diff --git a/.github/workflows/ci-petclinic.yml b/.github/workflows/ci-petclinic-eks.yaml
similarity index 59%
rename from .github/workflows/ci-petclinic.yml
rename to .github/workflows/ci-petclinic-eks.yaml
index 507566c01..1f090a6c8 100644
--- a/.github/workflows/ci-petclinic.yml
+++ b/.github/workflows/ci-petclinic-eks.yaml
@@ -1,25 +1,26 @@
 name: CI - Petclinic EKS
 
-# 워크플로우 전체에서 Git push 허용
 permissions:
-  contents: write
+  contents: read
 
 on:
   push:
-    branches: [ "main" ]
+    branches: ["main"]
   pull_request:
-    branches: [ "main" ]
+    branches: ["main"]
+
+concurrency:
+  group: ci-${{ github.ref }}
+  cancel-in-progress: true
 
-# 공통 ENV
 env:
   AWS_REGION: ${{ vars.AWS_REGION || 'ap-northeast-2' }}
   ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY || 'eks/petclinic' }}
 
 jobs:
-  # 1) Maven 빌드 + 테스트
+  # 1) Maven 빌드 + 테스트 (PR 포함)
   build-test:
     runs-on: ubuntu-latest
-
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -27,9 +28,9 @@ jobs:
       - name: Set up JDK
         uses: actions/setup-java@v4
         with:
-          distribution: 'temurin'
-          java-version: '25'
-          cache: 'maven'
+          distribution: temurin
+          java-version: "25"
+          cache: maven
 
       - name: Maven build & test
         run: |
@@ -38,18 +39,21 @@ jobs:
           else
             mvn -B clean test package
           fi
-      - name: Archive built JAR (optional)
+
+      - name: Archive built JAR
         uses: actions/upload-artifact@v4
         with:
           name: petclinic-jar
           path: target/*.jar
 
-  # 2) Docker 이미지 빌드 + ECR Push + k8s manifest 이미지 태그/앱 버전 업데이트
+  # 2) Docker 이미지 빌드 + ECR Push + k8s manifest 이미지 태그/앱 버전 업데이트 (main push만)
   build-and-push-image:
     needs: build-test
     runs-on: ubuntu-latest
 
