diff --git a/.github/workflows/_integration-tests.yaml b/.github/workflows/_integration-tests.yaml
index a81df748..8f138685 100644
--- a/.github/workflows/_integration-tests.yaml
+++ b/.github/workflows/_integration-tests.yaml
@@ -72,21 +72,19 @@ jobs:
           . ./set-tf-envs.sh
           terraform -chdir=../tf init
           terraform -chdir=../tf apply -auto-approve
-          echo "SUBACC_ID=$(cat ../tf/subaccount_id.txt)" >> $GITHUB_ENV
+          echo "SUBACC_ID=$(terraform -chdir=../tf output -raw subaccount_id)" >> $GITHUB_ENV
         env:
           BTP_ENV: ${{ secrets.BTP_INTEGRATION_TEST }}
-          TF_VAR_BTP_SUBACCOUNT: docker-registry-test-${{ github.run_id }}-${{ github.run_attempt }}
+          TF_VAR_BTP_NEW_SUBACCOUNT_NAME: docker-registry-test-${{ github.run_id }}-${{ github.run_attempt }}
 
       - name: Generate access
         run: |
           sudo ln -sf bash /bin/sh
           . ./set-tf-envs.sh
           mkdir -p tmp
-          make headless-kubeconfig
           CLUSTERROLE=cluster-admin make service-account-kubeconfig
         env:
           BTP_ENV: ${{ secrets.BTP_INTEGRATION_TEST }}
-          TF_VAR_BTP_SUBACCOUNT: btp-test-${{ github.run_id }}-${{ github.run_attempt }}
 
       - name: Add bindings
         run: |
@@ -97,7 +95,6 @@ jobs:
           KUBECONFIG=tmp/sa-kubeconfig.yaml OPERATOR_MANIFEST=../../../dockerregistry-operator.yaml make enable_docker_registry
         env:
           BTP_ENV: ${{ secrets.BTP_INTEGRATION_TEST }}
-          TF_VAR_BTP_SUBACCOUNT: btp-test-${{ github.run_id }}-${{ github.run_attempt }}
           IMG: ${{ inputs.image }}
 
       - name: Test if docker registry is working
diff --git a/tests/btp/README.md b/tests/btp/README.md
index 1b206e77..c26ffe58 100644
--- a/tests/btp/README.md
+++ b/tests/btp/README.md
@@ -11,12 +11,8 @@ Export the following environment variables:
 TF_VAR_BTP_BOT_USER=
 TF_VAR_BTP_BOT_PASSWORD=
 TF_VAR_BTP_GLOBAL_ACCOUNT=
-TF_VAR_BTP_BACKEND_URL=https://cpcli.cf.sap.hana.ondemand.com
 TF_VAR_BTP_CUSTOM_IAS_TENANT=
-TF_VAR_BTP_CUSTOM_IAS_DOMAIN=accounts400.ondemand.com
-TF_VAR_BTP_KYMA_PLAN=gcp
-TF_VAR_BTP_SA_REGION=us31
-TF_VAR_BTP_KYMA_REGION=us-central1
+
 TF_VAR_BTP_PROVIDER_SUBACCOUNT_ID=
 ```
 
diff --git a/tests/btp/hack/Makefile b/tests/btp/hack/Makefile
index fcb99a87..36dc7ff6 100644
--- a/tests/btp/hack/Makefile
+++ b/tests/btp/hack/Makefile
@@ -1,27 +1,7 @@
-.PHONY: headless-kubeconfig
-headless-kubeconfig:
-	pwd
-	ls -la
-	( \
-	set -e -o pipefail ;\
-	curl -s -o tmp/kubeconfig.yaml $$(cat ../tf/kubeconfig_url.txt) ;\
-	ISSUER=$$(cat ../tf/binding_credentials.json | jq  -r '. | { clientid, url: (.url+ "/oauth2/token")  }' ) ;\
-	TOKEN=$$(curl -X POST  $$(jq -r '. | .url' <<< $$ISSUER) \
-	-H 'Content-Type: application/x-www-form-urlencoded' \
-	-d 'grant_type=password' \
-	-d 'username='"$$TF_VAR_BTP_BOT_USER" \
-	-d 'password='"$$TF_VAR_BTP_BOT_PASSWORD" \
-	-d 'client_id='$$(jq -r '. | .clientid' <<< $$ISSUER) \
-	-d 'scope=groups, email' \
-	| jq -r '.id_token' ) ;\
-	echo "i got $$(jq -r '. | .clientid' <<< $$ISSUER)" ;\
-	../bin/kyma alpha oidc --kubeconfig=tmp/kubeconfig.yaml --output=tmp/headless-kubeconfig.yaml --token=$$TOKEN ;\
-	)
-
 .PHONY: service-account-kubeconfig
 service-account-kubeconfig:
 	@echo "Generating expiring service-account based kubeconfig..."
