diff --git a/.gitignore b/.gitignore
index 4456e150..dc61568e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,9 @@
 # Ignore bundler config
 /.bundle
 
+# bundled gems
+/vendor
+
 # Ignore cache
 /.sass-cache
 /.cache
diff --git a/README.md b/README.md
index 399738b5..b618f5ce 100644
--- a/README.md
+++ b/README.md
@@ -4,22 +4,11 @@ How we build and operate products at the Department for Education. This repo
 is inspired by (and steals shamelessly from) the [GDS Way](https://gds-way.cloudapps.digital) and the
 [Ministry of Justice Technical Guidance](https://ministryofjustice.github.io/technical-guidance/#moj-technical-guidance).
 
-It's built using the GOV.UK [tech-docs-template](https://github.com/alphagov/tech-docs-template), and hosted on [GOV.UK PaaS][].
+It's built using the GOV.UK [tech-docs-template](https://github.com/alphagov/tech-docs-template).
 
 ## Add a new guidance
 See the [Adding a new guidance][/guides/adding-new-guidance] section.
 
-## GOV.UK PaaS set-up
-The application is called `dfe-technical-guidance` and is supported by the [Staticfile buildpack][] . It is deployed in the space
-`technical-architecture`, in the `dfe` organisation.
-
-The custom domain, SSL certificate and CDN are provided by the `technical-guidance` [cdn-route][] service.
-
-The deploy workflow connects to paas using service account technical-architecture-paas@digital.education.gov.uk (a Google group).
-
-The review apps are deployed to the `technical-architecture-dev` space and their name is suffixed by the PR number. There is no
-cdn-route service, we simply use the default `.london.cloudapps.digital` domain.
-
 ## Licence
 
 The documentation is [© Crown copyright][copyright] and available under the terms of the [Open Government 3.0][ogl] licence.
@@ -29,7 +18,6 @@ The documentation is [© Crown copyright][copyright] and available under the ter
 [mit]: LICENCE
 [copyright]: http://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/
 [ogl]: http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/
-[GOV.UK PaaS]: https://www.cloud.service.gov.uk/
 [Staticfile buildpack]: https://docs.cloudfoundry.org/buildpacks/staticfile/index.html
 [cdn-route]: https://docs.cloud.service.gov.uk/deploying_services/use_a_custom_domain/#managing-custom-domains-using-the-cdn-route-service
 [govuk-tech-docs gem]: https://github.com/alphagov/tech-docs-gem
diff --git a/data/site.json b/data/site.json
index 5a3d1371..e5d964cd 100644
--- a/data/site.json
+++ b/data/site.json
@@ -1,6 +1,4 @@
 {
   "digital_tools": "/infrastructure/support/#digital-tools-support",
-  "gov_uk_paas": "/infrastructure/hosting/govuk-paas/",
   "service_portal": "/infrastructure/support/#access-to-service-portal",
-  "gov_uk_paas_decommission": "GOV.UK PaaS will be decommissioned at the end of 2023, no new service should be built using it. It is still available for running existing services and creating prototypes."
 }
diff --git a/source/guides/adding-new-guidance/index.html.md.erb b/source/guides/adding-new-guidance/index.html.md.erb
index d3376d15..e665e646 100644
--- a/source/guides/adding-new-guidance/index.html.md.erb
+++ b/source/guides/adding-new-guidance/index.html.md.erb
@@ -16,11 +16,11 @@ Note that review apps only worked for pull requests raised in the original repos
 Make sure to make changes in a branch. Every change should be reviewed in a pull request, no matter how minor, and we've enabled
 [branch protection](https://help.github.com/articles/about-protected-branches/) to enforce this.
 
-Once the pull request is merged, the deploy Github action workflow runs the build and pushes the static site to GOV.UK PaaS.
+Once the pull request is merged, the deploy Github action workflow runs the build and pushes the static site to AKS.
 
 ## Review apps
 Every pull request builds a separate _review app_. It is a unique version of the documentation implementing the changes from
-the pull request and pushed to GOV.UK PaaS with a unique URL so it can be shared and peer reviewed. The URL is posted in a
+the pull request and pushed to AKS with a unique URL so it can be shared and peer reviewed. The URL is posted in a
 comment on the pull request.
 
 Any change to the branch is automatically pushed to the review app after a few minutes.
@@ -31,8 +31,6 @@ When the pull request is closed or merged, the review app is deleted.
 In the [DfE Digital technology guidance repository](https://github.com/DFE-Digital/technology-guidance), in the `source` directory, create a
 subdirectory representing the name of the guidance.
 
