
-    name: Delete Review App ${{ github.event.pull_request.number }}
-    concurrency: deploy_review_${{ github.event.pull_request.number }}
-    if: ${{ contains(github.event.pull_request.labels.*.name, 'deploy') }}
-    runs-on: ubuntu-latest
-    environment: review
-    steps:
-      - uses: actions/checkout@v3
-      - name: Extract configuration from tfvars
-        id: config
-        run: |
-          KEY_VAULT_NAME=$(jq -r '.key_vault_name' $TFVARS)
-          PAAS_SPACE=$(jq -r '.paas_space' $TFVARS)
-          if [ -z "$KEY_VAULT_NAME" ]; then
-            echo "::error ::Failed to extract key_vault_name from $TFVARS"
-            exit 1
-          fi
-          if [ -z "$PAAS_SPACE" ]; then
-            echo "::error ::Failed to extract paas_space from $TFVARS"
-            exit 1
-          fi
-          echo ::set-output name=key_vault_name::$KEY_VAULT_NAME
-          echo ::set-output name=paas_space::$PAAS_SPACE
-        shell: bash
-        env:
-          TFVARS: workspace_variables/review.tfvars.json
-        working-directory: terraform/paas
-
-      - uses: Azure/login@v1
-        with:
-          creds: ${{ secrets.azure_credentials }}
-
-      - uses: Azure/get-keyvault-secrets@v1
-        id: get_secrets
-        with:
-          keyvault: ${{ steps.config.outputs.key_vault_name }}
-          secrets: "TFSTATE-CONTAINER-ACCESS-KEY,PAAS-USER,PAAS-PASSWORD"
-
-      - uses: hashicorp/setup-terraform@v2
-        with:
-          terraform_version: 1.0.10
-          terraform_wrapper: false
-
-      - name: Set Environment variables
-        run: |
-          PR_NUMBER=${{ github.event.pull_request.number }}
-          TF_STATE_FILE=review/review-pr-$PR_NUMBER.tfstate
-          echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_ENV
-          echo "TF_STATE_FILE=$TF_STATE_FILE" >> $GITHUB_ENV
-          pr_state_file=$(az storage blob list -c faltrn-tfstate \
-            --account-key ${{ steps.get_secrets.outputs.TFSTATE-CONTAINER-ACCESS-KEY }} \
-            --account-name "s165d01faltrntfstatedv" \
-            --prefix $TF_STATE_FILE --query "[].name" -o tsv)
-          if [ -n "$pr_state_file" ]; then echo "TF_STATE_EXISTS=true" >> $GITHUB_ENV; fi;
-      - name: Terraform
-        if: env.TF_STATE_EXISTS == 'true'
-        id: terraform
-        run: |
-          make ci review terraform-destroy
-        env:
-          ARM_ACCESS_KEY: ${{ steps.get_secrets.outputs.TFSTATE-CONTAINER-ACCESS-KEY }}
-          TF_VAR_azure_sp_credentials_json: ${{ secrets.azure_credentials }}
-          TF_VAR_flt_docker_image: "ghcr.io/dfe-digital/find-a-lost-trn:no-tag"
-          pr_id: ${{ github.event.pull_request.number }}
-        shell: bash
-
-      - name: Delete tf state file
-        if: env.TF_STATE_EXISTS == 'true'
-        run: |
-          az storage blob delete -c faltrn-tfstate --name ${{ env.TF_STATE_FILE }} \
-          --account-key ${{ steps.get_secrets.outputs.TFSTATE-CONTAINER-ACCESS-KEY }} \
-          --account-name "s165d01faltrntfstatedv"
diff --git a/.github/workflows/deploy_aks.yml b/.github/workflows/deploy.yml
similarity index 100%
rename from .github/workflows/deploy_aks.yml
rename to .github/workflows/deploy.yml
diff --git a/Makefile b/Makefile
index 8bb81e776..bc5736d20 100644
--- a/Makefile
+++ b/Makefile
@@ -125,7 +125,7 @@ terraform-init: bin/terrafile
 	[[ "${SP_AUTH}" != "true" ]] && az account set -s $(AZURE_SUBSCRIPTION) || true
 	./bin/terrafile -p terraform/aks/vendor/modules -f terraform/aks/workspace_variables/$(CONFIG)_Terrafile
 	terraform -chdir=terraform/aks init -backend-config workspace_variables/$(CONFIG).backend.tfvars $(backend_config) -upgrade -reconfigure
-	$(if $(DOCKER_IMAGE), $(eval export TF_VAR_paas_app_docker_image=$(DOCKER_IMAGE)), $(error Missing environment variable "DOCKER_IMAGE"))
+	$(if $(DOCKER_IMAGE), $(eval export TF_VAR_app_docker_image=$(DOCKER_IMAGE)), $(error Missing environment variable "DOCKER_IMAGE"))
 
 terraform-plan: terraform-init
 	terraform -chdir=terraform/aks plan -var-file workspace_variables/$(CONFIG).tfvars.json
diff --git a/README.md b/README.md
index 7b6cac59e..c9290ca79 100644
--- a/README.md
+++ b/README.md
@@ -6,12 +6,12 @@ A service that allows teachers to find their Teacher Reference Number (TRN).
 
