diff --git a/.github/actions/deploy/action.yml b/.github/actions/deploy/action.yml
new file mode 100644
index 000000000..6e787ad00
--- /dev/null
+++ b/.github/actions/deploy/action.yml
@@ -0,0 +1,32 @@
+name: Deploy to environment
+description: Copy image to ECR and deploy CDK
+inputs:
+  env:
+    description: 'Environment for deployment'
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Fetch history for all branches and tags
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Login to GitHub Container Registry
+      uses: docker/login-action@v3.2.0
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Configure utility AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: arn:aws:iam::505953557276:role/ludos-gh-actions-ecr-push-role
+        aws-region: eu-west-1
+
+    - name: 05-deploy.sh
+      working-directory: ./
+      shell: bash
+      run: ./deploy-scripts/05-deploy-${{ inputs.env }}.sh
\ No newline at end of file
diff --git a/.github/workflows/build_dev.yml b/.github/workflows/build_dev.yml
index 62ef0ff33..34a1da5a1 100644
--- a/.github/workflows/build_dev.yml
+++ b/.github/workflows/build_dev.yml
@@ -73,4 +73,15 @@ jobs:
     steps:
       - uses: actions/checkout@v4.1.7
       - name: Run 04-lint.sh
-        run: ./deploy-scripts/04-lint.sh
\ No newline at end of file
+        run: ./deploy-scripts/04-lint.sh
+
+  deploy:
+    name: '05-deploy.sh'
+    permissions:
+      packages: read
+    runs-on: "ubuntu-22.04"
+    steps:
+      - name: Deploy
+        uses: ./.github/actions/deploy
+        with:
+          env: 'dev'
\ No newline at end of file
diff --git a/deploy-scripts/05-deploy-dev.sh b/deploy-scripts/05-deploy-dev.sh
new file mode 100755
index 000000000..44a3795c6
--- /dev/null
+++ b/deploy-scripts/05-deploy-dev.sh
@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+set -o errexit -o nounset -o pipefail
+
+# shellcheck source=../scripts/common-functions.sh
+source "$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/../scripts/common-functions.sh"
+
+# shellcheck source=./deploy-functions.sh
+source "$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/deploy-functions.sh"
+
+function main() {
+  parse_env_from_script_name 05-deploy
+  setup
+
+  start_gh_actions_group "Deploying to ${ENV}"
+  upload_image_to_ecr
+}
+
+function upload_image_to_ecr() {
+  require_built_image
+
+  docker tag "${github_image_tag}" "${ecr_image_tag}"
+  docker push "${ecr_image_tag}"
+}
+
+function setup() {
+  cd "${repo}"
+  require_command docker
+  require_docker_compose
+  configure_aws_credentials
+  get_ecr_login_credentials
+}
+
+function get_ecr_login_credentials() {
+  aws --profile oph-ludos-utility \
+  ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin 505953557276.dkr.ecr.eu-west-1.amazonaws.com
+}
+
+main "$@"
\ No newline at end of file
diff --git a/deploy-scripts/deploy-functions.sh b/deploy-scripts/deploy-functions.sh
index 777d80717..34f9d9da2 100755
--- a/deploy-scripts/deploy-functions.sh
+++ b/deploy-scripts/deploy-functions.sh
@@ -27,10 +27,10 @@ function image_exists_locally {
 }
 
 function require_built_image {
-  if image_exists_locally "$image_tag"; then
-    info "$image_tag already exists locally"
+  if image_exists_locally "${github_image_tag}"; then
+    info "${github_image_tag} already exists locally"
   else
-    info "Pulling $image_tag because it does not exist locally"
-    docker pull "$image_tag"
+    info "Pulling ${github_image_tag} because it does not exist locally"
+    docker pull "${github_image_tag}"
   fi
 }