-    # 이 job에서 git push도 해야 하므로 contents: write 설정
+    # PR에서는 push/commit 금지 + github-actions bot 커밋으로 재트리거 방지
+    if: github.event_name != 'pull_request' && github.actor != 'github-actions[bot]'
+
     permissions:
       id-token: write
       contents: write
@@ -58,6 +62,13 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: "25"
+          cache: maven
+
       - name: Configure AWS credentials (OIDC / Assume Role)
         uses: aws-actions/configure-aws-credentials@v4
         with:
@@ -67,74 +78,80 @@ jobs:
       - name: Login to Amazon ECR
         id: ecr-login
         uses: aws-actions/amazon-ecr-login@v2
+
       - name: Set image tag
-        id: vars
         run: |
           SHORT_SHA=${GITHUB_SHA::7}
           echo "IMAGE_TAG=${SHORT_SHA}" >> "$GITHUB_ENV"
           echo "IMAGE_TAG=${SHORT_SHA}"
+
       - name: Read base version from pom.xml
         run: |
-          POM_VERSION=$(./mvnw -q \
-            -Dexpression=project.version \
-            -DforceStdout help:evaluate)
+          if [ -x "./mvnw" ]; then
+            POM_VERSION=$(./mvnw -q -Dexpression=project.version -DforceStdout help:evaluate)
+          else
+            POM_VERSION=$(mvn -q -Dexpression=project.version -DforceStdout help:evaluate)
+          fi
           echo "POM_VERSION=${POM_VERSION}"
-
-          # -SNAPSHOT suffix 제거
           BASE_VERSION=${POM_VERSION%-SNAPSHOT}
-          echo "BASE_VERSION=${BASE_VERSION}"
-          echo "BASE_VERSION=${BASE_VERSION}" >> $GITHUB_ENV
+          echo "BASE_VERSION=${BASE_VERSION}" >> "$GITHUB_ENV"
+
       - name: Build APP_VERSION (base + image tag)
         run: |
           APP_VERSION="A-${BASE_VERSION}-${IMAGE_TAG}"
-
+          echo "APP_VERSION=${APP_VERSION}" >> "$GITHUB_ENV"
           echo "APP_VERSION=${APP_VERSION}"
-          echo "APP_VERSION=${APP_VERSION}" >> $GITHUB_ENV
+
       - name: Update application version property
         run: |
           sed -i "s/^app.version=.*/app.version=${APP_VERSION}/" src/main/resources/application.properties
-      
+
+      - name: Build image URI
+        run: |
+          ECR_REGISTRY="${{ steps.ecr-login.outputs.registry }}"
+          IMAGE_URI="${ECR_REGISTRY}/${{ env.ECR_REPOSITORY }}:${IMAGE_TAG}"
+          IMAGE_BASE="${ECR_REGISTRY}/${{ env.ECR_REPOSITORY }}"
+          echo "IMAGE_URI=${IMAGE_URI}" >> "$GITHUB_ENV"
+          echo "IMAGE_BASE=${IMAGE_BASE}" >> "$GITHUB_ENV"
+          echo "IMAGE_URI=${IMAGE_URI}"
+
       - name: Build Docker image
         env:
           DOCKER_BUILDKIT: 1
         run: |
-          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
-          IMAGE_URI="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:${IMAGE_TAG}"
-          echo "Building image: $IMAGE_URI"
           docker build -t "$IMAGE_URI" .
+
       - name: Push Docker image
         run: |
-          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
-          IMAGE_URI="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:${IMAGE_TAG}"
           docker push "$IMAGE_URI"
+
       - name: Tag image as latest (only on main)
         if: github.ref == 'refs/heads/main'
         run: |
-          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
-          IMAGE_BASE="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}"
           docker tag "${IMAGE_BASE}:${IMAGE_TAG}" "${IMAGE_BASE}:latest"
           docker push "${IMAGE_BASE}:latest"
-      # app.version 업데이트 (commit/push는 아래에서 한 번에)
+
       - name: Update Kubernetes manifest image tag (only on main)
         if: github.ref == 'refs/heads/main'
         env:
-          YAML_PATH: k8s/20-petclinic-Deployments-postgre.yaml
+          YAML_PATH: k8s/aws/20-petclinic-Deployments-postgre.yaml
         run: |
-          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
-          IMAGE_BASE="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}"
-          NEW_IMAGE="${IMAGE_BASE}:${IMAGE_TAG}"