-	../bin/kyma alpha access --clusterrole ${CLUSTERROLE} --kubeconfig tmp/headless-kubeconfig.yaml --name ci-workflow-sa --time 1h --output tmp/sa-kubeconfig.yaml
+	../bin/kyma alpha access --clusterrole ${CLUSTERROLE} --kubeconfig ../tf/kubeconfig.yaml --name ci-workflow-sa --time 1h --output tmp/sa-kubeconfig.yaml
 	@echo "Service-account based kubeconfig generated"
 
 .PHONY: docker_push_simple_app
diff --git a/tests/btp/tf/kyma.tf b/tests/btp/tf/kyma.tf
deleted file mode 100644
index c25b28d7..00000000
--- a/tests/btp/tf/kyma.tf
+++ /dev/null
@@ -1,58 +0,0 @@
-
-
-resource "btp_subaccount_entitlement" "kyma" {
-  subaccount_id = btp_subaccount.subaccount.id
-  service_name  = "kymaruntime"
-  plan_name     = var.BTP_KYMA_PLAN
-  amount        = 1
-}
-
-resource "btp_subaccount_environment_instance" "kyma" {
-  subaccount_id    = btp_subaccount.subaccount.id
-  name             = "${var.BTP_SUBACCOUNT}-kyma"
-  environment_type = "kyma"
-  service_name     = btp_subaccount_entitlement.kyma.service_name
-  plan_name        = btp_subaccount_entitlement.kyma.plan_name
-  parameters = jsonencode({
-    modules = {
-      list = [
-        {
-          name    = "api-gateway"
-          channel = "fast"
-        },
-        {
-          name    = "istio"
-          channel = "fast"
-        },
-        {
-          name    = "btp-operator"
-          channel = "fast"
-        }
-      ]
-    }
-    oidc = {
-      groupsClaim    = "groups"
-      signingAlgs    = ["RS256"]
-      usernameClaim  = "sub"
-      usernamePrefix = "-"
-      clientID       = jsondecode(btp_subaccount_service_binding.identity_application_binding.credentials).clientid
-      issuerURL      = "https://${var.BTP_CUSTOM_IAS_TENANT}.${var.BTP_CUSTOM_IAS_DOMAIN}"
-    }
-    name   = "${var.BTP_SUBACCOUNT}-kyma"
-    region = var.BTP_KYMA_REGION
-    administrators = [
-      var.BTP_BOT_USER
-    ]
-  })
-  timeouts = {
-    create = "40m"
-    update = "30m"
-    delete = "60m"
-  }
-}
-
-
-resource "local_file" "kubeconfig_url" {
-  content  = jsondecode(btp_subaccount_environment_instance.kyma.labels).KubeconfigURL
-  filename = "kubeconfig_url.txt"
-}
diff --git a/tests/btp/tf/main.tf b/tests/btp/tf/main.tf
new file mode 100644
index 00000000..7bb9e523
--- /dev/null
+++ b/tests/btp/tf/main.tf
@@ -0,0 +1,51 @@
+terraform {
+  required_providers {
+    btp = {
+      source  = "SAP/btp"
+      version = "1.6.0"
+    }
+    jq = {
+      source  = "massdriver-cloud/jq"
+    }
+    http = {
+      source = "hashicorp/http"
+      version = "3.4.4"
+    }
+  }
+}
+
+provider "jq" {}
+provider "http" {}
+
+provider "btp" {
+  globalaccount = var.BTP_GLOBAL_ACCOUNT
+  cli_server_url = var.BTP_BACKEND_URL
+  idp            = var.BTP_CUSTOM_IAS_TENANT
+  username = var.BTP_BOT_USER
+  password = var.BTP_BOT_PASSWORD
+}
+
+module "kyma" {
+  source = "github.com/kyma-project/terraform-module"
+  BTP_NEW_SUBACCOUNT_NAME = var.BTP_NEW_SUBACCOUNT_NAME
+  BTP_CUSTOM_IAS_TENANT = var.BTP_CUSTOM_IAS_TENANT
+  BTP_BOT_USER = var.BTP_BOT_USER
+  BTP_BOT_PASSWORD = var.BTP_BOT_PASSWORD
+  BTP_PROVIDER_SUBACCOUNT_ID = var.BTP_PROVIDER_SUBACCOUNT_ID
+}
+
+resource "local_file" "provider_sm" {
+  content  = <<EOT
+clientid=${module.kyma.custom_service_manager_credentials.clientid}
+clientsecret=${module.kyma.custom_service_manager_credentials.clientsecret}
+sm_url=${module.kyma.custom_service_manager_credentials.sm_url}
+tokenurl=${module.kyma.custom_service_manager_credentials.url}
