diff --git a/.github/workflows/deploy_with_github_runner.yml b/.github/workflows/deploy_with_github_runner.yml
index 929c4b9..95ea59c 100644
--- a/.github/workflows/deploy_with_github_runner.yml
+++ b/.github/workflows/deploy_with_github_runner.yml
@@ -7,6 +7,10 @@ on:
         required: true
         description: The name of the environment where to deploy
         type: string
+      target:
+        required: true
+        description: The environment target of the job
+        type: string
 
 env:
   APP_NAME: pagopagpsdonationservice
@@ -22,6 +26,7 @@ jobs:
     runs-on: ubuntu-22.04
     environment:
       name: ${{ inputs.environment }}
+    if: ${{ inputs.target == inputs.environment || inputs.target == 'all' }}
     outputs:
       runner_name: ${{ steps.create_github_runner.outputs.runner_name }}
     steps:
@@ -30,7 +35,7 @@ jobs:
         # from https://github.com/pagopa/eng-github-actions-iac-template/tree/main/azure/github-self-hosted-runner-azure-create-action
         uses: pagopa/eng-github-actions-iac-template/azure/github-self-hosted-runner-azure-create-action@main
         with:
-          client_id: ${{ secrets.CLIENT_ID }}
+          client_id: ${{ secrets.CD_CLIENT_ID }}
           tenant_id: ${{ secrets.TENANT_ID }}
           subscription_id: ${{ secrets.SUBSCRIPTION_ID }}
           container_app_environment_name: ${{ vars.CONTAINER_APP_ENVIRONMENT_NAME }}
@@ -40,6 +45,7 @@ jobs:
   deploy:
     needs: [ create_runner ]
     runs-on: [ self-hosted, "${{ needs.create_runner.outputs.runner_name }}" ]
+    if: ${{ inputs.target == inputs.environment || inputs.target == 'all' }}
     name: Deploy on AKS
     environment: ${{ inputs.environment }}
     steps:
@@ -47,7 +53,7 @@ jobs:
         uses: pagopa/github-actions-template/aks-deploy@main
         with:
           branch: ${{ github.ref_name }}
-          client_id: ${{ secrets.CLIENT_ID }}
+          client_id: ${{ secrets.CD_CLIENT_ID }}
           subscription_id: ${{ secrets.SUBSCRIPTION_ID }}
           tenant_id: ${{ secrets.TENANT_ID }}
           env: ${{ inputs.environment }}
@@ -60,7 +66,7 @@ jobs:
   cleanup_runner:
     name: Cleanup Runner
     needs: [ create_runner, deploy ]
-    if: ${{ success() || failure() }}
+    if: ${{ success() || failure() && inputs.target == inputs.environment || inputs.target == 'all' }}
     runs-on: ubuntu-22.04
     environment: ${{ inputs.environment }}
     steps:
@@ -69,7 +75,7 @@ jobs:
         # from https://github.com/pagopa/eng-github-actions-iac-template/tree/main/azure/github-self-hosted-runner-azure-cleanup-action
         uses: pagopa/eng-github-actions-iac-template/azure/github-self-hosted-runner-azure-cleanup-action@0ee2f58fd46d10ac7f00bce4304b98db3dbdbe9a
         with:
-          client_id: ${{ secrets.CLIENT_ID }}
+          client_id: ${{ secrets.CD_CLIENT_ID }}
           tenant_id: ${{ secrets.TENANT_ID }}
           subscription_id: ${{ secrets.SUBSCRIPTION_ID }}
           resource_group_name: ${{ vars.CONTAINER_APP_ENVIRONMENT_RESOURCE_GROUP_NAME }}
diff --git a/.github/workflows/release_deploy.yml b/.github/workflows/release_deploy.yml
index 1007009..0bc1072 100644
--- a/.github/workflows/release_deploy.yml
+++ b/.github/workflows/release_deploy.yml
@@ -20,7 +20,7 @@ on:
       beta:
         required: false
         type: boolean
-        description: deploy beta function version on Azure
+        description: deploy beta version on AKS
         default: false
       skip_release:
         required: false
@@ -118,45 +118,30 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           tag: ${{ needs.release.outputs.version }}
 
-  deploy_aks_dev:
-    name: Deploy on AKS DEV
+  deploy_aks:
+    name: Deploy on AKS
     needs: [ setup, release, image ]
     if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') }}
+    strategy:
+      matrix:
+        environment: [ dev, uat, prod ]
     uses: ./.github/workflows/deploy_with_github_runner.yml
     with:
-      environment: ${{ needs.setup.outputs.environment }}
+      environment: ${{ matrix.environment }}
+      target: ${{ needs.setup.outputs.environment }}
     secrets: inherit
 