-For example: `source/guides/govuk-paas`.
-
 Inside the new directory, create an `index.html.md.erb` file following this pattern:
 
 ```markdown
diff --git a/source/guides/continuous-delivery/index.html.md.erb b/source/guides/continuous-delivery/index.html.md.erb
index c29c1081..0550e2ce 100644
--- a/source/guides/continuous-delivery/index.html.md.erb
+++ b/source/guides/continuous-delivery/index.html.md.erb
@@ -42,7 +42,7 @@ The live application or website should always be up and running and should never
 1. **Unit and linting tests** are usually run by the developers manually and by the automated workflow when they push a branch. They allow testing a new feature in isolation, but also in integration with other features or different dataset.
 1. **Security tests** check there are no known vulnerabilities in the produced code or image
 1. **Smoke tests**, **integration tests**, **acceptance tests** validate the application in a production-like environment to iron out issues with the environment, data or dependencies. A staging or pre-production environment with the same configuration as production may be used. The data may refreshed daily with sanitised production data.
-1. When a new version of the code is deployed to production, there should be **zero downtime** and it should be transparent to end users. Blue-green, rolling or canary deployments may be used. We typically use the blue-green deployment on GOV.UK PaaS and deployment slot swap on Azure.
+1. When a new version of the code is deployed to production, there should be **zero downtime** and it should be transparent to end users. Blue-green, rolling or canary deployments may be used. We typically use the rolling deployment on kubernetes and deployment slot swap on Azure.
 1. **Monitoring** should run continuously to check the production application health. [StatusCake](https://www.statuscake.com/) or [Azure ping tests](https://docs.microsoft.com/en-us/azure/azure-monitor/app/monitor-web-app-availability) are used for simple and fast pings. Smoke tests may also validate the business logic, as implemented in Teaching vacancies via Github actions.
 
 ## Repeatability
diff --git a/source/guides/default-technology-stack/index.html.md.erb b/source/guides/default-technology-stack/index.html.md.erb
index ec35f17d..db386d48 100644
--- a/source/guides/default-technology-stack/index.html.md.erb
+++ b/source/guides/default-technology-stack/index.html.md.erb
@@ -43,16 +43,6 @@ For more information about CIP and the onboarding process of services and users
 
 Community support for Azure use in general can also be gained from the community in the [#cloud-platform Slack channel](https://ukgovernmentdfe.slack.com/app_redirect?channel=C7L4D0LM9).
 
-### GOV.UK Platform as a Service
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-We also offer _GOV.UK Platform as a Service_ (GOV.UK PaaS) for applications requiring less customisation than provided by a full
-infrastructure-as-a-service platform such as Azure. It is suitable for web services following typical GOV.UK patterns and allows for
-rapid deployment without requiring technical expertise.
-
-For more details please refer to the [GOV.UK Platform as a Service](<%= data.site.gov_uk_paas%>)
-
 ### Infrastructure as code
 
 DfE uses [Terraform](https://www.terraform.io/) and [Azure Resource Manager (ARM)](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates) templates for automating and scripting Azure infrastructure creation and changes.
diff --git a/source/guides/technology-documentation-sites/index.html.md.erb b/source/guides/technology-documentation-sites/index.html.md.erb
index ae4d4dbc..a30624f0 100644
--- a/source/guides/technology-documentation-sites/index.html.md.erb
+++ b/source/guides/technology-documentation-sites/index.html.md.erb
@@ -33,7 +33,7 @@ For further guidance on the C4 model, visit [here](https://c4model.com/).
 
 ## Adding C4 generation to the Tech Docs template
 
-**Prerequisites:** you have some C4 diagrams-as-code ready to publish, and your technical documentation site is already using GitHub Actions to publish to GOV.UK PaaS.
+**Prerequisites:** you have some C4 diagrams-as-code ready to publish, and your technical documentation site is already using GitHub Actions to publish to AKS.
 
 The [structurizr.com](https://structurizr.com/) website provides a SaaS offering to generate diagrams from this code. There is a Free Tier Cloud offering available which allows for one workspace to be created ([feature comparison](https://structurizr.com/products)).
 
diff --git a/source/infrastructure/dev-tools/index.html.md.erb b/source/infrastructure/dev-tools/index.html.md.erb
index 33636413..a88b86dd 100644
--- a/source/infrastructure/dev-tools/index.html.md.erb
+++ b/source/infrastructure/dev-tools/index.html.md.erb
@@ -14,11 +14,6 @@ The Azure Command-Line Interface (CLI) is a cross-platform command-line tool to
 
 [How to Install the Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
 
-## Cloud Foundry CLI
-Cloud Foundry is an open source cloud computing platform. It is the platform the [UK Gov PaaS](https://www.cloud.service.gov.uk/) is delivered on.
-
-[GOV.UK PaaS Getting Started (Cloud Foundry)](https://docs.cloud.service.gov.uk/get_started.html)
-
 ## GIT
 Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
 
diff --git a/source/infrastructure/disaster-recovery/index.html.md.erb b/source/infrastructure/disaster-recovery/index.html.md.erb
index 4c7f020d..8b285c28 100644
--- a/source/infrastructure/disaster-recovery/index.html.md.erb
+++ b/source/infrastructure/disaster-recovery/index.html.md.erb
@@ -26,8 +26,8 @@ The application may crash because of a bug, memory leak, high utilisation…
 |-|-|
 |Impact|It may or may not impact end users as a service may deploy multiple application instances.|
 |Prevention|Crashes may happen because of high memory, CPU or disk usage. These metrics should be monitored and notify in advance to avoid the crash entirely.|
-|Detection|Endpoint monitoring like `StatusCake` would notify of a total outage impacting users, if the whole application crashes. An application _instance_ crash may be reported by monitoring.<br/>In the case of GOV.UK PaaS, the Prometheus metric `crash` increases if an instance crashes.|
-|Remediation|The quickest action is to roll back the problematic change or roll forward with a fix. Ideally the platform detects a failing application and restarts it.<br/>For example GOV.UK PaaS detects the failure by running frequent healthchecks. Then it deploys a new container and kills the failed one.<br/>If there is no such feature, the application may be restarted manually. If the restart doesn't work, the application and infrastructure must be investigated manually.|
+|Detection|Endpoint monitoring like `StatusCake` would notify of a total outage impacting users, if the whole application crashes. An application _instance_ crash may be reported by monitoring.|
+|Remediation|The quickest action is to roll back the problematic change or roll forward with a fix. Ideally the platform detects a failing application and restarts it.<br/>For example kubernetes detects the failure by running frequent healthchecks. Then it deploys a new container and kills the failed one.<br/>If there is no such feature, the application may be restarted manually. If the restart doesn't work, the application and infrastructure must be investigated manually.|
 
 ## Data corruption
 The data in the database is corrupted because of a bug, human error, malicious activity… and cannot be recovered.
@@ -35,12 +35,12 @@ The data in the database is corrupted because of a bug, human error, malicious a
 |||
 |-|-|
 |Impact|Some data may be lost, updated with incorrect value or may be presented to the wrong users.|
-|Prevention|GOV.UK PaaS keeps backups of the database and transaction logs. We can recreate the database with daily or point-in-time (1s resolution) backup|
+|Prevention|Azure postgres keeps backups of the database and transaction logs. We can recreate the database with daily or point-in-time (1s resolution) backup|
 |Detection|Smoke tests may detect corruptions in some critical data.|
 |Remediation|Access to the service should be stopped immediately.<br/>The data may be fixed manually if the change is simple. If the change is complex or if we don't know the extent of the issue, it may be necessary to recover the database from a backup whether daily, hourly or point-in-time using transaction logs.<br/>[Restore database](https://docs.cloud.service.gov.uk/deploying_services/postgresql/#postgresql-service-backup) with latest snapshot or point in time|
 
 ## Loss of database instance
-It is possible to lose the database instance and the associated backups. For example, if a database service is deleted from GOV.UK PaaS, in case of human or automation error, the whole instance is deleted, including its backups.
+It is possible to lose the database instance and the associated backups. For example, if the database server is deleted from Azure, in case of human or automation error, the whole instance is deleted, including its backups.
 
 |||
 |-|-|
@@ -50,12 +50,12 @@ It is possible to lose the database instance and the associated backups. For exa
 |Remediation|Restore database from external daily or most recent backup|
 
 ## Loss of Azure/AWS availability zone
-We deploy to PaaS London region which has 3 separate availability zones (AZ). It may happen that one of them is unavailable: either network, compute or storage services are affected.
+We deploy to the UK South or West Europe regions which have 3 separate availability zones (AZ). It may happen that one of them is unavailable: either network, compute or storage services are affected.
 
 |||
 |-|-|
 |Impact|Applications may be slow or unavailable|
-|Prevention|Applications should be built with failure in mind: deploy multiple application instances and deploy databases in cluster mode. Spread them across multiple AZs for high availability.<br/>GOV.UK PaaS is PaaS is spread across 3 AZs. Scale applications to more than 1 instance and choose `HA` database plans.|
+|Prevention|Applications should be built with failure in mind: deploy multiple application instances and deploy databases in cluster mode. Spread them across multiple AZs for high availability.<br/>Our AKS clusters are spread across 3 AZs. Scale applications to more than 1 replicas and enable zone redundancy.|
 |Detection|Endpoint monitoring checking for uptime and response time|