 ### Links and application names
 
-| Name       | URL                                               | Deployment | PaaS space       | PaaS application             |
-| ---------- | ------------------------------------------------- | ---------- | ---------------- | ---------------------------- |
-| Production | https://find-a-lost-trn.education.gov.uk/         | Automatic  | `tra-production` | `find-a-lost-trn-production` |
-| Preprod    | https://preprod-find-a-lost-trn.education.gov.uk/ | Automatic  | `tra-test`       | `find-a-lost-trn-preprod`    |
-| Test       | https://test-find-a-lost-trn.education.gov.uk/    | Automatic  | `tra-test`       | `find-a-lost-trn-test`       |
-| Dev        | https://dev-find-a-lost-trn.education.gov.uk/     | Automatic  | `tra-dev`        | `find-a-lost-trn-dev`        |
+| Name          | URL (Frontdoor)                                  | Deployment | AKS namespace     | Ingress URL                                                      |
+| ------------- | ------------------------------------------------ | ---------- | ----------------- | ---------------------------------------------------------------- |
+| Production    | https://find-a-lost-trn.education.gov.uk         | Automatic  | `tra-production`  | https://find-a-lost-trn-production.teacherservices.cloud         |
+| Preproduction | https://preprod.find-a-lost-trn.education.gov.uk | Automatic  | `tra-test`        | https://find-a-lost-trn-preproduction.test.teacherservices.cloud |
+| Test          | https://test.find-a-lost-trn.education.gov.uk    | Automatic  | `tra-test`        | http://find-a-lost-trn-test.test.teacherservices.cloud           |
+| Dev           | https://dev.find-a-lost-trn.education.gov.uk     | Automatic  | `tra-development` | https://find-a-lost-trn-development.test.teacherservices.cloud   |
 
 All environments have continuous deployment, the state of which can be inspected in Github Actions.
 
@@ -59,7 +59,7 @@ You can use this user to test that matching works against the preprod
 ## How the application works
 
 Find a lost TRN is a monolithic Rails app built with the GOVUK Design System and hosted on
-GOVUK PaaS.
+GOVUK AKS.
 
 We keep track of architecture decisions in [Architecture Decision Records
 (ADRs)](/adr/).
diff --git a/adr/00002-use-gov-paas.md b/adr/00002-use-gov-paas.md
deleted file mode 100644
index f8aef8589..000000000
--- a/adr/00002-use-gov-paas.md
+++ /dev/null
@@ -1,22 +0,0 @@
-# 2. Use GOV.UK PaaS
-
-Date: 2022-01-02
-
-## Status
-
-Accepted
-
-## Context
-
-We have two main hosting options for the Find a lost service - GOV PaaS, or Azure CIP
-
-## Decision
-
-We will use the GOV PaaS platform to host the Find a lost TRN web application
-
-## Consequences
-
-- Cloud services are limited to that which are available on the GOV PaaS Platform
-- Cloudfoundry to be used to operate platform
-- AWS Shield ingress protection
-- 24/7 Support available
diff --git a/adr/00007-scheduled-jobs.md b/adr/00007-scheduled-jobs.md
index d0035326a..60232f048 100644
--- a/adr/00007-scheduled-jobs.md
+++ b/adr/00007-scheduled-jobs.md
@@ -19,8 +19,6 @@ We have considered:
 
 Considering the effort to deploy and maintain the infrastructure to run the jobs, we think it's better to use sidekiq/sidekiq_cron.
 
-The clockwork gem requires some workarounds to be able to run on PaaS.
-
 #### Pros
 
 - The sidekiq/sidekiq_cron combination is a proven, stable and scalable combination which can take us all the way to public launch and beyond.
diff --git a/app/views/static/privacy.md b/app/views/static/privacy.md
index b5fef2571..d3cfb95ff 100644
--- a/app/views/static/privacy.md
+++ b/app/views/static/privacy.md
@@ -78,7 +78,7 @@ We also use Google’s G Suite to process some personal data. Google processes y
 
 ### Hosting services
 
-We host our services on GOV.UK PaaS, which encrypts your data to prevent it being accessed by unauthorised people.
+We host our services on AKS which encrypts your data to prevent it being accessed by unauthorised people.
 