-  deploy_aks_uat:
-    name: Deploy on AKS UAT
-    needs: [ setup, release, image ]
-    if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled')  && needs.setup.outputs.environment != 'dev' }}
-    uses: ./.github/workflows/deploy_with_github_runner.yml
-    with:
-      environment: ${{ needs.setup.outputs.environment }}
-    secrets: inherit
-
-  deploy_aks_prod:
-    name: Deploy on AKS PROD
-    needs: [ setup, release, image ]
-    if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled')  && needs.setup.outputs.environment == 'prod' }}
-    uses: ./.github/workflows/deploy_with_github_runner.yml
-    with:
-      environment: ${{ needs.setup.outputs.environment }}
-    secrets: inherit
-
-
   notify:
-    needs: [ deploy_aks_prod ]
+    needs: [ setup, release, deploy_aks ]
     runs-on: ubuntu-latest
     name: Notify
     if: always()
     steps:
       - name: Report Status
-        if: ${{ needs.setup.outputs.environment == 'prod' }}
+        if: ${{ needs.setup.outputs.environment == 'prod' || needs.setup.outputs.environment == 'all'  }}
         uses: ravsamhq/notify-slack-action@v2
         with:
-          status: ${{ needs.deploy_aks_prod.result }}
+          status: ${{ needs.deploy_aks.result }}
           token: ${{ secrets.GITHUB_TOKEN }}
           notification_title: 'New Release on Production ${{ needs.release.outputs.version }} has {status_message}'
           message_format: '{emoji} <{run_url}|{workflow}> {status_message} in <{repo_url}|{repo}>'
diff --git a/.identity/.terraform.lock.hcl b/.identity/.terraform.lock.hcl
new file mode 100644
index 0000000..7cfd5bc
--- /dev/null
+++ b/.identity/.terraform.lock.hcl
@@ -0,0 +1,64 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azuread" {
+  version     = "2.30.0"
+  constraints = "2.30.0"
+  hashes = [
+    "h1:WnSPiREAFwnBUKREokMdHQ8Cjs47MzvS9pG8VS1ktec=",
+    "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7",
+    "zh:2e62c193030e04ebb10cc0526119cf69824bf2d7e4ea5a2f45bd5d5fb7221d36",
+    "zh:2f3c7a35257332d68b778cefc5201a5f044e4914dd03794a4da662ddfe756483",
+    "zh:35d0d3a1b58fdb8b8c4462d6b7e7016042da43ea9cc734ce897f52a73407d9b0",
+    "zh:47ede0cd0206ec953d40bf4a80aa6e59af64e26cbbd877614ac424533dbb693b",
+    "zh:48c190307d4d42ea67c9b8cc544025024753f46cef6ea64db84735e7055a72da",
+    "zh:6fff9b2c6a962252a70a15b400147789ab369b35a781e9d21cce3804b04d29af",
+    "zh:7646980cf3438bff29c91ffedb74458febbb00a996638751fbd204ab1c628c9b",
+    "zh:77aa2fa7ca6d5446afa71d4ff83cb87b70a2f3b72110fc442c339e8e710b2928",
+    "zh:e20b2b2c37175b89dd0db058a096544d448032e28e3b56e2db368343533a9684",
+    "zh:eab175b1dfe9865ad9404dccb6d5542899f8c435095aa7c679314b811c717ce7",
+    "zh:efc862bd78c55d2ff089729e2a34c1831ab4b0644fc11b36ee4ebed00a4797ba",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "3.45.0"
+  constraints = "3.45.0"
+  hashes = [
+    "h1:gQLNY1I5e9kcle1p/VYEWb0eteQ/t5kUfnqVu2/GBNY=",
+    "zh:04c5dbb8845366ce5eb0dc2d55e151270cc2c0ace20993867fdae9af43b953ad",
+    "zh:2589585da615ccae341400d45d672ee3fae413fdd88449b5befeff12a85a44b2",
+    "zh:603869ed98fff5d9bf841a51afd9e06b628533c59356c8433aef4b15df63f5f7",
+    "zh:853fecab9c987b6772c8d9aa10362675f6c626b60ebc7118aa33ce91366fcc38",
+    "zh:979848c45e8e058862c36ba3a661457f7c81ef26ebb6634f479600de9c203d65",
+    "zh:9b512c8588ecc9c1b803b746a3a8517422561a918f0dfb0faaa707ed53ef1760",
+    "zh:a9601ffb58043426bcff1220662d6d137f0b2857a24f2dcf180aeac2c9cea688",
+    "zh:d52d2652328f0ed3ba202561d88cb9f43c174edbfaab1abf69f772125dbfe15e",
+    "zh:d92d91ca597c47f575bf3ae129f4b723be9b7dcb71b906ec6ec740fac29b1aaa",
+    "zh:ded73b730e4197b70fda9e83447c119f92f75dc37be3ff2ed45730c8f0348c28",
+    "zh:ec37ac332d50f8ca5827f97198346b0f8ecbf470e2e3ba1e027bb389d826b902",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
+
+provider "registry.terraform.io/integrations/github" {
+  version     = "5.18.3"
+  constraints = "5.18.3"
+  hashes = [
+    "h1:rv3mwpUeJ0n13sY+KZMI25WAVCSeipX4n8JMWKD1XcE=",
+    "zh:050b37d96628cb7451137755929ca8d21ea546bc46d11a715652584070e83ff2",
+    "zh:053051061f1b7f7673b0ceffac1f239ba28b0e5b375999206fd39976e85d9f2b",
+    "zh:0c300a977ca66d0347ed62bb116fd8fc9abb376a554d4c192d14f3ea71c83500",
+    "zh:1d5a1a5243eba78819d2f92ff2d504ebf9a9008a6670fb5f5660f44eb6a156d8",
+    "zh:a13ac15d251ebf4e7dc40acb0e40df066f443f4c7799186a29e2e44addc7d8e7",
+    "zh:a316d94b885953c036ebc9fba64a23da93974746bc3ac9d207462a6f02d44540",
+    "zh:a658a00373bff5979cc227052c693cbde8ca4c8f9fef1bc8094a3516f2e2a96d",
+    "zh:a7bfc6ad8465d5dc11b6f19d6805364de87fffe27622bb4f37da2319bb1c4956",
+    "zh:d7379a76861f1a6bfc36eca7a20f1f477711247563b105744d69d7bd1f365fad",
+    "zh:de1cd959fd4821248e8d21570601193408648474e74f49597f1d0c43185a4ab7",
+    "zh:e0b281240dd6f2aa405b2d6fe329bc15ab877161affe163fb150d1efca2fccdb",
+    "zh:e372c171358757a983d7aa878abfd05a84484fb4d22167e45c9c1267e78ed060",
+    "zh:f6d3116526030b3f6905f530cd6c04b23d42890d973fa2abe10ce9c89cb1db80",
+    "zh:f99eec731e03cc6a28996c875bd435887cd7ea75ec07cc77b9e768bb12da2227",
+  ]
+}
diff --git a/.identity/00_data.tf b/.identity/00_data.tf
index 8273e72..9a050cd 100644
--- a/.identity/00_data.tf
+++ b/.identity/00_data.tf
@@ -1,6 +1,6 @@
-data "azurerm_storage_account" "tf_storage_account"{
-  name                = "pagopainfraterraform${var.env}"
-  resource_group_name = "io-infra-rg"
+data "azurerm_user_assigned_identity" "identity_cd" {
+  resource_group_name = "${local.product}-identity-rg"
+  name                = "${local.product}-${local.domain}-01-github-cd-identity"
 }
 