 |Remediation|If not handled automatically by the platform, redeploy applications and fail over clusters|
 
@@ -69,17 +69,7 @@ In some rare cases, an entire region might become unavailable.
 |Detection|Endpoint monitoring checking for uptime|
 |Remediation|Start services in backup region, trigger DNS failover|
 
-## GOV.UK PaaS unavailable
-When our services are on GOV.UK PaaS, any problem with platform may impact us. See [GOV.UK PaaS Support](<%= data.site.gov_uk_paas%>overview/#platform-support).
-
-|||
-|-|-|
-|Impact|Services may be slow or unavailable. Or the service may be available but operations and deployments are broken.|
-|Prevention|For critical applications, it is possible to deploy to 2 different regions (London and Ireland), synchronise the data, configure a DNS based failover or GSLB. We don’t usually protect against this risk as it is not worth the complexity of the required set-up.|
-|Detection|Endpoint monitoring checking for uptime|
-|Remediation|Start services in backup region, trigger DNS failover|
-
-## Azure issues impacting GOV.UK PaaS
+## Azure issues impacting delivery
 We often rely on Azure for:
 
 - Terraform state in Azure Storage
@@ -99,7 +89,7 @@ An attacker may send a high number of requests to overload the service and make
 |||
 |-|-|
 |Impact|The service is unavailable or slow for users|
-|Prevention|Every property in Azure is protected by [Azure's infrastructure DDoS (Basic) Protection](https://docs.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview).<br/>All apps on GOV.UK PaaS using a [custom domain](https://docs.cloud.service.gov.uk/deploying_services/use_a_custom_domain/) are protected by [AWS Shield Standard](https://aws.amazon.com/shield/features/)<br/>Depending on the criticality of the service, it is possible to use Azure DDoS Protection Standard instead.|
+|Prevention|Every resource in Azure is protected by [Azure's infrastructure DDoS (Basic) Protection](https://docs.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview)<br/>Depending on the criticality of the service, it is possible to use Azure DDoS Protection Standard instead.|
 |Detection|Endpoint monitoring checking for uptime and response time|
 |Remediation|Protection measures are triggered automatically. It is also possible to analyse the traffic pattern and change the application accordingly.|
 
@@ -110,13 +100,13 @@ A malicious actor steals credentials or an ex employee still has working credent
 |-|-|
 |Impact|They may break the app, read or change confidential data|
 |Prevention|Separate production environment and tighten security. Non production environments should only hold test or anonymised data.<br/>Revoke access every day or use [Azure PIM](https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure) to give users temporary access. Make sure the offboarding process is followed. Use single-sign-on and 2FA when possible.<br/>Do not give databases a public IP.|
-|Detection|Azure audit logs, GOV.UK PaaS audit log|
+|Detection|Azure audit logs|
 |Remediation|Revoke access of the suspicious user, investigate their actions<br/>Rotate secrets they may know and possibly restore the database to a known good state.|
 
 ## Disclosure of secrets
 Different kind of sensitive information may be posted online accidentally by a developer. On a website like [pastebin](https://pastebin.com/) or committed to a GitHub public repository. Examples:
 
-- _Deployment secrets_ like GOV.UK PaaS credentials, AWS API key
+- _Deployment secrets_ like AWS API key
 - _Application secrets_ like Google API key
 - _Application data_ like a database dump
 
@@ -134,7 +124,7 @@ Each service must have a valid SSL certificate otherwise clients cannot connect.
 |||
 |-|-|
 |Impact|Users can't access the website. Or they may ignore browser warnings and could then be tricked into a malicious website.|
-|Prevention|Set up auto renewal of certificates stored in [Azure Key Vault](https://docs.microsoft.com/en-us/azure/key-vault/certificates/tutorial-rotate-certificates). Services on PaaS are configured with a custom domain which generates a certificate and renews it automatically. If not auto renewed, set up monitoring of expiry date. Certficates created on DfE's Globalsign are monitored by Operations and owners receive notifications.|
+|Prevention|Set up auto renewal of certificates stored in [Azure Key Vault](https://docs.microsoft.com/en-us/azure/key-vault/certificates/tutorial-rotate-certificates). Services using Azure front door are configured with a custom domain which generates a certificate and renews it automatically. If not auto renewed, set up monitoring of expiry date. Certficates created on DfE's Globalsign are monitored by Operations and owners receive notifications.|
 |Detection|Email from Operations or notification from monitoring|
 |Remediation|If not auto renewed, issue a new DigiCert certificate and install it on the website|
 
@@ -144,7 +134,7 @@ A sudden spike in user traffic due to an announcement, a product launch or a coi
 |||
 |-|-|
 |Impact|The system is slow or unresponsive|
-|Prevention|Set up response time monitoring.<br/>Run load testing to determine bottlenecks and know how to scale up.<br/>Use CDN for web page caching and internal caching like Redis or Memcached. On GOV.UK PaaS, serve web assets (javascript, CSS...) without [forwarding any header](https://docs.cloud.service.gov.uk/deploying_services/use_a_custom_domain/#forwarding-headers) to optimise caching.|
+|Prevention|Set up response time monitoring.<br/>Run load testing to determine bottlenecks and know how to scale up.<br/>Use CDN for web page caching and internal caching like Redis or Memcached.|
 |Detection|Alert from response time monitoring, high CPU or memory usage, instances crashing|
 |Remediation|Scale applications and services horizontally and vertically<br/>Disable expensive features|
 
@@ -165,7 +155,7 @@ A sudden spike in user traffic due to an announcement, a product launch or a coi
 |-|-|
 |Impact|Users are not impacted, but we would not be able to deploy via automation|
 |Prevention|Plan to be able to deploy manually. Have DockerHub or Azure container registry ready as backup registry.|
-|Detection|[GitHub status page](https://www.githubstatus.com/). Updates are posted to the #govuk-paas Slack channel.<br/>Notification of pipeline failures|
+|Detection|[GitHub status page](https://www.githubstatus.com/)|
 |Remediation|Build and deploy manually|
 
 ## DockerHub
diff --git a/source/infrastructure/hosting/azure-cip/index.html.md.erb b/source/infrastructure/hosting/azure-cip/index.html.md.erb
index 41001966..9706f9b6 100644
--- a/source/infrastructure/hosting/azure-cip/index.html.md.erb
+++ b/source/infrastructure/hosting/azure-cip/index.html.md.erb
@@ -10,8 +10,6 @@ It provides preconfigured [Azure](https://azure.microsoft.com/) subscriptions in
 
 It provides access to most Azure resources including App Services, Container Instances, Virtual Networks, managed databases, Front Door, Key Vault, storage accounts, etc.
 
-It can be used for any workload, especially ones which don’t fit on [GOV.UK PaaS](<%= data.site.gov_uk_paas%>). It can also be used alongside GOV.UK PaaS to complement it. For example: to store secrets, Terraform state, backups, etc.
-
 Portal: [https://portal.azure.com/](https://portal.azure.com/)
 
 ## Platform documentation
diff --git a/source/infrastructure/hosting/govuk-paas/index.html.md.erb b/source/infrastructure/hosting/govuk-paas/index.html.md.erb
deleted file mode 100644
index e18deada..00000000
--- a/source/infrastructure/hosting/govuk-paas/index.html.md.erb
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: GOV.UK Platform-as-a-Service
-old_paths:
-- /documentation/guides/govuk-paas.html
-- /guides/govuk-paas/index.html
----
-
-# <%= current_page.data.title %>
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-GOV.UK Platform as a Service (PaaS) is a platform developed by [Government Digital Service (GDS)](https://www.gov.uk/government/organisations/government-digital-service)
-and available for government departments to deploy applications and backend services. It is based on the widely used open source platform
-[Cloud Foundry](https://www.cloudfoundry.org/) and built on [Amazon Web Services](https://aws.amazon.com/).
-
-Many DfE production applications run on GOV.UK PaaS like [Teaching Vacancies](https://teaching-vacancies.service.gov.uk/),
-[Get into teaching](https://getintoteaching.education.gov.uk/) or [Get help with tech](https://get-help-with-tech.education.gov.uk/).
-
-- Learn more about GOV.UK PaaS: [Overview](overview/)
-- Learn about the tooling around GOV.UK PaaS: [Tooling](tooling/)
-- Get your service ready for production: [Production](production/)
diff --git a/source/infrastructure/hosting/govuk-paas/overview/govuk-paas-customer-journey.html.md.erb b/source/infrastructure/hosting/govuk-paas/overview/govuk-paas-customer-journey.html.md.erb
deleted file mode 100644
index 5667299b..00000000
--- a/source/infrastructure/hosting/govuk-paas/overview/govuk-paas-customer-journey.html.md.erb
+++ /dev/null
@@ -1,11 +0,0 @@
----
-title: Gov UK PaaS Customer Journey Map
-hide_in_navigation: true
----
-[Back to GOV.UK PaaS overview](/infrastructure/hosting/govuk-paas/overview/)
-
-# <%= current_page.data.title %>
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-<%= link_to image_tag('cust-journey-map.png', alt: 'Gov UK PaaS Customer Journey Map'), '/images/cust-journey-map.png' %>
diff --git a/source/infrastructure/hosting/govuk-paas/overview/govuk-paas-suitability.html.md.erb b/source/infrastructure/hosting/govuk-paas/overview/govuk-paas-suitability.html.md.erb
deleted file mode 100644
index 1f9e7bd5..00000000
--- a/source/infrastructure/hosting/govuk-paas/overview/govuk-paas-suitability.html.md.erb
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: PaaS Suitability Matrix vs Azure CIP
-hide_in_navigation: true
----
-[Back to GOV.UK PaaS overview](/infrastructure/hosting/govuk-paas/overview/)
-
-# <%= current_page.data.title %>
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-| Feature  | Azure  | Gov UK PaaS |
-| :---         | :---         | :---         |
-| Service Management Cost   | Strictly the Azure costs, paid centrally at the moment, (moving to a model where teams pay for it)  | 10% on top of AWS costs and the teams pay for it    |
-| Need for DevOps/Infra Ops engineers    | Yes       | Dependent (e.g. need for ad-hoc basis for such as High availability configuration and similar examples)      |
-| Disaster Recovery and Load Balancing    | Yes, configurable       | Yes, but not configurable at a low level      |
