From c7dc957823344d8a5c6c271b92302ac0d2a0a3e2 Mon Sep 17 00:00:00 2001
From: Alireza Rezvani <reza.rezvani73@googlemail.com>
Date: Fri, 30 Jan 2026 02:42:08 +0100
Subject: [PATCH] fix(skill): restructure aws-solution-architect for better
 organization (#61) (#114)

Complete restructure based on AI Agent Skills Benchmark feedback (original score: 66/100):

## Directory Reorganization
- Moved Python scripts to scripts/ directory
- Moved sample files to assets/ directory
- Created references/ directory with extracted content
- Removed HOW_TO_USE.md (integrated into SKILL.md)
- Removed __pycache__

## New Reference Files (3 files)
- architecture_patterns.md: 6 AWS patterns (serverless, microservices, three-tier,
  data processing, GraphQL, multi-region) with diagrams, cost breakdowns, pros/cons
- service_selection.md: Decision matrices for compute, database, storage, messaging,
  networking, security services with code examples
- best_practices.md: Serverless design, cost optimization, security hardening,
  scalability patterns, common pitfalls

## SKILL.md Rewrite
- Reduced from 345 lines to 307 lines (moved patterns to references/)
- Added trigger phrases to description ("design serverless architecture",
  "create CloudFormation templates", "optimize AWS costs")
- Structured around 6-step workflow instead of encyclopedia format
- Added Quick Start examples (MVP, Scaling, Cost Optimization, IaC)
- Removed marketing language ("Expert", "comprehensive")
- Consistent imperative voice throughout

## Structure Changes
- scripts/: architecture_designer.py, cost_optimizer.py, serverless_stack.py
- references/: architecture_patterns.md, service_selection.md, best_practices.md
- assets/: sample_input.json, expected_output.json

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../aws-solution-architect/HOW_TO_USE.md      | 308 ---------
 .../aws-solution-architect/SKILL.md           | 598 ++++++++---------
 .../architecture_designer.cpython-313.pyc     | Bin 24143 -> 0 bytes
 .../cost_optimizer.cpython-313.pyc            | Bin 15008 -> 0 bytes
 .../serverless_stack.cpython-313.pyc          | Bin 19901 -> 0 bytes
 .../{ => assets}/expected_output.json         |   0
 .../{ => assets}/sample_input.json            |   0
 .../references/architecture_patterns.md       | 535 +++++++++++++++
 .../references/best_practices.md              | 631 ++++++++++++++++++
 .../references/service_selection.md           | 484 ++++++++++++++
 .../{ => scripts}/architecture_designer.py    |   0
 .../{ => scripts}/cost_optimizer.py           |   0
 .../{ => scripts}/serverless_stack.py         |   0
 13 files changed, 1930 insertions(+), 626 deletions(-)
 delete mode 100644 engineering-team/aws-solution-architect/HOW_TO_USE.md
 delete mode 100644 engineering-team/aws-solution-architect/__pycache__/architecture_designer.cpython-313.pyc
 delete mode 100644 engineering-team/aws-solution-architect/__pycache__/cost_optimizer.cpython-313.pyc
 delete mode 100644 engineering-team/aws-solution-architect/__pycache__/serverless_stack.cpython-313.pyc
 rename engineering-team/aws-solution-architect/{ => assets}/expected_output.json (100%)
 rename engineering-team/aws-solution-architect/{ => assets}/sample_input.json (100%)
 create mode 100644 engineering-team/aws-solution-architect/references/architecture_patterns.md
 create mode 100644 engineering-team/aws-solution-architect/references/best_practices.md
 create mode 100644 engineering-team/aws-solution-architect/references/service_selection.md
 rename engineering-team/aws-solution-architect/{ => scripts}/architecture_designer.py (100%)
 rename engineering-team/aws-solution-architect/{ => scripts}/cost_optimizer.py (100%)
 rename engineering-team/aws-solution-architect/{ => scripts}/serverless_stack.py (100%)