 data "azurerm_resource_group" "dashboards" {
diff --git a/.identity/02_application_action.tf b/.identity/02_application_action.tf
deleted file mode 100644
index d6a7a24..0000000
--- a/.identity/02_application_action.tf
+++ /dev/null
@@ -1,96 +0,0 @@
-module "github_runner_app" {
-  source = "git::https://github.com/pagopa/github-actions-tf-modules.git//app-github-runner-creator?ref=main"
-
-  app_name = local.app_name
-
-  subscription_id = data.azurerm_subscription.current.id
-
-  github_org              = local.github.org
-  github_repository       = local.github.repository
-  github_environment_name = var.env
-
-  container_app_github_runner_env_rg = local.container_app_environment.resource_group
-}
-
-resource "null_resource" "github_runner_app_permissions_to_namespace" {
-  triggers = {
-    aks_id               = data.azurerm_kubernetes_cluster.aks.id
-    service_principal_id = module.github_runner_app.client_id
-    namespace            = local.domain
-    version              = "v2"
-  }
-
-  provisioner "local-exec" {
-    command = <<EOT
-      az role assignment create --role "Azure Kubernetes Service RBAC Admin" \
-      --assignee ${self.triggers.service_principal_id} \
-      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
-
-      az role assignment list --role "Azure Kubernetes Service RBAC Admin"  \
-      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
-    EOT
-  }
-
-  provisioner "local-exec" {
-    when    = destroy
-    command = <<EOT
-      az role assignment delete --role "Azure Kubernetes Service RBAC Admin" \
-      --assignee ${self.triggers.service_principal_id} \
-      --scope ${self.triggers.aks_id}/namespaces/${self.triggers.namespace}
-    EOT
-  }
-}
-
-resource "azurerm_role_assignment" "environment_terraform_storage_account" {
-  scope                = data.azurerm_storage_account.tf_storage_account.id
-  role_definition_name = "Contributor"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_role_assignment" "environment_terraform_resource_group_apim" {
-  scope                = data.azurerm_resource_group.apim_resource_group.id
-  role_definition_name = "Contributor"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_role_assignment" "environment_terraform_resource_group_dashboards" {
-  scope                = data.azurerm_resource_group.dashboards.id
-  role_definition_name = "Contributor"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_role_assignment" "environment_key_vault" {
-  scope                = data.azurerm_key_vault.key_vault.id
-  role_definition_name = "Reader"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_role_assignment" "environment_key_vault_domain" {
-  scope                = data.azurerm_key_vault.domain_key_vault.id
-  role_definition_name = "Reader"
-  principal_id         = module.github_runner_app.object_id
-}
-
-resource "azurerm_key_vault_access_policy" "ad_kv_group_policy" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-
-  tenant_id = data.azurerm_client_config.current.tenant_id
-  object_id = module.github_runner_app.object_id
-
-  key_permissions         = []
-  secret_permissions      = ["Get", "List"]
-  storage_permissions     = []
-  certificate_permissions = []
-}
-
-resource "azurerm_key_vault_access_policy" "ad_domain_kv_group_policy" {
-  key_vault_id = data.azurerm_key_vault.domain_key_vault.id
-
-  tenant_id = data.azurerm_client_config.current.tenant_id
-  object_id = module.github_runner_app.object_id
-
-  key_permissions         = []
-  secret_permissions      = ["Get", "List"]
-  storage_permissions     = []
-  certificate_permissions = []
-}
diff --git a/.identity/03_github_environment.tf b/.identity/03_github_environment.tf
index 0f94270..8f8bad2 100644
--- a/.identity/03_github_environment.tf
+++ b/.identity/03_github_environment.tf
@@ -21,7 +21,9 @@ resource "github_repository_environment" "github_repository_environment" {
 
