diff --git a/aws-account-setup/imports.tf b/aws-account-setup/imports.tf
deleted file mode 100644
index 79c6863..0000000
--- a/aws-account-setup/imports.tf
+++ /dev/null
@@ -1,125 +0,0 @@
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role.giantswarm_capa_controller_role
-  id       = "giantswarm-${each.value.name}-capa-controller"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_capa_controller_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-capa-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_capa_controller_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-capa-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map_no_byovpc
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_capa_controller_vpc_policy[0]
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-capa-controller-vpc-policy"
-}
-
-import {
-  for_each = local.mc_account_map_no_byovpc
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_capa_controller_vpc_policy_attachment[0]
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-capa-controller-vpc-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_dns_controller_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-dns-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_dns_controller_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-dns-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_eks_controller_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-eks-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_eks_controller_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-eks-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_iam_controller_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-iam-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_iam_controller_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-iam-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_irsa_controller_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-irsa-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_irsa_controller_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-irsa-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_network_topology_controller_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-network-topology-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_network_topology_controller_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-network-topology-controller-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_resolver_rules_operator_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-resolver-rules-operator-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_resolver_rules_operator_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-resolver-rules-operator-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_mc_bootstrap_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-mc-bootstrap-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_mc_bootstrap_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-mc-bootstrap-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_policy.giantswarm_crossplane_policy
-  id       = "arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-crossplane-policy"
-}
-
-import {
-  for_each = local.mc_account_map
-  to       = module.capa_controller_role[each.key].aws_iam_role_policy_attachment.giantswarm_crossplane_policy_attachment
-  id       = "giantswarm-${each.value.name}-capa-controller/arn:${each.value.aws_account.aws_partition}:iam::${each.value.aws_account.account_id}:policy/giantswarm-${each.value.name}-crossplane-policy"
-}
diff --git a/aws-account-setup/main.tf b/aws-account-setup/main.tf
deleted file mode 100644
index 1ada79f..0000000
--- a/aws-account-setup/main.tf
+++ /dev/null
@@ -1,95 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source  = "opentofu/aws"
-      version = "5.81.0"
-    }
-  }
-}
-
-locals {
-  gs_user_accounts_map = {
-    "aws" = "084190472784"
-    "aws-cn" = "306934455918"
-  }
-
-  workspace_partition_map = {
-    "default" = "aws"
-    "china" = "aws-cn"
-  }
-
-  mc_account_flat = flatten([
-    for mc_name, mc in var.management_clusters : [
-      for account in mc.aws_account : {
-        name = mc_name
-        aws_account = account
-        oidc_provider_domain = mc.oidc_provider_domain
-      } if local.workspace_partition_map[terraform.workspace] == account.aws_partition
-    ]
-  ])
-
-  mc_account_map = {
-    for i in local.mc_account_flat : "${i.name}-${i.aws_account.account_id}" => i
-  }
-
-  mc_account_map_no_byovpc = {
-    for i in local.mc_account_flat : "${i.name}-${i.aws_account.account_id}" => i if !i.aws_account.byovpc
-  }
-
-  aws_account_list = distinct([
-    for mc in local.mc_account_flat : {
-      account_id = mc.aws_account.account_id
-      aws_partition = mc.aws_account.aws_partition
-    }
-  ])
-
-  aws_account_map = {
-    for account in local.aws_account_list : account.account_id => account.aws_partition
-  }
-}
-
-provider "aws" {
-  alias = "main"
-  region = "eu-west-1" # Irrelevant as we are only creating IAM stuff
-  for_each = local.aws_account_map
-  profile = each.value == "aws" ? var.aws_profile : var.aws_cn_profile
-
-  assume_role {
-    role_arn = "arn:${each.value}:iam::${each.key}:role/GiantSwarmAdmin"
-  }
-
-  allowed_account_ids = [each.key]
-
-  ignore_tags {
-    keys = ["maintainer", "owner", "repo"]
-  }
-}
-
-# module "gs_admin_role" {
-#   source = "../admin-role"
-#   for_each = local.aws_account_map
-#   providers = {
-#     aws = aws.main[each.key]
-#   }
-
-#   gs_user_account = local.gs_user_accounts_map[each.value]
-#   aws_partition = each.value
-# }
-
-module "capa_controller_role" {
-  source = "../capa-controller-role"
-  for_each = local.mc_account_map
-  providers = {
-    aws = aws.main[each.value.aws_account.account_id]
-  }
-
-  installation_name = each.value.name
-  management_cluster_oidc_provider_domain = each.value.oidc_provider_domain
-  byovpc = each.value.aws_account.byovpc
-  gs_user_account = local.gs_user_accounts_map[each.value.aws_account.aws_partition]
-  aws_partition = each.value.aws_account.aws_partition
-
-  # TBD
-  # additional_policies = each.value.aws_account.additional_policies
-  # additional_policies_arns = each.value.aws_account.additional_policies_arns
-}
diff --git a/aws-account-setup/outputs.tf b/aws-account-setup/outputs.tf
deleted file mode 100644
index d6055e0..0000000
--- a/aws-account-setup/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "capa_controller_roles" {
-  value = {for k, v in module.capa_controller_role : k => v}
-}
diff --git a/aws-account-setup/variables.tf b/aws-account-setup/variables.tf
deleted file mode 100644
index 2385a9b..0000000
--- a/aws-account-setup/variables.tf
+++ /dev/null
@@ -1,29 +0,0 @@
-variable "management_clusters" {
-  type = map(object({
-    aws_account = list(object({
-      account_id = string
-      aws_partition = optional(string, "aws")
-      byovpc = optional(bool, false)
-      additional_policies = optional(list(string), [])
-      additional_policies_arns = optional(list(string), [])
-    })),
-    oidc_provider_domain = string
-  }))
-
-  validation {
-    condition = alltrue(flatten([for name, m in var.management_clusters : [for a in m.aws_account : can(regex("^aws(-cn)?$", a.aws_partition))]]))
-    error_message = "The only AWS partitions supported are `aws` and `aws-cn`"
-  }
-}
-
-variable "aws_profile" {
-  type = string
-  description = "AWS CLI profile to use for initializing the AWS provider. This profile will be used to assume the GiantSwarmAdmin IAM role in each account."
-  default = "giantswarm"
-}
-
-variable "aws_cn_profile" {
-  type = string
-  description = "AWS CLI profile to use for initializing the AWS provider in the aws-cn (China) partition. This profile will be used to assume the GiantSwarmAdmin IAM role in each account."
-  default = "giantswarm-cn"
-}