diff --git a/.github/scripts/build.sh b/.github/scripts/build.sh
new file mode 100755
index 0000000..d6031e9
--- /dev/null
+++ b/.github/scripts/build.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+set -ex
+
+ISSUER_URL="https://issuer.anon-aadhaar.pse.dev"
+
+aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 490752553772.dkr.ecr.eu-central-1.amazonaws.com
+
+docker build --build-arg "NEXT_PUBLIC_ISSUER_URL=$ISSUER_URL" -t anon-aadhaar-client -f client/Dockerfile client
+docker tag anon-aadhaar-client:latest 490752553772.dkr.ecr.eu-central-1.amazonaws.com/anon-aadhaar-client:latest
+docker push 490752553772.dkr.ecr.eu-central-1.amazonaws.com/anon-aadhaar-client:latest
+
+docker build -t anon-aadhaar-issuer .
+docker tag anon-aadhaar-issuer:latest 490752553772.dkr.ecr.eu-central-1.amazonaws.com/anon-aadhaar-issuer:latest
+docker push 490752553772.dkr.ecr.eu-central-1.amazonaws.com/anon-aadhaar-issuer:latest
+
+exit 0
diff --git a/.github/scripts/deploy.sh b/.github/scripts/deploy.sh
new file mode 100755
index 0000000..2a77640
--- /dev/null
+++ b/.github/scripts/deploy.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -ex
+
+tasks="anon-aadhaar-client anon-aadhaar-issuer"
+for task in $tasks; do
+  anon_aadhaar_revision=$(aws ecs describe-task-definition --task-definition $task --query "taskDefinition.revision")
+  aws ecs update-service --cluster anon-aadhaar --service $task --force-new-deployment --task-definition $task:$anon_aadhaar_revision
+done
+
+for loop in {1..3}; do
+  [ "$loop" -eq 3 ] && exit 1
+  aws ecs wait services-stable --cluster anon-aadhaar --services $tasks && break || continue
+done
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 0000000..68b40d3
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,37 @@
+name: Deploy
+on:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::490752553772:role/privado-frontend-ecs-deploy-slc
+          role-duration-seconds: 2700
+          aws-region: eu-central-1
+
+      - name: Build and Push images to ECR
+        run: |
+          .github/scripts/build.sh
+
+      - name: Trigger ECS Deployment
+        run: |
+          .github/scripts/deploy.sh
diff --git a/.github/workflows/push-backend-erc.yaml b/.github/workflows/push-backend-erc.yaml
deleted file mode 100644
index 03246bf..0000000
--- a/.github/workflows/push-backend-erc.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-name: Push onchain non merklized backend to AWS ECR
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - main
-
-env:
-  AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_PRIVADO_ID }}
-  AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION_PRIVADO_ID }}
-  ECR_REPOSITORY: onchain_non_merklized_issuer_backend_demo
-
-jobs:
-  deploy:
-    environment:
-      name: ${{ github.ref_name }}
-    name: Build and deploy ochain non merklized issuer backend to AWS ECR
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write
-      contents: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 16
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ env.AWS_DEFAULT_REGION }}
-          role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/PolygonIDActionsRole
-          role-session-name: GitHubActionsSession
-
-      - name: Login to Amazon ECR
-        uses: aws-actions/amazon-ecr-login@v2
-        id: login-ecr
-
-      - name: Get version
-        run: echo "::set-output name=VERSION::$(git rev-parse --short HEAD)"
-        id: version
-
-      - name: Build with tag and push image
-        env:
-          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-          ECR_REPOSITORY: ${{ env.ECR_REPOSITORY }}
-          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
-        run: |
-          docker build \
-            -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest \
-            -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} .
-
-          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
-          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
\ No newline at end of file
diff --git a/.github/workflows/push-frontend-erc.yaml b/.github/workflows/push-frontend-erc.yaml
deleted file mode 100644
index 80c7a05..0000000
--- a/.github/workflows/push-frontend-erc.yaml
+++ /dev/null
@@ -1,60 +0,0 @@
-name: Push onchain non merklized frontend to AWS ECR
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - main
-
-env:
-  AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_PRIVADO_ID }}
-  AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION_PRIVADO_ID }}
-  ECR_REPOSITORY: onchain_non_merklized_issuer_frontend_demo
-  NEXT_PUBLIC_ISSUER_URL: ${{ vars.NEXT_PUBLIC_ISSUER_URL }}
-
-jobs:
-  deploy:
-    environment:
-      name: ${{ github.ref_name }}
-    name: Build and deploy ochain non merklized issuer frontend to AWS ECR
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write
-      contents: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 16
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ env.AWS_DEFAULT_REGION }}
-          role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/PolygonIDActionsRole
-          role-session-name: GitHubActionsSession
-
-      - name: Login to Amazon ECR
-        uses: aws-actions/amazon-ecr-login@v2
-        id: login-ecr
-
-      - name: Get version
-        run: echo "::set-output name=VERSION::$(git rev-parse --short HEAD)"
-        id: version
-
-      - name: Build with tag and push image
-        env:
-          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-          ECR_REPOSITORY: ${{ env.ECR_REPOSITORY }}
-          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
-        run: |
-          docker build \
-            -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest \
-            -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} \
-            --build-arg="NEXT_PUBLIC_ISSUER_URL=${{ env.NEXT_PUBLIC_ISSUER_URL }}" \
-            -f client/Dockerfile client
-
-          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
-          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest
\ No newline at end of file
diff --git a/client/Dockerfile b/client/Dockerfile
index 9a57380..059435a 100644
--- a/client/Dockerfile
+++ b/client/Dockerfile
@@ -1,4 +1,5 @@
 FROM node:21
+RUN apt-get update ; apt-get install -y netcat-openbsd
 
 WORKDIR /app