diff --git a/engineering-team/aws-solution-architect/HOW_TO_USE.md b/engineering-team/aws-solution-architect/HOW_TO_USE.md
deleted file mode 100644
index 59dbb9f..0000000
--- a/engineering-team/aws-solution-architect/HOW_TO_USE.md
+++ /dev/null
@@ -1,308 +0,0 @@
-# How to Use This Skill
-
-Hey Claude—I just added the "aws-solution-architect" skill. Can you design a scalable serverless architecture for my startup?
-
-## Example Invocations
-
-**Example 1: Serverless Web Application**
-```
-Hey Claude—I just added the "aws-solution-architect" skill. Can you design a serverless architecture for a SaaS platform with 10k users, including API, database, and authentication?
-```
-
-**Example 2: Microservices Architecture**
-```
-Hey Claude—I just added the "aws-solution-architect" skill. Can you design an event-driven microservices architecture using Lambda, EventBridge, and DynamoDB for an e-commerce platform?
-```
-
-**Example 3: Cost Optimization**
-```
-Hey Claude—I just added the "aws-solution-architect" skill. Can you analyze my current AWS setup and recommend ways to reduce costs by 30%? I'm currently spending $2000/month.
-```
-
-**Example 4: Infrastructure as Code**
-```
-Hey Claude—I just added the "aws-solution-architect" skill. Can you generate a CloudFormation template for a three-tier web application with auto-scaling and RDS?
-```
-
-**Example 5: Mobile Backend**
-```
-Hey Claude—I just added the "aws-solution-architect" skill. Can you design a scalable mobile backend using AppSync GraphQL, Cognito, and DynamoDB?
-```
-
-**Example 6: Data Pipeline**
-```
-Hey Claude—I just added the "aws-solution-architect" skill. Can you design a real-time data processing pipeline using Kinesis for analytics on IoT sensor data?
-```
-
-## What to Provide
-
-Depending on your needs, provide:
-
-### For Architecture Design:
-- **Application type**: Web app, mobile backend, data pipeline, microservices, SaaS
-- **Expected scale**: Number of users, requests per second, data volume
-- **Budget**: Monthly AWS spend limit or constraints
-- **Team context**: Team size, AWS experience level
-- **Requirements**: Authentication, real-time features, compliance needs (GDPR, HIPAA)
-- **Geographic scope**: Single region, multi-region, global
-
-### For Cost Optimization:
-- **Current monthly spend**: Total AWS bill
-- **Resource inventory**: List of EC2, RDS, S3, etc. resources
-- **Utilization metrics**: CPU, memory, storage usage
-- **Budget target**: Desired monthly spend or savings percentage
-
-### For Infrastructure as Code:
-- **Template type**: CloudFormation, CDK (TypeScript/Python), or Terraform
-- **Services needed**: Compute, database, storage, networking
-- **Environment**: dev, staging, production configurations
-
-## What You'll Get
-
-Based on your request, you'll receive:
-
-### Architecture Designs:
-- **Pattern recommendation** with service selection
-- **Architecture diagram** description (visual representation)
-- **Service configuration** details
-- **Cost estimates** with monthly breakdown
-- **Pros/cons** analysis
-- **Scaling characteristics** and limitations
-
-### Infrastructure as Code:
-- **CloudFormation templates** (YAML) - production-ready
-- **AWS CDK stacks** (TypeScript) - modern, type-safe
-- **Terraform configurations** (HCL) - multi-cloud compatible
-- **Deployment instructions** and prerequisites
-- **Security best practices** built-in
-
-### Cost Optimization:
-- **Current spend analysis** by service
-- **Specific recommendations** with savings potential
-- **Priority actions** (high/medium/low)
-- **Implementation checklist** with timelines
-- **Long-term optimization** strategies
-
-### Best Practices:
-- **Security hardening** checklist
-- **Scalability patterns** and anti-patterns
-- **Monitoring setup** recommendations
-- **Disaster recovery** procedures
-- **Compliance guidance** (GDPR, HIPAA, SOC 2)
-
-## Common Use Cases
-
-### 1. MVP/Startup Launch
-**Ask for:** "Serverless architecture for MVP with minimal costs"
-
-**You'll get:**
-- Amplify or Lambda + API Gateway + DynamoDB stack
-- Cognito authentication setup
-- S3 + CloudFront for frontend
-- Cost estimate: $20-100/month
-- Fast deployment (1-3 days)
-
-### 2. Scaling Existing Application
-**Ask for:** "Migrate from single server to scalable AWS architecture"
-
-**You'll get:**
-- Migration strategy (phased approach)
-- Modern three-tier or containerized architecture
-- Load balancing and auto-scaling configuration
-- Database migration plan (DMS)
-- Zero-downtime deployment strategy
-
-### 3. Cost Reduction
-**Ask for:** "Analyze and optimize my $5000/month AWS bill"
-
-**You'll get:**
-- Service-by-service cost breakdown
-- Right-sizing recommendations
-- Savings Plans/Reserved Instance opportunities
-- Storage lifecycle optimizations
-- Estimated savings: 20-40%
-
-### 4. Compliance Requirements
-**Ask for:** "HIPAA-compliant architecture for healthcare application"
-
-**You'll get:**
-- Compliant service selection (BAA-eligible only)
-- Encryption configuration (at rest and in transit)
-- Audit logging setup (CloudTrail, Config)
-- Network isolation (VPC private subnets)
-- Access control (IAM policies)
-
-### 5. Global Deployment
-**Ask for:** "Multi-region architecture for global users"