-| Auto and horizontal scaling    | Yes, configurable       | Yes, configurable      |
-| Rapid deployment    | Yes       | Yes      |
-| Nature of Ecosystem    | IaaS and PaaS       | PaaS only      |
-| Compliance with DfE Standards    | Yes       | Yes      |
-| Public facing type apps/services    | Configurable       | Configurable     |
-| Lightweight Apps    | Acceptable       | Suited (Time to market)     |
-| Time-Bound Prototyping    | Acceptable       | Suited (Time to market)      |
-| OTS Platform Security    | Good, via security rules       | Good, built in the platform      |
-| Areas of Operation    | Full technical stack       | PaaS only      |
-| GitHub Integration    | Configured by service       | Configured by service      |
-| Platform design lends itself to loosley coupled applications | Nothing preventing it       | Yes      |
-| Containerised App Deployment  | Configurable       | Suited      |
-| Multi-region    | Single, West-Europe (Netherlands)       | Yes, IRE and London      |
-| Developer Self-Service Model    | No       | Yes      |
-| Containers    | Yes       | Yes      |
-| Serverless Compute    | Yes       | No      |
-| Languages Supported    | .Net, JavaScript, Java, PHP, Python, Ruby, Docker + others       | Java, .NET on Windows, .NET Core, Node.js, Go, PHP, Python, Ruby, HTML, Docker Images (currently recommended; that would allow any language)      |
-| Command Execution    | API, CLI, Portal, Powershell       | Portal, CLI, Terraform, API directly      |
-| Docker Run Time Environment    | Yes       | Yes      |
-| Docker Image Registery    | Yes       | No      |
-| IaaC    | Yes       | Yes      |
-| Open Source    | Varied       | Yes, via CloudFoundry      |
-| Technology Supplier    | CIPS       | GDS      |
-| Vendor Maturity    | Very High       | Very High      |
-| RBAC Management    | Excellent       | Excellent      |
-| Enforced User Security Policies    | Yes       | No      |
-| Enforced Platform Security    | Yes       | Yes      |
-| Aligned to Twelve Factor Principles    | Not specfically       | Yes      |
-| Provision and Remove Environments    | Laboured       | Fast      |
-| Commercial Support    | Microsoft, Bytes       | GDS      |
-| Community Support    | CIPS, Azure community       | GDS, Cloudfoundry, Cross-Government       |
-| Charging Granularity    | Minute (Azure)       | Hour (via Marketplace)      |
-| Time to Provision    | Days / weeks       | Hours / days      |
-| Event Auditing    | Very Strong       | Strong      |
-| Smaller sized applications/services for iterative development    | Configurable       | Suited      |
-| Monitoring Solution   | Yes       | Limited via Portal (Additional tools are pluggable)       |
-| Deployed by buildpacks/docker    | Yes       | Yes      |
-| Accessible via HTTP or TCP    | Yes       | Yes      |
-| Service Overhead Cost Model    | Complex       | Simplified (10% blanket fee)      |
-| Support Time Coverage    | 24/7       | 24/7      |
-| Support Contact     | Mon-Fri 9am-5pm excluding Bank Holidays       | Mon-Fri 9am-5pm excluding Bank Holidays      |
-| Incident Management Hierarchy    | P1 Critical, P2 Major, P3 Significant, P4 Minor        | P1 Critical, P2 Major, P3 Significant, P4 Minor       |
diff --git a/source/infrastructure/hosting/govuk-paas/overview/index.html.md.erb b/source/infrastructure/hosting/govuk-paas/overview/index.html.md.erb
deleted file mode 100644
index c8506830..00000000
--- a/source/infrastructure/hosting/govuk-paas/overview/index.html.md.erb
+++ /dev/null
@@ -1,251 +0,0 @@
----
-title: Overview
-weight: 10
-old_paths:
-- /guides/govuk-paas/overview/index.html
-- /guides/govuk-paas/getting-started/index.html
----
-
-# <%= current_page.data.title %>
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-<%= partial('partials/page_toc') %>
-
-## Podcast
-
-For an overview of GOV.UK PaaS and how it is used in Government, head over to the
-[GDS podcast](https://gds.blog.gov.uk/2021/03/31/podcast-gov-uk-platform-as-a-service/).
-
-## Suitability
-
-[Azure CIP](/infrastructure/hosting/azure-cip/) is the traditional platform for hosting services in DfE. When does it make sense to use GOV.UK PaaS?
-
-### Standard web applications
-
-GOV.UK PaaS runs applications in horizontally scalable, stateless Linux containers. It is not adapted to large stateful enterprise applications.
-
-It is mainly aimed at [12-factor applications](https://docs.cloud.service.gov.uk/architecture.html#12-factor-application-principles), which is a set of
-good practices for web applications to ensure smooth operations, scalability and consistency across environments. The service manual
-[recommends](https://www.gov.uk/service-manual/technology/deploying-software-regularly#managing-variable-configuration) this architecture.
-
-Native Windows applications will not run. However, .NET Core is supported as it runs on Linux.
-
-### Rapid development
-
-The traditional Azure platform may require specialised engineers and more time to set up and manage. GOV.UK PaaS provides the
-ability to spin environments up/down without infrastructure expertise, enabling prototyping and fast iteration, which is particularly useful in
-Discovery and Alpha. Some teams use [Heroku](https://heroku.com/) to deploy a prototype quickly. GOV.UK PaaS provides similar features but government
-hosted and cheaper.
-
-Also, it allows short lived environments created for the unique purpose of validating a new feature, similar to
-[Heroku review apps](https://devcenter.heroku.com/articles/github-integration-review-apps). This allows for ephemeral/temporary environments to be
-created and disposed "on the fly" and removes the contention usually observed when sharing environments.
-
-### Low cost
-
-GOV.UK PaaS is particularly adapted to services with budget constraints as total cost is lower than full IaaS. Cost of hosting is usually lower than
-Azure but most of the savings will come from the lower dependency on dedicated infrastructure engineers.
-
-Specialist engineers may still be requested on an ad hoc basis for guidance and to make sure the application is production ready.
-
-### Simple infrastructure
-
-Setting up a web application in the cloud involves a significant number of non-functional requirements such as providing internet access, container
-scheduling, load balancing, scalability, monitoring, user access management, billing etc. A platform-as-a-service
-[includes them already](https://docs.cloudfoundry.org/concepts/overview.html) so the developer doesn't have to implement them.
-
-As a result, setting up an application does not require full time infrastructure specialists or ops engineers. However, the set-up is limited to what
-is available in the platform: see [application development](https://www.cloud.service.gov.uk/application-development/) and
-[constraints](https://www.cloud.service.gov.uk/constraints/).
-
-A limited number of [backing services](https://www.cloud.service.gov.uk/application-development/#backing-services) are provided: PostgreSQL, MySQL,
-Redis, Elasticsearch, AWS S3, and InfluxDB. They run in the platform and cannot be accessed externally but can be easily linked to your application in
-a GOV.UK PaaS container.
-
-Application logs and performance metrics are [available in the platform](https://docs.cloud.service.gov.uk/monitoring_apps.html#monitoring-apps) in
-standard format and can be accessed manually, via the web portal or via external tools. The platform itself doesn't provide log storage or custom
-visualisations.
-
-### Security: Up to OFFICIAL data
-
-The platform is [assured for use at OFFICIAL](https://www.cloud.service.gov.uk/security/#our-safety-measures). As the data owner for a service
-[you must ensure that appropriate controls are in place when handling Official data](https://www.gov.uk/guidance/official-sensitive-data-and-it).
-
-The platform is multi tenant: the resources are shared between different users and each one has dedicated access to the resources, with clear access
-control policies. Users are other government departments. Some very specific applications might require total isolation which the platform does not
-provide.
-
-### Connectivity: Internet only
-
-The platform runs in a public cloud: inbound and outbound connections are exclusively via public Internet. Traditional network based security via
-dedicated network links, VPN, IP restrictions cannot be used.
-
-Instead, transport security is achieved by using HTTPS/TLS and authentication via username/password or a single-sign-on integration such as with
-OAuth or SAML (DfE Sign-in is supported), or several types of API authentication. This is handled at the application level. This is a "cloud first"
-approach as specified in the Technology Code of Practice.
-
-### Suitability Matrix
-
-To review the comparison of features and capabilities of both Azure platforms and Gov UK PaaS, see the
-[Suitability Matrix](govuk-paas-suitability.html).
-
-### Customer Journey Map
-
-To review the Customer Journey Map which highlights the high-level key stages of discovery, review, approval and deployment etc, see the
-[customer journey map](govuk-paas-customer-journey.html).
-
-## Organisations and spaces
-To separate users, applications, services and ultimately costs, GOV.UK PaaS provides organisations and spaces. See the
-[organisations documentation](https://docs.cloud.service.gov.uk/orgs_spaces_users.html#managing-organisations-spaces-and-users) and
-[Cloud foundry documentation](https://docs.cloudfoundry.org/concepts/orgs-and-spaces.html).
-
-<%= image_tag('orgs_and_spaces.svg', alt: 'Org and spaces in DfE') %>
-
-### Organisations
-DfE manages a GOV.UK PaaS organisation called `dfe`.
-
-### Spaces
-Developers in each service should have a space to push apps and services. Each space represents one or more environments for a service. For example,
-service "abcd" may own spaces "abcd-dev", "abcd-staging", "abcd-production". Naming of spaces is not mandated but must be explicit. It normally
-follows:
-
-"[service name or group of services]-[environment or group of environments]" (see above diagram for examples)
-
-Each space may have a different set of user permissions as developers in mature teams should not be able to push to production manually, unless
-explicitly given permission to. Ideally only CI/CD systems should be able to make changes in production. Developers in a service don't have access to