 locals {
   env_secrets = {
-    "CLIENT_ID" : module.github_runner_app.application_id,
+    "CD_CLIENT_ID" : data.azurerm_user_assigned_identity.identity_cd.client_id,
+    # <placeholder>
+    # "CT_CLIENT_ID" : data.azurerm_user_assigned_identity.identity_ct.client_id,
     "TENANT_ID" : data.azurerm_client_config.current.tenant_id,
     "SUBSCRIPTION_ID" : data.azurerm_subscription.current.subscription_id,
     "SUBKEY" : data.azurerm_key_vault_secret.key_vault_integration_test_subkey.value,
diff --git a/.identity/99_variables.tf b/.identity/99_variables.tf
index ee89ef7..bcc6859 100644
--- a/.identity/99_variables.tf
+++ b/.identity/99_variables.tf
@@ -22,6 +22,10 @@ locals {
   }
 }
 
+variable "location" {
+  type = string
+}
+
 variable "env" {
   type = string
 }
@@ -54,3 +58,14 @@ variable "github_repository_environment" {
     reviewers_teams        = ["pagopa-team-core"]
   }
 }
+
+variable "tags" {
+  type = map(any)
+  default = {
+    CreatedBy   = "Terraform"
+    Environment = "PROD"
+    Owner       = "pagoPA"
+    Source      = "https://github.com/pagopa/pagopa-gps-donation-service"
+    CostCenter  = "TS310 - PAGAMENTI & SERVIZI"
+  }
+}
diff --git a/.identity/env/dev/terraform.tfvars b/.identity/env/dev/terraform.tfvars
index 8ed4390..ece1ec9 100644
--- a/.identity/env/dev/terraform.tfvars
+++ b/.identity/env/dev/terraform.tfvars
@@ -1,6 +1,7 @@
 prefix    = "pagopa"
 env       = "dev"
 env_short = "d"
+location  = "westeurope"
 
