diff --git a/.github/workflows/cdp.yml b/.github/workflows/cdp.yml
new file mode 100644
index 0000000..b0bd6b5
--- /dev/null
+++ b/.github/workflows/cdp.yml
@@ -0,0 +1,49 @@
+on: [push]
+
+jobs:
+  aws_cdk:
+    runs-on: ubuntu-latest
+    steps:
+      - name: cdk bootstrap
+        uses: tj-actions/aws-cdk@v4
+        with:
+          cdk_subcommand: "bootstrap"
+          cdk_stack: "stack1"
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: "us-east-1"
+
+      - name: cdk diff
+        uses: tj-actions/aws-cdk@v4
+        with:
+          cdk_subcommand: "diff"
+          cdk_stack: "stack1"
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: "us-east-1"
+
+      - name: cdk synth
+        uses: tj-actions/aws-cdk@v4
+        with:
+          cdk_subcommand: "synth"
+          cdk_stack: "stack1"
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: "us-east-1"
+
+      - name: cdk deploy
+        uses: tj-actions/aws-cdk@v4
+        with:
+          cdk_subcommand: "deploy"
+          cdk_stack: "stack1"
+          cdk_extra_args: >-
+            --progress events
+            --require-approval never
+            --parameters environment=${{ secrets.ENVIRONMENT }}
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: "us-east-1"