-another service’s applications, unless explicitly given permission.
-
-A service may have multiple spaces and spaces may have multiple environments. For example the "production" space may have the _production_ and _preproduction_ environments, while the "dev" space may have _dev_, _qa_, _research_ and any temporary development environments.
-### Management
-Management of the platform is done by GDS. Management of the DfE resources is done by the Infrastructure operations team:
-
-* Create/Delete spaces
-* Add/Remove users to the platform
-* Set users roles on spaces
-* Designate "space manager" users who are responsible for adding/removing users to their spaces
-* Designate "billing manager" users who are responsible for the spaces bills
-* Invoice the finance team responsible for each space
-* Create DNS domains
-
-Requests are made via [Service now](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=0659b8c81bc7a0502fe864606e4bcb63).
-
-## Billing
-GDS charges for our usage and sends us an invoice every 3 months. The cost is typically the cost of AWS resources plus 10% admin fee. See [Pricing](https://www.cloud.service.gov.uk/pricing/).
-
-The bill is sent to DfE finance. It is then split between the different services depending on usage per space. Each finance team is sent the invoice for cross-charging.
-
-Costs are available [via the portal](https://admin.london.cloud.service.gov.uk/organisations/386a9502-d9b6-4aba-b3c3-ebe4fa3f963e/statements) at the organisation level and at the space level (BillingManager role required to access).
-A service should aggregate usage across all their spaces to calculate the total cost.
-
-A dashboard showing daily spending is available by default when the [cf-monitoring](https://github.com/DFE-Digital/cf-monitoring/) solution is deployed.
-
-## Exploring GOV.UK PaaS
-If you are interested in adopting this platform and would like to explore it, [request a new user](#create-user). By default you will be given access to
-the _sandbox_ space where you can deploy anything on a temporary basis.
-
-Please be mindful that creating resources is not free so you should delete them as soon as possible.
-
-## Create user
-
-Requests are raised via the [service portal form](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=0659b8c81bc7a0502fe864606e4bcb63).
-
-* From the _Request Type_ dropdwon select _User Maintenance_
-* Then select _Add User_
-* Press the Add button to add the email of the user
-* Submit
-
-An _@education.gov.uk_ account is required, as well as [access to the service portal](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=09927632dbe6d0509402e1aa4b9619b5)
-for BYOD users. If you can't access the service portal, someone who has access can raise the request for you.
-
-Finally, you can ask for help in the `#govuk-paas` Slack channel or contact [Infrastructure operations](/infrastructure/support/#infrastructure-operations).
-
-* Once the user has been created, you will receive an email requiring that you set the password. Keep it safe.
-* If you do not get this mail or have not remembered the password use [Reset Password](https://login.london.cloud.service.gov.uk/login)
-
-The new user only has access to the _sandbox_ space. For adding them to a space, [see](#user-permissions).
-
-## Push my first app
-Once you have an account on GOV.UK PaaS, you can follow this video for a quick walkthrough covering the basics:
-
-* Where is the documentation
-* Command line
-* Login
-* Push a simple application
-* Read the logs
-
-<iframe title="Getting started with GOV.UK PaaS" width="560" height="315" src="https://www.youtube.com/embed/i7kBe5S8jdQ?cc_load_policy=1" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
-
-## Onboarding a service
-If you are planning to use GOV.UK PaaS in production, you will need one or more spaces (See [Organisations and spaces](/infrastructure/hosting/govuk-paas/overview/#organisations-and-spaces)),
-dedicated to your service.
-Finance must be agreed as you will be responsible for the bills. The required details are shown on [the service portal form](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=0659b8c81bc7a0502fe864606e4bcb63), type: _Onboarding_.
-
-Feel free to reach out on the `#govuk-paas` Slack channel should you have any question.
-
-## User permissions
-By default a user only has _SpaceDeveloper_ role in the _sandbox_ space.
-
-Here are the space roles available:
-
-* [SpaceManager](https://docs.cloud.service.gov.uk/orgs_spaces_users.html#space-manager), only for managers, senior developers, tech leads or devops engineers
-* [SpaceDeveloper](https://docs.cloud.service.gov.uk/orgs_spaces_users.html#space-developer) for developers. Only for non-production spaces.
-* [SpaceAuditor](https://docs.cloud.service.gov.uk/orgs_spaces_users.html#space-auditor) for readonly access and monitoring users
-
-And one organisation level role:
-
-* *BillingManager* to access billing data and current spending. Note that any user with this role will be able to see all the other spaces billing data.
-
-Access to a space can be granted by the space managers or service owners. The space manager can use the command line to set the role:
-
-```
-cf set-space-role <account name> dfe <space name> <space role>
-```
-
-The [service portal form](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=0659b8c81bc7a0502fe864606e4bcb63) may also be used to request a role:
-
-* From the _Request type_ dropdown, select _User maintenance_
-* Select _Assign role to existing user_
-
-## Platform support
-
-For technical issues or guidance, the [Infrastructure operations team](/infrastructure/support/#infrastructure-operations) and the community of DfE users can help you. Reach out on `#govuk-paas` channel in the [DfE Slack](https://ukgovernmentdfe.slack.com/).
-
-The team at GDS can be reached on [cross-government slack](https://ukgovernmentdigital.slack.com/) in the `#govuk-paas` channel during office hours.
-They always have one dedicated engineer on support who will answer queries.
-
-The platform is [supported 24x7](https://www.cloud.service.gov.uk/#supported-24-hours-a-day-7-days-a-week) by the GOV.UK PaaS team and they can be
-reached using the form linked or via email. Support requests are tracked via Zendesk tickets.
-
-In case of suspected outage, always check [the status page](https://status.cloud.service.gov.uk/). It is highly recommended to subscribe to the
-mailing list (linked on the status page) to learn about potential disruptions.
-
-## App deletion
-
-With the moving of services and apps to Azure, once migration is complete, apps/services can be deleted on PaaS. This should be done through terraform, however if the resources need to be deleted, follow the below instructions:
-
-### Instructions
-
-At anypoint you can use the help argument - cf [COMMAND] -h
-
-- Prerequistes: PaaS account, Cloud Foundry cli (cf) installed.
-- Login (cf login)
-- List spaces (cd spaces)
-- Set the space (cf target -s [SPACE])
-- List the apps in the space, notes the associated routes in the output (cf apps)
-- List the routes - optional (cf routes)
-- Delete the app, with the associated route using -r (cf delete -r [APP]NAME>)*
-- List the services, note the associated 'bound apps' (cf services)
-- Delete the associated services - it may take several minutes (cf delete-service)
-
-*Required permissions:* to delete apps/services you will need the 'SPACE DEVELOPERS' role, to add it:
-
-- List permissions/roles (cf spaces-users [ORG] [SPACE])
-- Add your username to the SPACE DEVELOPERS (cf set-space-role [USERNAME] [ORG] [SPACE] spacedeveloper)
-
-## Links
-* [GOV.UK PaaS home page](https://www.cloud.service.gov.uk/)
-* [GOV.UK PaaS Documentation](https://docs.cloud.service.gov.uk/)
-* [Pricing](https://www.cloud.service.gov.uk/pricing)
-* [Cloud Foundry](https://docs.cloudfoundry.org/)
-* [Service portal](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=0659b8c81bc7a0502fe864606e4bcb63)
diff --git a/source/infrastructure/hosting/govuk-paas/production/index.html.md.erb b/source/infrastructure/hosting/govuk-paas/production/index.html.md.erb
deleted file mode 100644
index 1518a7a5..00000000
--- a/source/infrastructure/hosting/govuk-paas/production/index.html.md.erb
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Production
-weight: 30
----
-
-# <%= current_page.data.title %>
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-## Service accounts
-Automation requires creating a PaaS service account, which is a user account with its own email address, but not related to a human user.
-
-### Shared email
-The first step is to create a shared email account. See [Service accounts](/infrastructure/security/service-accounts/).
-
-### Create the GOV.UK PaaS user
-Follow the standard process to [request a new user](/infrastructure/hosting/govuk-paas/overview/#create-user) using and the details of the group you created above.
-
-It is recommended to keep a copy of the password in your production [Azure key vault](/infrastructure/security/managing-secrets/).
-
-[Add the user to the spaces](/infrastructure/hosting/govuk-paas/overview/#user-permissions) with the right role.
-
-## Temporary privileged access
-To allow rapid response to incidents, privilege escalation is done by the space managers. It is currently a manual process and they are responsible to
-revoke the privilege when it is not needed anymore. It is possible to
-[run a script](https://github.com/DFE-Digital/bat-infrastructure/blob/main/scripts/check-users-in-space-developer-role.ps1) regularly to confirm we
-only see the expected space users.
-
-## Revoke privileged access automatically
-Privileged should not be permanent. You can run a script to remove user access on a daily basis.
-
-For example:
-
-- [Script](https://github.com/DFE-Digital/bat-infrastructure/blob/main/scripts/check-users-in-space-developer-role.ps1)
-- [Workflow](https://github.com/DFE-Digital/bat-infrastructure/blob/main/.github/workflows/check-users-in-space-developer-role.yml)
-
-This requires a service account with `SpaceManager` role to be able to unset user roles.
diff --git a/source/infrastructure/hosting/govuk-paas/tooling/index.html.md.erb b/source/infrastructure/hosting/govuk-paas/tooling/index.html.md.erb
deleted file mode 100644
index 10eecbb1..00000000
--- a/source/infrastructure/hosting/govuk-paas/tooling/index.html.md.erb
+++ /dev/null
@@ -1,108 +0,0 @@
----
-title: Tooling
-weight: 20
----
-
-# <%= current_page.data.title %>
-
-<%= warning_text(data.site.gov_uk_paas_decommission) %>