-
-**You'll get:**
-- Route 53 geolocation routing
-- DynamoDB Global Tables or Aurora Global
-- CloudFront edge caching
-- Disaster recovery and failover
-- Cross-region cost considerations
-
-## Prerequisites
-
-### For Using Generated Templates:
-
-**AWS Account**:
-- Active AWS account with appropriate permissions
-- IAM user or role with admin access (for initial setup)
-- Billing alerts enabled
-
-**Tools Required**:
-```bash
-# AWS CLI
-brew install awscli  # macOS
-aws configure
-
-# For CloudFormation
-# (AWS CLI includes CloudFormation)
-
-# For AWS CDK
-npm install -g aws-cdk
-cdk --version
-
-# For Terraform
-brew install terraform  # macOS
-terraform --version
-```
-
-**Knowledge**:
-- Basic AWS concepts (VPC, IAM, EC2, S3)
-- Command line proficiency
-- Git for version control
-
-## Deployment Steps
-
-### CloudFormation:
-```bash
-# Validate template
-aws cloudformation validate-template --template-body file://template.yaml
-
-# Deploy stack
-aws cloudformation create-stack \
-  --stack-name my-app-stack \
-  --template-body file://template.yaml \
-  --parameters ParameterKey=Environment,ParameterValue=dev \
-  --capabilities CAPABILITY_IAM
-
-# Monitor deployment
-aws cloudformation describe-stacks --stack-name my-app-stack
-```
-
-### AWS CDK:
-```bash
-# Initialize project
-cdk init app --language=typescript
-
-# Install dependencies
-npm install
-
-# Deploy stack
-cdk deploy
-
-# View outputs
-cdk outputs
-```
-
-### Terraform:
-```bash
-# Initialize
-terraform init
-
-# Plan deployment
-terraform plan
-
-# Apply changes
-terraform apply
-
-# View outputs
-terraform output
-```
-
-## Best Practices Tips
-
-### 1. Start Small, Scale Gradually
-- Begin with serverless to minimize costs
-- Add managed services as you grow
-- Avoid over-engineering for hypothetical scale
-
-### 2. Enable Monitoring from Day One
-- Set up CloudWatch dashboards
-- Configure alarms for critical metrics
-- Enable AWS Cost Explorer
-- Create budget alerts
-
-### 3. Infrastructure as Code Always
-- Version control all infrastructure
-- Use separate accounts for dev/staging/prod
-- Implement CI/CD for infrastructure changes
-- Document architecture decisions
-
-### 4. Security First
-- Enable MFA on root and admin accounts
-- Use IAM roles, never long-term credentials
-- Encrypt everything (S3, RDS, EBS)
-- Regular security audits (AWS Security Hub)
-
-### 5. Cost Management
-- Tag all resources for cost allocation
-- Review bills weekly
-- Delete unused resources promptly
-- Use Savings Plans for predictable workloads
-
-## Troubleshooting
-
-### Common Issues:
-
-**"Access Denied" errors:**
-- Check IAM permissions for your user/role
-- Ensure service-linked roles exist
-- Verify resource policies (S3, KMS)
-
-**High costs unexpectedly:**
-- Check for undeleted resources (EC2, RDS snapshots)
-- Review NAT Gateway data transfer
-- Check CloudWatch Logs retention
-- Look for unauthorized usage
-
-**Deployment failures:**
-- Validate templates before deploying
-- Check service quotas (limits)
-- Verify VPC/subnet configuration
-- Review CloudFormation/Terraform error messages
-
-**Performance issues:**
-- Enable CloudWatch metrics and X-Ray
-- Check database connection pooling
-- Review Lambda cold starts (use provisioned concurrency)
-- Optimize database queries and indexes
-
-## Additional Resources
-
-- **AWS Well-Architected Framework**: https://aws.amazon.com/architecture/well-architected/
-- **AWS Architecture Center**: https://aws.amazon.com/architecture/
-- **Serverless Land**: https://serverlessland.com/
-- **AWS Pricing Calculator**: https://calculator.aws/
-- **AWS Free Tier**: https://aws.amazon.com/free/
-- **AWS Startups**: https://aws.amazon.com/startups/
-
-## Tips for Best Results
-
-1. **Be specific** about scale and budget constraints
-2. **Mention team experience** level with AWS
-3. **State compliance requirements** upfront (GDPR, HIPAA, etc.)
-4. **Describe current setup** if migrating from existing infrastructure
-5. **Ask for alternatives** if you need options to compare
-6. **Request explanations** for WHY certain services are recommended
-7. **Specify IaC preference** (CloudFormation, CDK, or Terraform)
-
-## Support
-
-For AWS-specific questions:
-- AWS Support Plans (Developer, Business, Enterprise)
-- AWS re:Post community forum
-- AWS Documentation: https://docs.aws.amazon.com/
-- AWS Training: https://aws.amazon.com/training/
diff --git a/engineering-team/aws-solution-architect/SKILL.md b/engineering-team/aws-solution-architect/SKILL.md
index d4b3933..1fc1953 100644
--- a/engineering-team/aws-solution-architect/SKILL.md
+++ b/engineering-team/aws-solution-architect/SKILL.md
@@ -1,344 +1,306 @@
 ---
 name: aws-solution-architect
-description: Expert AWS solution architecture for startups focusing on serverless, scalable, and cost-effective cloud infrastructure with modern DevOps practices and infrastructure-as-code
+description: Design AWS architectures for startups using serverless patterns and IaC templates. Use when asked to design serverless architecture, create CloudFormation templates, optimize AWS costs, set up CI/CD pipelines, or migrate to AWS. Covers Lambda, API Gateway, DynamoDB, ECS, Aurora, and cost optimization.
 ---
 