+tokenurlsuffix=/oauth/token
+EOT
+  filename = "provider-sm-decoded.env"
+}
+
+
+output "subaccount_id" {
+  value = module.kyma.subaccount_id
+}
diff --git a/tests/btp/tf/oidc.tf b/tests/btp/tf/oidc.tf
deleted file mode 100644
index 8a0010dd..00000000
--- a/tests/btp/tf/oidc.tf
+++ /dev/null
@@ -1,95 +0,0 @@
-resource "btp_subaccount_entitlement" "identity" {
-  subaccount_id = btp_subaccount.subaccount.id
-  service_name  = "identity"
-  plan_name     = "application"
-}
-
-# custom idp
-resource "btp_subaccount_trust_configuration" "custom_idp" {
-  subaccount_id     = btp_subaccount.subaccount.id
-  identity_provider = "${var.BTP_CUSTOM_IAS_TENANT}.${var.BTP_CUSTOM_IAS_DOMAIN}"
-  name              = "${var.BTP_SUBACCOUNT}-${var.BTP_CUSTOM_IAS_TENANT}"
-  depends_on        = [btp_subaccount_entitlement.identity]
-}
-
-data "btp_subaccount_service_plan" "identity_application" {
-  depends_on    = [btp_subaccount_entitlement.identity]
-  subaccount_id = btp_subaccount.subaccount.id
-  offering_name = "identity"
-  name          = "application"
-}
-
-resource "btp_subaccount_service_instance" "identity_application" {
-  depends_on     = [btp_subaccount_trust_configuration.custom_idp]
-  subaccount_id  = btp_subaccount.subaccount.id
-  name           = "${var.BTP_SUBACCOUNT}-${var.BTP_CUSTOM_IAS_TENANT}-oidc-app"
-  serviceplan_id = data.btp_subaccount_service_plan.identity_application.id
-  parameters = jsonencode({
-    user-access = "public"
-    oauth2-configuration = {
-      grant-types = [
-        "authorization_code",
-        "authorization_code_pkce_s256",
-        "password",
-        "refresh_token"
-      ],
-      token-policy = {
-        token-validity              = 3600,
-        refresh-validity            = 15552000,
-        refresh-usage-after-renewal = "off",
-        refresh-parallel            = 3,
-        access-token-format         = "default"
-      },
-      public-client = true,
-      redirect-uris = [
-        "https://dashboard.kyma.cloud.sap",
-        "https://dashboard.dev.kyma.cloud.sap",
-        "https://dashboard.stage.kyma.cloud.sap",
-        "http://localhost:8000"
-      ]
-    },
-    subject-name-identifier = {
-      attribute          = "mail",
-      fallback-attribute = "none"
-    },
-    default-attributes = null,
-    assertion-attributes = {
-      email      = "mail",
-      groups     = "companyGroups",
-      first_name = "firstName",
-      last_name  = "lastName",
-      login_name = "loginName",
-      mail       = "mail",
-      scope      = "companyGroups",
-      user_uuid  = "userUuid",
-      locale     = "language"
-    },
-    name         = "${var.BTP_SUBACCOUNT}-${var.BTP_CUSTOM_IAS_TENANT}-oidc-app",
-    display-name = "${var.BTP_SUBACCOUNT}-${var.BTP_CUSTOM_IAS_TENANT}-oidc-app"
-  })
-}
-
-resource "btp_subaccount_service_binding" "identity_application_binding" {
-  subaccount_id       = btp_subaccount.subaccount.id
-  name                = "${var.BTP_SUBACCOUNT}-${var.BTP_CUSTOM_IAS_TENANT}-oidc-app-binding"
-  service_instance_id = btp_subaccount_service_instance.identity_application.id
-  parameters = jsonencode({
-    credential-type = "X509_GENERATED"
-    key-length      = 4096
-    validity        = 1
-    validity-type   = "DAYS"
-    app-identifier  = "kymaruntime"
-  })
-}
-
-locals {
-  identity_credentials = jsondecode(btp_subaccount_service_binding.identity_application_binding.credentials)
-}
-
-resource "local_file" "binding_credentials" {