-
-<%= partial('partials/page_toc') %>
-
-## cf cli
-
-The default tool to deploy to GOV.UK PaaS is the [cf command line tool](https://docs.cloud.service.gov.uk/get_started.html#set-up-the-cloud-foundry-command-line).
-It is easy to use and any developer can use it to push applications and create services like PostgreSQL or Redis.
-
-When deploying with the cli, we recommend using [manifests](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest.html):
-
-* It avoids passing multiple options on the command line
-* Manifests can be stored in the git repository
-* Secrets or variables can be passed at deploy time
-
-## Terraform provider
-The Cloud Foundry provider for [Terraform](/infrastructure/dev-tools/#terraform) allows describing the deployment in a declarative way. It is the recommended way for robust deployments and
-continuous delivery pipelines.
-
-### Why
-
-* The declarative syntax avoids having to think about dependencies. Terraform will create the resources in the right order and destroy them in the
-right order when required. It also makes it idempotent so Terraform won’t recreate a resource already created.
-* This is particularly useful to create disposable environments for testing or review apps, and delete them when they are not required anymore.
-* The syntax is elegant, powerful and modular.
-* It can read data from environment variables, AWS Parameter Store, Azure Key Vault, YAML files, JSON files, etc.
-* It can create an environment made of very different technologies. For example, we create an environment with Azure, GOV.UK PaaS and Statuscake in a single Terraform run.
-
-### Cloud Foundry provider
-The Cloud Foundry community maintains the [Cloud Foundry Terraform provider](https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs).
-
-It can be easily downloaded and installed on Terraform 0.13 and above with:
-
-```hcl
-terraform {
-  required_providers {
-    cloudfoundry = {
-      source = "cloudfoundry-community/cloudfoundry"
-      version = "~> 0.15"
-    }
-  }
-}
-```
-
-### Zero downtime
-
-By default when an application is pushed to GOV.UK PaaS, the live version is deleted, the new version is built, then the new version becomes live.
-This can create a few minutes downtime.
-
-To avoid this issue, the provider offers an elegant [blue-green](https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs/resources/app#application-deployment-strategy-blue-green-deploy)
-deployment strategy. It builds the new version alongside the live one, and it switches traffic to it smoothly when it’s up and running.
-
-### Caution
-
-* Terraform requires its state to be stored in persistent storage. An PaaS solution may be used alongside GOV.UK PaaS, like an Azure Storage account with
-blob versioning enabled. GOV.UK PaaS also provides an [Amazon S3 service](https://docs.cloud.service.gov.uk/deploying_services/s3/) but it currently doesn't
-offer versioning (it's on the [roadmap](https://github.com/alphagov/paas-roadmap/issues/64) though).
-* All the resources are under Terraform control, including databases. It is a good practice to back up critical databases externally as an additional
-protection. Terraform [prevent_destroy lifecycle](https://www.terraform.io/docs/language/meta-arguments/lifecycle.html#prevent_destroy) may help as well.
-* The provider has a few bugs. Here are suggested workarounds:
-  * Docker image not updated: use [blue-green deployment](https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs/resources/app#blue-green)
-  * [Database connection issues during blue-green deployment](https://github.com/cloudfoundry-community/terraform-provider-cloudfoundry/issues/353):
-      * use [service key](https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs/resources/service_key) instead of [service binding](https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs/resources/app#service_binding)
-      * use version 0.15.4+ of the Cloud Foundry Terraform Provider
-
-## Docker
-
-The default option to deploy an application to GOV.UK PaaS is using buildpacks. They are preconfigured environments for a variety of programming
-languages. The developer pushes their code using `cf push` and Cloud Foundry will build it remotely using the relevant buildpack. This is **not** the
-DfE recommended way to deploy to GOV.UK PaaS, except for very simple applications like static websites.
-
-Another solution is to use Docker. Using `cf push --docker-image my-app` tells Cloud Foundry to:
-
-* Pull the my-app image from a Docker Registry (Docker Hub by default)
-* Unpack the files
-* Run the application in Cloud Foundry container environment
-
-This approach has several advantages:
-
-* Avoid vendor lock-in: Docker is commonly used in other platforms like Kubernetes, Azure App Service, Azure Container Instances, AWS ECS, etc. Should
-we want to move away from GOV.UK PaaS, it’s possible.
-* Build only once: The Docker image is a build artifact identified by a specific tag (usually the commit id). It can be deployed consistently across
-different environments and it removes the dependency on artifacts downloaded at build time from external systems.
-* Faster deployments: The deployment to each environment only takes a few seconds as the image is already built.
-* Faster build: Docker build cache can be leveraged to reduce build time massively.
-
-The Terraform Cloud Foundry provider also supports Docker.
-
-**Important:** If you use Docker Hub as your Docker registry, make sure to set up authentication as unauthenticated pulls are significantly
-[rate limited](https://docs.docker.com/docker-hub/download-rate-limit/).
-
-## Monitoring apps and services
-The admin portal provides the status of applications and service. It also shows metric graphs for services.
-
-Deploy [cf-monitoring](https://github.com/DFE-Digital/cf-monitoring/) to provide detailed metrics, alerting and dashboards for your applications and services.
-This includes a billing dashboard showing daily usage so you can finely control the costs.
-
-## Centralised logging
-Recent application logs are available via the `cf` command line. For permanent storage, filtering, advanced queries, log based dashboards and alerting,
-we recommend using [Logit.io](https://logit.io/) which is a cost effective SaaS ELK platform widely used in Government.
-See the [GOV.UK PaaS documentation](https://docs.cloud.service.gov.uk/monitoring_apps.html#set-up-the-logit-log-management-service).
diff --git a/source/infrastructure/monitoring/grafana/dynamic_variables.html.md.erb b/source/infrastructure/monitoring/grafana/dynamic_variables.html.md.erb
index 5dfa63ea..36fd4a6f 100644
--- a/source/infrastructure/monitoring/grafana/dynamic_variables.html.md.erb
+++ b/source/infrastructure/monitoring/grafana/dynamic_variables.html.md.erb
@@ -12,7 +12,7 @@ If you want a dynamic drop down list for a dashboard the first step is to create
 
 ## Example
 
-The UK Gov PaaS consists of organisations and spaces. A dashboard will not generally span different organisations but may well use different spaces. Also if you use the dashboard in a different organisation then the list of spaces will be different.
+Services on kubernetes are deployed to different namespaces. A dashboard will not generally span different organisations but may well use different namespaces. Also if you use the dashboard in a different organisation then the list of spaces will be different.
 
 ## Variable
 
diff --git a/source/infrastructure/monitoring/logit/index.html.md.erb b/source/infrastructure/monitoring/logit/index.html.md.erb
index c49b1d5b..4b394bb1 100644
--- a/source/infrastructure/monitoring/logit/index.html.md.erb
+++ b/source/infrastructure/monitoring/logit/index.html.md.erb
@@ -8,7 +8,7 @@ link_in_toc: true
 #  <%= current_page.data.title %>
 
 
-The Logit platform delivers  a fully customised log and metrics solution based on Elasticsearch, Logstash and Kibana which is scalable, secure and compliant. It is the recommended method of cloud hosted logging when using [GOV.UK PaaS](<%= data.site.gov_uk_paas %>).
+The Logit platform delivers a fully customised log and metrics solution based on Elasticsearch, Logstash and Kibana which is scalable, secure and compliant.
 
 ### Access
 Request a new account from [Digital tools](<%= data.site.digital_tools %>). Depending on your team you may request access to one or more stacks.
@@ -16,28 +16,13 @@ Request a new account from [Digital tools](<%= data.site.digital_tools %>). Depe
 ### New Stack
 To create a new a new stack you need to raise a request with [Digital tools](<%= data.site.digital_tools %>), providing them with the directorate, service name and finance approval from the service owner.
 
-You will need to know the approximate amount of data and retention period to estimate the cost. This can be gathered from [Logit.io](http://logit.io/)
-
-### Send logs from GOV.UK PaaS
-* Configure the Logstash filters using [PaaS official doc](https://docs.cloud.service.gov.uk/monitoring_apps.html#configure-logstash-filters)
-or [DfE improved version](https://github.com/DFE-Digital/bat-platform-building-blocks/blob/master/logstash-filters/govuk-paas.rb)
-* Get the value for your `TCP-SSL` host and port from Logstash Inputs under the settings menu for your logit stack
-* Configure PaaS using the [command line](https://docs.cloud.service.gov.uk/monitoring_apps.html#configure-app) or terraform:
-
-  ```hcl
-  resource cloudfoundry_user_provided_service log-service {
-    name = "my-app-log-service"
-    space = data.cloudfoundry_space.id
-    syslog_drain_url = "syslog-tls://${var.logit_host}:${var.logit_port}"
-  }
-  ```
-* Configure the application to send logs as json to STDOUT (Standard out)
+You will need to know the approximate amount of data and retention period to estimate the cost. This can be gathered from [Logit.io](http://logit.io/).
 
 ### Send logs from Azure
 A number of sources are available. See [documentation](https://logit.io/sources/search).
 
 ### Ruby on rails
-* If GOV.UK PaaS is not used and STDOUT can't be used, use the [logstash-logger](https://github.com/dwbutler/logstash-logger) gem
+* If log shipping is configured at the platform level, use STDOUT. If not, use the [logstash-logger](https://github.com/dwbutler/logstash-logger) gem
 * Use [semantic logger](https://logger.rocketjob.io/) to format logs as json and add rails fields automatically
 * Example configuration:
 
@@ -45,7 +30,7 @@ A number of sources are available. See [documentation](https://logit.io/sources/
 