-# AWS Solution Architect for Startups
+# AWS Solution Architect
 
-This skill provides comprehensive AWS architecture design expertise for startup companies, emphasizing serverless technologies, scalability, cost optimization, and modern cloud-native patterns.
+Design scalable, cost-effective AWS architectures for startups with infrastructure-as-code templates.
 
-## Capabilities
+---
 
-- **Serverless Architecture Design**: Lambda, API Gateway, DynamoDB, EventBridge, Step Functions, AppSync
-- **Infrastructure as Code**: CloudFormation, CDK (Cloud Development Kit), Terraform templates
-- **Scalable Application Architecture**: Auto-scaling, load balancing, multi-region deployment
-- **Data & Storage Solutions**: S3, RDS Aurora Serverless, DynamoDB, ElastiCache, Neptune
-- **Event-Driven Architecture**: EventBridge, SNS, SQS, Kinesis, Lambda triggers
-- **API Design**: API Gateway (REST & WebSocket), AppSync (GraphQL), rate limiting, authentication
-- **Authentication & Authorization**: Cognito, IAM, fine-grained access control, federated identity
-- **CI/CD Pipelines**: CodePipeline, CodeBuild, CodeDeploy, GitHub Actions integration
-- **Monitoring & Observability**: CloudWatch, X-Ray, CloudTrail, alarms, dashboards
-- **Cost Optimization**: Reserved instances, Savings Plans, right-sizing, budget alerts
-- **Security Best Practices**: VPC design, security groups, WAF, Secrets Manager, encryption
-- **Microservices Patterns**: Service mesh, API composition, saga patterns, CQRS
-- **Container Orchestration**: ECS Fargate, EKS (Kubernetes), App Runner
-- **Content Delivery**: CloudFront, edge locations, origin shield, caching strategies
-- **Database Migration**: DMS, schema conversion, zero-downtime migrations
+## Table of Contents
+
+- [Trigger Terms](#trigger-terms)
+- [Workflow](#workflow)
+- [Tools](#tools)
+- [Quick Start](#quick-start)
+- [Input Requirements](#input-requirements)
+- [Output Formats](#output-formats)
+
+---
+
+## Trigger Terms
+
+Use this skill when you encounter:
+
+| Category | Terms |
+|----------|-------|
+| **Architecture Design** | serverless architecture, AWS architecture, cloud design, microservices, three-tier |
+| **IaC Generation** | CloudFormation, CDK, Terraform, infrastructure as code, deploy template |
+| **Serverless** | Lambda, API Gateway, DynamoDB, Step Functions, EventBridge, AppSync |
+| **Containers** | ECS, Fargate, EKS, container orchestration, Docker on AWS |
+| **Cost Optimization** | reduce AWS costs, optimize spending, right-sizing, Savings Plans |
+| **Database** | Aurora, RDS, DynamoDB design, database migration, data modeling |
+| **Security** | IAM policies, VPC design, encryption, Cognito, WAF |
+| **CI/CD** | CodePipeline, CodeBuild, CodeDeploy, GitHub Actions AWS |
+| **Monitoring** | CloudWatch, X-Ray, observability, alarms, dashboards |
+| **Migration** | migrate to AWS, lift and shift, replatform, DMS |
+
+---
+
+## Workflow
+
+### Step 1: Gather Requirements
+
+Collect application specifications:
+
+```
+- Application type (web app, mobile backend, data pipeline, SaaS)
+- Expected users and requests per second
+- Budget constraints (monthly spend limit)
+- Team size and AWS experience level
+- Compliance requirements (GDPR, HIPAA, SOC 2)
+- Availability requirements (SLA, RPO/RTO)
+```
+
+### Step 2: Design Architecture
+
+Run the architecture designer to get pattern recommendations:
+
+```bash
+python scripts/architecture_designer.py --input requirements.json
+```
+
+Select from recommended patterns:
+- **Serverless Web**: S3 + CloudFront + API Gateway + Lambda + DynamoDB
+- **Event-Driven Microservices**: EventBridge + Lambda + SQS + Step Functions