 tags = {
   CreatedBy   = "Terraform"
@@ -8,4 +9,4 @@ tags = {
   Owner       = "pagoPA"
   Source      = "https://github.com/pagopa/pagopa-gps-donation-service"
   CostCenter  = "TS310 - PAGAMENTI & SERVIZI"
-}
+}
\ No newline at end of file
diff --git a/.identity/env/prod/terraform.tfvars b/.identity/env/prod/terraform.tfvars
index 703903e..b86771b 100644
--- a/.identity/env/prod/terraform.tfvars
+++ b/.identity/env/prod/terraform.tfvars
@@ -1,6 +1,7 @@
 prefix    = "pagopa"
 env       = "prod"
 env_short = "p"
+location  = "westeurope"
 
 tags = {
   CreatedBy   = "Terraform"
diff --git a/.identity/env/uat/terraform.tfvars b/.identity/env/uat/terraform.tfvars
index ee68826..7ef8b9b 100644
--- a/.identity/env/uat/terraform.tfvars
+++ b/.identity/env/uat/terraform.tfvars
@@ -1,6 +1,7 @@
 prefix    = "pagopa"
 env       = "uat"
 env_short = "u"
+location  = "westeurope"
 
 tags = {
   CreatedBy   = "Terraform"
@@ -8,4 +9,4 @@ tags = {
   Owner       = "pagoPA"
   Source      = "https://github.com/pagopa/pagopa-gps-donation-service"
   CostCenter  = "TS310 - PAGAMENTI & SERVIZI"
-}
+}
\ No newline at end of file
diff --git a/helm/Chart.lock b/helm/Chart.lock
new file mode 100644
index 0000000..7b1c528
--- /dev/null
+++ b/helm/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: microservice-chart
+  repository: https://pagopa.github.io/aks-microservice-chart-blueprint
+  version: 2.4.0
+digest: sha256:db3f9abdcf9a458c7dc3ae6f5ace7292293cbf05a4ca398c4173807f9d14c561
+generated: "2024-04-11T12:46:51.133864+02:00"
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
index 76219e0..13cac07 100644
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: pagopa-gps-donation-service
 description: Microservice to handle Donations for GPS
 type: application
-version: 1.19.0
-appVersion: 1.1.4
+version: 1.18.0
+appVersion: 1.1.2-5-PAGOPA-1668
 dependencies:
   - name: microservice-chart
     version: 2.4.0
diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml
index b455f46..7d157b7 100644
--- a/helm/values-dev.yaml
+++ b/helm/values-dev.yaml
@@ -4,7 +4,7 @@ microservice-chart:
   fullnameOverride: ""
   image:
     repository: ghcr.io/pagopa/pagopa-gps-donation-service
-    tag: "1.1.4"
+    tag: "1.1.2-5-PAGOPA-1668" #improve
     pullPolicy: Always
   livenessProbe:
     httpGet:
diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml
index f93f199..3fee964 100644
--- a/helm/values-prod.yaml
+++ b/helm/values-prod.yaml
@@ -4,7 +4,7 @@ microservice-chart:
   fullnameOverride: ""
   image:
     repository: ghcr.io/pagopa/pagopa-gps-donation-service
-    tag: "1.1.4"
+    tag: "1.1.2-5-PAGOPA-1668" #improve
     pullPolicy: Always
   livenessProbe:
     httpGet:
@@ -44,15 +44,15 @@ microservice-chart:
     allowPrivilegeEscalation: false
   resources:
     requests:
-      memory: "512Mi"
-      cpu: "0.5"
+      memory: "256Mi"
+      cpu: "0.25"
     limits:
-      memory: "768Mi"
+      memory: "512Mi"
       cpu: "0.5"
   autoscaling:
     enable: true
     minReplica: 1
-    maxReplica: 10
+    maxReplica: 3
     pollingInterval: 30 # seconds
     cooldownPeriod: 60 # seconds
     triggers:
diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml
index 7b9a92a..c6cae62 100644
--- a/helm/values-uat.yaml
+++ b/helm/values-uat.yaml
@@ -4,7 +4,7 @@ microservice-chart:
   fullnameOverride: ""
   image:
     repository: ghcr.io/pagopa/pagopa-gps-donation-service
-    tag: "1.1.4"
+    tag: "1.1.2-5-PAGOPA-1668" #improve
     pullPolicy: Always
   livenessProbe:
     httpGet:
diff --git a/package.json b/package.json
index 1812386..af27771 100644
--- a/package.json
+++ b/package.json
@@ -3,7 +3,7 @@
   "description": "Donation Service",
   "author": "pagoPa tech",
   "repository": "https://github.com/pagopa/pagopa-gps-donation-service",
-  "version": "1.1.4",
+  "version": "1.1.2-5-PAGOPA-1668",
   "license": "MIT",
   "scripts": {
     "build": "tsc",