 ```ruby
 Rails.application.configure do
-  config.semantic_logger.application = "" # This is added by logstash from the PaaS tags
+  config.semantic_logger.application = "" # This is added by logstash from its tags
   config.log_tags = [:request_id]         # Prepend all log lines with the following tags
 end
 
diff --git a/source/infrastructure/monitoring/prometheus/index.html.md.erb b/source/infrastructure/monitoring/prometheus/index.html.md.erb
index e2990452..7e0b3fdc 100644
--- a/source/infrastructure/monitoring/prometheus/index.html.md.erb
+++ b/source/infrastructure/monitoring/prometheus/index.html.md.erb
@@ -7,12 +7,8 @@ link_in_toc: true
 
 #  <%= current_page.data.title %>
 
-[GOV.UK PaaS](<%= data.site.gov_uk_paas %>) doesn’t provide monitoring tools natively. It provides logs and metrics which can be streamed to a separate monitoring solution.
-
-The prometheus ecosystem is a good fit for PaaS. It is made up of various components:
-
 ### Exporters
-Provides metrics on the `/metrics` http endpoint. We use exporters for PaaS, Redis, Postgres, Rails...
+Provides metrics on the `/metrics` http endpoint. We use exporters for Redis, Postgres, Rails...
 
 ### Prometheus
 Prometheus is the brains of the system providing the following functions:
@@ -33,6 +29,3 @@ Reads the metrics from various datasources including influxdb to create advanced
 
 #### Further Reading
 * [Grafana dynamic variables](/infrastructure/monitoring/grafana/dynamic_variables.html)
-
-### Delivery
-We have created reusable terraform modules to deploy the whole solution easily and reliably. See: [cf-monitoring](https://dfe-digital.github.io/cf-monitoring/)
diff --git a/source/infrastructure/security/managing-secrets/index.html.md.erb b/source/infrastructure/security/managing-secrets/index.html.md.erb
index 5a81025c..a9f2f5b7 100644
--- a/source/infrastructure/security/managing-secrets/index.html.md.erb
+++ b/source/infrastructure/security/managing-secrets/index.html.md.erb
@@ -28,7 +28,7 @@ to yourself and other members of the team who you will allow to access the vault
 and the implementation is explained below.
 
 ## Azure service Principal
-To be able to retrieve the secrets from an external system like GOV.UK PaaS, you need an Azure Service Principal, which takes the form of an app registration in Azure AD.
+To be able to retrieve the secrets from an external system like Github actions, you need an Azure Service Principal, which takes the form of an app registration in Azure AD.
 