+- **Three-Tier**: ALB + ECS Fargate + Aurora + ElastiCache
+- **GraphQL Backend**: AppSync + Lambda + DynamoDB + Cognito
+
+See `references/architecture_patterns.md` for detailed pattern specifications.
+
+### Step 3: Generate IaC Templates
+
+Create infrastructure-as-code for the selected pattern:
+
+```bash
+# Serverless stack (CloudFormation)
+python scripts/serverless_stack.py --app-name my-app --region us-east-1
+
+# Output: CloudFormation YAML template ready to deploy
+```
+
+### Step 4: Review Costs
+
+Analyze estimated costs and optimization opportunities:
+
+```bash
+python scripts/cost_optimizer.py --resources current_setup.json --monthly-spend 2000
+```
+
+Output includes:
+- Monthly cost breakdown by service
+- Right-sizing recommendations
+- Savings Plans opportunities
+- Potential monthly savings
+
+### Step 5: Deploy
+
+Deploy the generated infrastructure:
+
+```bash
+# CloudFormation
+aws cloudformation create-stack \
+  --stack-name my-app-stack \
+  --template-body file://template.yaml \
+  --capabilities CAPABILITY_IAM
+
+# CDK
+cdk deploy
+
+# Terraform
+terraform init && terraform apply
+```
+
+### Step 6: Validate
+
+Verify deployment and set up monitoring:
+
+```bash
+# Check stack status
+aws cloudformation describe-stacks --stack-name my-app-stack
+
+# Set up CloudWatch alarms
+aws cloudwatch put-metric-alarm --alarm-name high-errors ...
+```
+
+---
+
+## Tools
+
+### architecture_designer.py
+
+Generates architecture patterns based on requirements.
+
+```bash
+python scripts/architecture_designer.py --input requirements.json --output design.json
+```
+
+**Input:** JSON with app type, scale, budget, compliance needs
+**Output:** Recommended pattern, service stack, cost estimate, pros/cons
+
+### serverless_stack.py
+
+Creates serverless CloudFormation templates.
+
+```bash
+python scripts/serverless_stack.py --app-name my-app --region us-east-1
+```
+
+**Output:** Production-ready CloudFormation YAML with:
+- API Gateway + Lambda
+- DynamoDB table
+- Cognito user pool
+- IAM roles with least privilege
+- CloudWatch logging
+
+### cost_optimizer.py
+
+Analyzes costs and recommends optimizations.
+
+```bash
+python scripts/cost_optimizer.py --resources inventory.json --monthly-spend 5000
+```
+
+**Output:** Recommendations for:
+- Idle resource removal
+- Instance right-sizing
+- Reserved capacity purchases
+- Storage tier transitions
+- NAT Gateway alternatives
+
+---
+
+## Quick Start
+
+### MVP Architecture (< $100/month)
+
+```
+Ask: "Design a serverless MVP backend for a mobile app with 1000 users"
+
+Result:
+- Lambda + API Gateway for API
+- DynamoDB pay-per-request for data
+- Cognito for authentication
+- S3 + CloudFront for static assets
+- Estimated: $20-50/month
+```
+
+### Scaling Architecture ($500-2000/month)
+
+```
+Ask: "Design a scalable architecture for a SaaS platform with 50k users"
+
+Result:
+- ECS Fargate for containerized API
+- Aurora Serverless for relational data
+- ElastiCache for session caching
+- CloudFront for CDN
+- CodePipeline for CI/CD
+- Multi-AZ deployment
+```
+
+### Cost Optimization
+
+```
+Ask: "Optimize my AWS setup to reduce costs by 30%. Current spend: $3000/month"
+
+Provide: Current resource inventory (EC2, RDS, S3, etc.)
+
+Result:
+- Idle resource identification
+- Right-sizing recommendations
+- Savings Plans analysis
+- Storage lifecycle policies
+- Target savings: $900/month
+```
+
+### IaC Generation
+
+```
+Ask: "Generate CloudFormation for a three-tier web app with auto-scaling"
+
+Result:
+- VPC with public/private subnets
+- ALB with HTTPS
+- ECS Fargate with auto-scaling
+- Aurora with read replicas
+- Security groups and IAM roles
+```
+
+---
 
