diff --git a/.env b/.env
index b28ba9d..9c74710 100644
--- a/.env
+++ b/.env
@@ -1 +1 @@
-REGISTRY_API_DOMAIN=https://qa-libraryregistry.librarysimplified.org/admin
+REGISTRY_API_DOMAIN=https://libraryregistry.librarysimplified.org/admin
diff --git a/.github/workflows/release-prod.yml b/.github/workflows/release-prod.yml
index 93f1d4d..70c78e2 100644
--- a/.github/workflows/release-prod.yml
+++ b/.github/workflows/release-prod.yml
@@ -1,10 +1,13 @@
-# On merge to production, build a container and deploy to ECR
+# On merge to production, build a container and deploy to ECR and ECS on `nypl` account
 name: Publish to production environment
 
 on:
   pull_request:
     branches: [production]
-    types: [closed]
+  
+permissions:
+  id-token: write
+  contents: read
 
 jobs:
   publish_qa:
@@ -17,10 +20,9 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
+        uses: aws-actions/configure-aws-credentials@v2
         with:
-          aws-access-key-id: ${{ secrets.NYPL_AWS_ACCESS_KEY }}
-          aws-secret-access-key: ${{ secrets.NYPL_AWS_SECRET_KEY }}
+          role-to-assume: arn:aws:iam::463786892988:role/GithubActionsDeployerRole
           aws-region: us-east-1
 
       - name: Login to Amazon ECR
diff --git a/.github/workflows/release-qa.yml b/.github/workflows/release-qa.yml
index d833eea..a3660f4 100644
--- a/.github/workflows/release-qa.yml
+++ b/.github/workflows/release-qa.yml
@@ -1,3 +1,4 @@
+# Note: No AWS QA environment at the moment.
 # On merge to master, build a container and deploy to ECR
 name: Publish to QA environment