 See instructions [here](/infrastructure/hosting/azure-cip/#service-principal).
 
diff --git a/source/infrastructure/security/service-accounts/index.html.md.erb b/source/infrastructure/security/service-accounts/index.html.md.erb
index 253e4e49..766a2ed7 100644
--- a/source/infrastructure/security/service-accounts/index.html.md.erb
+++ b/source/infrastructure/security/service-accounts/index.html.md.erb
@@ -6,34 +6,19 @@ title: Service accounts
 
 <%= partial('partials/page_toc') %>
 
-Service accounts are user accounts on various systems like GOV.UK PaaS, Github, Azure usually required by automation. They are not related to a human user to avoid the risk of stopping
+Service accounts are user accounts on various systems like Github, Azure usually required by automation. They are not related to a human user to avoid the risk of stopping
 the automation when the user is offboarded. This requires shared credentials so care should be taken to be able to share them in a secure way.
 
 - For non email based credentials like Azure service principals, add the keys to the production [keyvault protected by PIM](/infrastructure/security/managing-secrets).
-- For email based credentials like GOV.UK Paas, Github, Dockerhub, a useful pattern is to use a shared email. It provides a unique email address used to register the account agains the system. The human owners of the service accounts are made members of the shared email
+- For email based credentials like Azure, Github, Dockerhub, a useful pattern is to use a shared email. It provides a unique email address used to register the account agains the system. The human owners of the service accounts are made members of the shared email
 and are able to reset the password. See below.
 
 ## Shared email
-
-### Google Group
-For `@digital.education.gov.uk` email addresses:
-
-Decide on a reasonable name for you service account; fill in this form and inform [Digital tools](<%= data.site.digital_tools %>) on SLACK that you have put in the request
-
-* Request the group is created using the [Google Group Request Form](https://docs.google.com/forms/d/e/1FAIpQLScEp4GBH-oBGsZR94XxTivad5YempL6VJeKlIUG3x-Mpyj0eA/viewform).
-	* You will be asked to name the group manager, this needs to be someone with an @digital.education.gov.uk email address. We suggest that this is a permanent member of the Infrastructure team.
-	* The group name should be logical and represent the project and purpose of the group.
-	* You should list all the team members who require access, though if you are going to be a manager of the group, it can be can be changed later.
-	* We advise that you inform [Digital tools](<%= data.site.digital_tools %>) that are creating the group, it will be used as a Service Account.
-* Ensure that there is more than one member of the group.
-* Ensure you receive a confirmation email after you have submitted the form.
+### Outlook distribution list
+This creates a new email address and when emails are sent to it, the members of the distribution list receive them in their own inbox. To create it, use the [Distribution Lists service now form](https://dfe.service-now.com.mcas.ms/serviceportal?id=sc_cat_item&sys_id=a28540a5dbeeee005ca2fddabf961968).
 
 ### Outlook shared mailbox
-For `@education.gov.uk` email addresses, create a shared mailbox using
-[the service portal form](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=5daf935837189240c033a16043990ecf&referrer=popular_items).
-
-## GOV.UK PaaS account
-Follow the above and see [GOV.UK PaaS service accounts](<%= data.site.gov_uk_paas %>production/#service-accounts).
+This creates a mailbox that can be shared with multiple users. It is displayed separately in Outlook and emails are stored there. Create a shared mailbox using [the service portal form](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=5daf935837189240c033a16043990ecf&referrer=popular_items).
 
 ## Github account
 Request a new user from [Digital tools](<%= data.site.digital_tools %>).
diff --git a/source/infrastructure/security/ssl-certificates/index.html.md.erb b/source/infrastructure/security/ssl-certificates/index.html.md.erb
index d291a026..6fad7525 100644
--- a/source/infrastructure/security/ssl-certificates/index.html.md.erb
+++ b/source/infrastructure/security/ssl-certificates/index.html.md.erb
@@ -14,8 +14,7 @@ The certificate can be created manually or generated and renewed automatically v
 
 Certificates generated on the CAs are paid for centrally by the [Platform support team](/infrastructure/support/#platform-support).
 
-This documentation doesn't apply to [GOV.UK PaaS](<%= data.site.gov_uk_paas %>) as SSL certificates are generated and renewed automatically for each [custom domain](https://docs.cloud.service.gov.uk/deploying_services/use_a_custom_domain/).
-Similarly for Azure managed certificates in [App service](https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2Cportal#create-a-free-managed-certificate) or [Front door](https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-https-custom-domain#afd-managed-certificates-for-non-azure-pre-validated-domain).
+This documentation doesn't apply to Azure managed certificates in [App service](https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2Cportal#create-a-free-managed-certificate) or [Front door](https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-https-custom-domain#afd-managed-certificates-for-non-azure-pre-validated-domain).
 
 ## Create account
 Use the [External Digital Certificates form](https://dfe.service-now.com.us.cas.ms/serviceportal?id=sc_cat_item&sys_id=8fe3fae3dbd77f809402e1aa4b9619d0) on the service portal and choose: _Request type: Request an account_
diff --git a/source/infrastructure/support/index.html.md.erb b/source/infrastructure/support/index.html.md.erb
index ea9219fc..e79cda81 100644
--- a/source/infrastructure/support/index.html.md.erb
+++ b/source/infrastructure/support/index.html.md.erb
@@ -25,7 +25,7 @@ Employees working in IT can have access to the [full Service now interface](http
 They gain access when they are added to a group using [the Service Portal - Groups/Permissions form](https://dfe.service-now.com/serviceportal/?id=sc_cat_item&sys_id=6cdeb1f2dbf898509402e1aa4b96197f).
 
 ## Infrastructure and Network Operations
-For requests related to DNS, Azure CIP, Azure DfE (Tier 1), Azure DevOps, GOV.UK PaaS...
+For requests related to DNS, Azure CIP, Azure DfE (Tier 1), Azure DevOps...
 
 Use the [Any other request form](https://dfe.service-now.com.mcas.ms/serviceportal/?id=sc_cat_item&sys_id=3ab186f8db2c2b403b929334ca961998&sysparm_category=19d07bc3dbff17003b929334ca9619bd):
 
@@ -36,7 +36,6 @@ Use the [Any other request form](https://dfe.service-now.com.mcas.ms/serviceport
 Slack channels:
 
 - CIP: [#cloud-platform](https://ukgovernmentdfe.slack.com/archives/C7L4D0LM9)
-- GOV.UK PaaS: [#govuk-paas (DfE)](https://ukgovernmentdfe.slack.com/archives/C022HG40PT3)
 
 Email: <Infrastructure.Operations@education.gov.uk>
 
@@ -71,8 +70,3 @@ For requests related to Gsuite, Slack, Github (_DFE-Digital_ organisation), Dock
 
 ## DFE Sign-In
 Slack channel: [#dfe_sign-in](https://ukgovernmentdfe.slack.com/archives/C5S500XB6)
-
-## GOV.UK PaaS GDS team
-- Slack channel in [Cross-Government Slack](https://ukgovernmentdigital.slack.com/): [#govuk-paas (Cross-Government)](https://ukgovernmentdigital.slack.com/archives/C33SAH4GJ)
-- Support page: [link](https://admin.london.cloud.service.gov.uk/support)
-- Support ticket via email: <gov-uk-paas-support@digital.cabinet-office.gov.uk>
diff --git a/source/principles/architecture/index.html.md.erb b/source/principles/architecture/index.html.md.erb
index faa06527..3c39b215 100644
--- a/source/principles/architecture/index.html.md.erb
+++ b/source/principles/architecture/index.html.md.erb
@@ -41,8 +41,6 @@ Do away with the undifferentiated heavy lifting of managing infrastructure, i.e.
 
 Focus on activities that directly shape the service for your users rather than layers hidden in the infrastructure.
 
-> Example: Use [GOV.UK PaaS](<%= data.site.gov_uk_paas%>) instead of managing networks and virtual machines
-
 > Example: A consistent requirement of operational services was to log, monitor and alert on the status of the systems underpinning it, as services began to align consistently with their implementations a decision was taken to use external SaaS services that provide the same functionality as the existing implementations therefore reducing the time to add these capabilities to services but still keep them diverse enough to handle multiple independent needs.
 
 ## Embrace change and plan for it