-  content = jsonencode({
-    clientid = local.identity_credentials.clientid
-    url      = local.identity_credentials.url
-  })
-  filename = "binding_credentials.json"
-}
diff --git a/tests/btp/tf/provider-sm.tf b/tests/btp/tf/provider-sm.tf
deleted file mode 100644
index 340462dc..00000000
--- a/tests/btp/tf/provider-sm.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-data "btp_subaccount_service_binding" "provider_sm" {
-  subaccount_id = var.BTP_PROVIDER_SUBACCOUNT_ID
-  name          = "provider-sm-binding"
-}
-
-
-locals {
-  provider_credentials = jsondecode(data.btp_subaccount_service_binding.provider_sm.credentials)
-}
-
-resource "local_file" "provider_sm" {
-  content  = <<EOT
-clientid=${local.provider_credentials.clientid}
-clientsecret=${local.provider_credentials.clientsecret}
-sm_url=${local.provider_credentials.sm_url}
-tokenurl=${local.provider_credentials.url}
-tokenurlsuffix=/oauth/token
-EOT
-  filename = "provider-sm-decoded.env"
-}
diff --git a/tests/btp/tf/provider.tf b/tests/btp/tf/provider.tf
deleted file mode 100644
index 018fc570..00000000
--- a/tests/btp/tf/provider.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_providers {
-    btp = {
-      source  = "SAP/btp"
-      version = "1.5.0"
-    }
-  }
-}
-
-provider "btp" {
-  globalaccount  = var.BTP_GLOBAL_ACCOUNT
-  cli_server_url = var.BTP_BACKEND_URL
-  username       = var.BTP_BOT_USER
-  password       = var.BTP_BOT_PASSWORD
-  idp            = "${var.BTP_CUSTOM_IAS_TENANT}.${var.BTP_CUSTOM_IAS_DOMAIN}"
-}
diff --git a/tests/btp/tf/subaccount.tf b/tests/btp/tf/subaccount.tf
deleted file mode 100644
index 38aac70c..00000000
--- a/tests/btp/tf/subaccount.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-resource "btp_subaccount" "subaccount" {
-  name      = var.BTP_SUBACCOUNT
-  region    = var.BTP_SA_REGION
-  subdomain = var.BTP_SUBACCOUNT
-}
-
-resource "local_file" "subaccount_id" {
-  content  = btp_subaccount.subaccount.id
-  filename = "subaccount_id.txt"
-}
diff --git a/tests/btp/tf/variables.tf b/tests/btp/tf/variables.tf
index 1fdbb1bd..34a1cd8d 100644
--- a/tests/btp/tf/variables.tf
+++ b/tests/btp/tf/variables.tf
@@ -22,10 +22,10 @@ variable "BTP_BOT_PASSWORD" {
 variable "BTP_BACKEND_URL" {
   type        = string
   description = "BTP backend URL"
-  default     = "https://cpcli.cf.sap.hana.ondemand.com"
+  default     = "https://cli.btp.cloud.sap"
 }
 
-variable "BTP_SUBACCOUNT" {
+variable "BTP_NEW_SUBACCOUNT_NAME" {
   type        = string
   description = "Subaccount name"
   default     = "subaccount-name"
@@ -34,13 +34,13 @@ variable "BTP_SUBACCOUNT" {
 variable "BTP_KYMA_PLAN" {
   type        = string
   description = "Plan name"
-  default     = "gcp"
+  default     = "azure"
 }
 
-variable "BTP_SA_REGION" {
+variable "BTP_NEW_SUBACCOUNT_REGION" {
   type        = string
   description = "Region name"
-  default     = "us31"
+  default     = "eu20"
 }
 
 variable "BTP_CUSTOM_IAS_TENANT" {
@@ -52,17 +52,16 @@ variable "BTP_CUSTOM_IAS_TENANT" {
 variable "BTP_CUSTOM_IAS_DOMAIN" {
   type        = string
   description = "Custom IAS domain"
-  default     = "accounts400.ondemand.com"
+  default     = "accounts.ondemand.com"
 }
 
 variable "BTP_KYMA_REGION" {
   type        = string
   description = "Kyma region"
-  default     = "us-central1"
+  default     = "westeurope"
 }
 
 variable "BTP_PROVIDER_SUBACCOUNT_ID" {
   type        = string
   description = "Subaccount ID"
-  default     = "subaccount-id"
 }