diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
deleted file mode 100644
index ac0e541e..00000000
--- a/.github/scripts/requirements.txt
+++ /dev/null
@@ -1 +0,0 @@
-semver~=3.0.1
\ No newline at end of file
diff --git a/.github/scripts/upgrade-awscli-version.py b/.github/scripts/upgrade-awscli-version.py
deleted file mode 100644
index 4e616163..00000000
--- a/.github/scripts/upgrade-awscli-version.py
+++ /dev/null
@@ -1,25 +0,0 @@
-import subprocess
-import semver
-
-# pull the data from dockerhub
-data = subprocess.Popen(('curl', '-L', '-s', 'https://registry.hub.docker.com/v2/repositories/amazon/aws-cli/tags?page_size=100'), stdout=subprocess.PIPE)
-# query for only tags
-tagbytes = subprocess.check_output(('jq', '.results[].name'), stdin=data.stdout)
-data.wait()
-
-tags = tagbytes.decode("utf-8").replace('"','').split('\n')
-# trusting that tags are coming back in order from newest to oldest
-# we could go through all tags that come but I trust this assumption
-# some tags are 'latest' and 'amd64', so not valid semver. we skip these.
-latest_version = ''
-for tag in tags:
-  try:
-    semver.VersionInfo.parse(tag)
-    latest_version = tag
-    break
-  except ValueError:
-    continue
-
-# sed Dockerfile with new version
-# if its the same version, then no changes should happen
-subprocess.Popen(('sed', '-i', '', '-e', "/amazon\\/aws-cli:/s/:.*/:%s/"%(latest_version), 'layer/Dockerfile'), stdout=subprocess.PIPE)
\ No newline at end of file
diff --git a/.github/workflows/custom-upgrade-awscli-v2-main.yml b/.github/workflows/custom-upgrade-awscli-v2-main.yml
index 0a6c2836..e2172506 100644
--- a/.github/workflows/custom-upgrade-awscli-v2-main.yml
+++ b/.github/workflows/custom-upgrade-awscli-v2-main.yml
@@ -2,7 +2,8 @@ name: custom-upgrade-awscli-v2-main
 on:
   workflow_dispatch: {}
   schedule:
-    - cron: 0 0 * * *
+    # run the upgrade weekly
+    - cron: 0 0 * * 5
 jobs:
   upgrade:
     name: Upgrade
@@ -13,20 +14,15 @@ jobs:
       patch_created: ${{ steps.create_patch.outputs.patch_created }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: awscli-v2/main
-      - name: Change permissions on /var/run/docker.sock
-        run: sudo chown superchain /var/run/docker.sock
-      - name: Install dependencies
-        run: yarn install --check-files --frozen-lockfile
-      - name: Install Python Script Dependencies
-        run: |
-          sudo apt update
-          sudo apt install -y jq
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.x"
       - name: Check for awscli version upgrades
-        run: | 
-          cd .github/scripts
+        working-directory: ./.github/scripts
+        run: |
           python3 -m venv .venv
           . .venv/bin/activate
           pip install -r requirements.txt
@@ -35,16 +31,13 @@ jobs:
         name: Find mutations
         run: |-
           git add .
-          git diff --staged --patch --exit-code > .repo.patch || echo "::set-output name=patch_created::true"
+          git diff --staged --patch --exit-code > repo.patch || echo "patch_created=true" >> $GITHUB_OUTPUT
       - if: steps.create_patch.outputs.patch_created
         name: Upload patch
         uses: actions/upload-artifact@v4.4.0
         with:
-          name: .repo.patch
-          path: .repo.patch
-    container:
-      image: jsii/superchain:1-buster-slim-node18
-      options: --group-add sudo
+          name: repo.patch
+          path: repo.patch
   pr:
     name: Create Pull Request
     needs: upgrade
@@ -55,35 +48,36 @@ jobs:
     if: ${{ needs.upgrade.outputs.patch_created }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PROJEN_GITHUB_TOKEN }}
           ref: awscli-v2/main
       - name: Download patch
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
-          name: .repo.patch
+          name: repo.patch
           path: ${{ runner.temp }}
       - name: Apply patch
-        run: '[ -s ${{ runner.temp }}/.repo.patch ] && git apply ${{ runner.temp }}/.repo.patch || echo "Empty patch. Skipping."'
+        run: '[ -s ${{ runner.temp }}/repo.patch ] && git apply ${{ runner.temp }}/repo.patch || echo "Empty patch. Skipping."'
       - name: Set git identity
         run: |-
           git config user.name "github-actions"
           git config user.email "github-actions@github.com"
       - name: Create Pull Request
         id: create-pr
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v7
         with:
           token: ${{ secrets.PROJEN_GITHUB_TOKEN }}
           commit-message: |-
-            chore(deps): upgrade dependencies
-            Upgrades project dependencies. See details in [workflow run].
+            fix(deps): upgrade AWS CLI dependency
+            Upgrades AWS CLI dependency. See details in [workflow run].
             [Workflow Run]: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
+          base: awscli-v2/main
           branch: github-actions/upgrade-awscli-v2-main
-          title: "chore(deps): upgrade aws-cli dependency"
+          title: "fix(deps): upgrade AWS CLI dependency"
           labels: auto-approve
           body: |-
-            Upgrades project dependencies. See details in [workflow run].
+            Upgrades AWS CLI dependency. See details in [workflow run].
             [Workflow Run]: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
           author: github-actions <github-actions@github.com>
           committer: github-actions <github-actions@github.com>