 ### Auditors
 
diff --git a/docs/ops-manual.md b/docs/ops-manual.md
index e7565c9fc..966d38f43 100644
--- a/docs/ops-manual.md
+++ b/docs/ops-manual.md
@@ -2,55 +2,19 @@
 
 ## SSHing to a live docker container
 
-To SSH into a container, install the `cloudfoundry-cli`. Example using `asdf`:
-
-```bash
-$ asdf plugin add cf
-$ asdf cf install latest
-$ asdf global cf latest
-$ cf --version
-cf version 8.3.0+e6f8a85.2022-03-11
-```
-
-You'll need a PaaS account that has access to the
-`tra-dev/tra-test/tra-production` space. Sign into your account using SSO:
-
-```bash
-$ cf login -a api.london.cloud.service.gov.uk --sso
-API endpoint: api.london.cloud.service.gov.uk
-
-Temporary Authentication Code ( Get one at https://login.london.cloud.service.gov.uk/passcode ):
-Authenticating...
-OK
+To SSH into a container, install `kubectl`
 
+- Configure the credentials using the `get-cluster-credentials`, within the Teacher-services-cloud repo, run make command. Example:
 
-Targeted org dfe.
-
-Select a space:
-1. sandbox
-2. tra-dev
-3. tra-production
-4. tra-test
-
-Space (enter to skip): 2
-Targeted space tra-dev.
-
-API endpoint:   https://api.london.cloud.service.gov.uk
-API version:    3.112.0
-user:           1XXXXXXXXXXXXXXXXXXXX
-org:            dfe
-space:          tra-dev
 ```
-
-To SSH into the running docker container and go to the app directory:
-
-```bash
-cf ssh find-a-lost-trn-dev
-cd /app
+make test get-cluster-credentials
+make development get-cluster-credentials ENVIRONMENT=cluster1
 ```
 
-**Note**: SSH access is monitored and logged as an event in the Events tab on
-the PaaS website.
+find-a-lost-trn-test-57556754f9-q5mfd
+To SSH into a container, in the test cluster. Example ssh into a container named `find-a-lost-trn-test`, within the pod `find-a-lost-trn-test-57556754f9-q5mfd`:
+
+run `kubectl -n tra-test exec -it find-a-lost-trn-test-57556754f9-q5mfd -c find-a-lost-trn-test -- /bin/sh`
 
 ## Running a Rails console
 
@@ -98,7 +62,7 @@ xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy 'digital.education.gov.uk'
         "tenantId": "xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy"
       }
     ],
-    "name": "s165-teachingqualificationsservice-development",
+    "name": "s189-teacher-services-cloud-test",
     "state": "Enabled",
     "tenantId": "xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy",
     "user": {
diff --git a/docs/technical-architecture.md b/docs/technical-architecture.md
index 737807cfb..7ee7a67e1 100644
--- a/docs/technical-architecture.md
+++ b/docs/technical-architecture.md
@@ -4,7 +4,7 @@
 
 The Find a lost TRN service is a public facing web application that allows its users to retrieve their TRN by supplying personal information. It works by querying the DQT API with the supplied details, and returning them to the user. As a fallback, if the DQT API is unavailable, the Find a lost TRN service will create a ticket in a Zendesk system that the supporting team will then pick up, and handle manually.
 
-The web primary web application in hosted in GOV.UK PaaS, uses a Postgres database for persistence and a Redis instance for retry logic for deferred executions of tasks.
+The web primary web application in hosted in AKS, uses a Postgres database for persistence and a Redis instance for retry logic for deferred executions of tasks.
 
 ## Architecture Diagram
 
diff --git a/terraform/aks/application.tf b/terraform/aks/application.tf
index 8dd5acae8..f42e8d829 100644
--- a/terraform/aks/application.tf
+++ b/terraform/aks/application.tf
@@ -21,7 +21,7 @@ module "web_application" {
   kubernetes_config_map_name = module.application_configuration.kubernetes_config_map_name
   kubernetes_secret_name     = module.application_configuration.kubernetes_secret_name
 
-  docker_image           = var.paas_app_docker_image
+  docker_image           = var.app_docker_image
   max_memory             = var.memory_max
   replicas               = var.replicas
   web_external_hostnames = var.gov_uk_host_names
@@ -52,7 +52,7 @@ module "worker_application" {
   cluster_configuration_map  = module.cluster_data.configuration_map
   kubernetes_config_map_name = module.application_configuration.kubernetes_config_map_name
   kubernetes_secret_name     = module.application_configuration.kubernetes_secret_name
-  docker_image               = var.paas_app_docker_image
+  docker_image               = var.app_docker_image
   command                    = ["bundle", "exec", "sidekiq", "-C", "./config/sidekiq.yml"]
   probe_command              = ["pgrep", "-f", "sidekiq"]
   max_memory                 = var.worker_memory_max
diff --git a/terraform/aks/variables.tf b/terraform/aks/variables.tf
index f5891e975..326fbea36 100644
--- a/terraform/aks/variables.tf
+++ b/terraform/aks/variables.tf
@@ -83,9 +83,8 @@ variable "gov_uk_host_names" {
   type    = list(any)
 }
 
-# PaaS variables
-variable "paas_app_docker_image" {
-  description = "PaaS image name and version "
+variable "app_docker_image" {
+  description = "image name and version "
 }
 
 variable "deploy_redis" {