-          echo "New image: $NEW_IMAGE"
-          echo "Updating $YAML_PATH"
-          sed -i "s#^\(\s*image:\s*\).*#\1${NEW_IMAGE}#" "$YAML_PATH"
-      # 위 두 파일을 한 번에 commit & push
+          test -f "$YAML_PATH" || (echo "Missing manifest: $YAML_PATH" && exit 1)
+          echo "Updating $YAML_PATH -> ${IMAGE_URI}"
+          grep -n "image:" "$YAML_PATH" || (echo "No image field found in $YAML_PATH" && exit 1)
+          sed -i "s#^\(\s*image:\s*\).*#\1${IMAGE_URI}#" "$YAML_PATH"
+
       - name: Commit and push changes (only on main)
         if: github.ref == 'refs/heads/main'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           git config user.name  "github-actions"
           git config user.email "github-actions@github.com"
-          git status
-          git add src/main/resources/application.properties k8s/20-petclinic-Deployments-postgre.yaml
-          git commit -m "chore: update petclinic image to ${APP_VERSION}" || echo "No changes to commit"
+          git add src/main/resources/application.properties k8s/aws/20-petclinic-Deployments-postgre.yaml
+
+          if git diff --cached --quiet; then
+            echo "No changes to commit"
+            exit 0
+          fi
+
+          git commit -m "chore: update petclinic image to ${APP_VERSION} [skip ci]"
           git push
diff --git a/k8s/10-petclinic-configMap.yaml b/k8s/10-petclinic-configMap.yaml
deleted file mode 100644
index 010bd6652..000000000
--- a/k8s/10-petclinic-configMap.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: petclinic-db-config
-  namespace: petclinic-ns
-data:
-
-  SPRING_DATASOURCE_URL: "jdbc:postgresql://finalproj-dev-postgres.ctxvni2x7reb.ap-northeast-2.rds.amazonaws.com:5432/petclinic"
-
-  SPRING_DATASOURCE_DRIVER_CLASS_NAME: "org.postgresql.Driver"
-
-  # Hikari Pool Settings (그대로 사용)
-#  SPRING_DATASOURCE_HIKARI_MAXIMUM_POOL_SIZE: "20"
-#  SPRING_DATASOURCE_HIKARI_MINIMUM_IDLE: "5"
-#  SPRING_DATASOURCE_HIKARI_IDLE_TIMEOUT: "600000"
-#  SPRING_DATASOURCE_HIKARI_CONNECTION_TIMEOUT: "30000"
-#  SPRING_DATASOURCE_HIKARI_VALIDATION_TIMEOUT: "5000"
diff --git a/k8s/00-petclinic-ns.yaml b/k8s/aws/00-petclinic-ns.yaml
similarity index 100%
rename from k8s/00-petclinic-ns.yaml
rename to k8s/aws/00-petclinic-ns.yaml
diff --git a/k8s/01-petclinic-sa.yaml b/k8s/aws/01-petclinic-sa.yaml
similarity index 100%
rename from k8s/01-petclinic-sa.yaml
rename to k8s/aws/01-petclinic-sa.yaml
diff --git a/k8s/11-petclinic-secret-es.yaml b/k8s/aws/11-petclinic-secret-es.yaml
similarity index 100%
rename from k8s/11-petclinic-secret-es.yaml
rename to k8s/aws/11-petclinic-secret-es.yaml
diff --git a/k8s/12-petclinic-clustersecretstore.yaml b/k8s/aws/12-petclinic-clustersecretstore.yaml
similarity index 100%
rename from k8s/12-petclinic-clustersecretstore.yaml
rename to k8s/aws/12-petclinic-clustersecretstore.yaml
diff --git a/k8s/20-petclinic-Deployments-postgre.yaml b/k8s/aws/20-petclinic-Deployments-postgre.yaml
similarity index 98%
rename from k8s/20-petclinic-Deployments-postgre.yaml
rename to k8s/aws/20-petclinic-Deployments-postgre.yaml
index e983cc54a..4103e10ab 100644
--- a/k8s/20-petclinic-Deployments-postgre.yaml
+++ b/k8s/aws/20-petclinic-Deployments-postgre.yaml
@@ -29,7 +29,7 @@ spec:
 
       containers:
         - name: petclinic-container
-          image: 723926525504.dkr.ecr.ap-northeast-2.amazonaws.com/eks/petclinic:abf222f
+          image: 723926525504.dkr.ecr.ap-northeast-2.amazonaws.com/eks/petclinic:e6690f6
 
           # DB 설정은 ConfigMap / Secret에서 그대로 가져오기
           envFrom:
diff --git a/k8s/30-petclinic-service.yaml b/k8s/aws/30-petclinic-service.yaml
similarity index 100%
rename from k8s/30-petclinic-service.yaml
rename to k8s/aws/30-petclinic-service.yaml
diff --git a/k8s/31-petclinic-ingress.yaml b/k8s/aws/31-petclinic-ingress.yaml
similarity index 100%
rename from k8s/31-petclinic-ingress.yaml
rename to k8s/aws/31-petclinic-ingress.yaml