 ## Input Requirements
 
-Architecture design requires:
-- **Application type**: Web app, mobile backend, data pipeline, microservices, SaaS platform
-- **Traffic expectations**: Users/day, requests/second, geographic distribution
-- **Data requirements**: Storage needs, database type, backup/retention policies
-- **Budget constraints**: Monthly spend limits, cost optimization priorities
-- **Team size & expertise**: Developer count, AWS experience level, DevOps maturity
-- **Compliance needs**: GDPR, HIPAA, SOC 2, PCI-DSS, data residency
-- **Availability requirements**: SLA targets, uptime goals, disaster recovery RPO/RTO
+Provide these details for architecture design:
 
-Formats accepted:
-- Text description of application requirements
-- JSON with structured architecture specifications
-- Existing architecture diagrams or documentation
-- Current AWS resource inventory (for optimization)
+| Requirement | Description | Example |
+|-------------|-------------|---------|
+| Application type | What you're building | SaaS platform, mobile backend |
+| Expected scale | Users, requests/sec | 10k users, 100 RPS |
+| Budget | Monthly AWS limit | $500/month max |
+| Team context | Size, AWS experience | 3 devs, intermediate |
+| Compliance | Regulatory needs | HIPAA, GDPR, SOC 2 |
+| Availability | Uptime requirements | 99.9% SLA, 1hr RPO |
+
+**JSON Format:**
+
+```json
+{
+  "application_type": "saas_platform",
+  "expected_users": 10000,
+  "requests_per_second": 100,
+  "budget_monthly_usd": 500,
+  "team_size": 3,
+  "aws_experience": "intermediate",
+  "compliance": ["SOC2"],
+  "availability_sla": "99.9%"
+}
+```
+
+---
 
 ## Output Formats
 
-Results include:
-- **Architecture diagrams**: Visual representations using draw.io or Lucidchart format
-- **CloudFormation/CDK templates**: Infrastructure as Code (IaC) ready to deploy
-- **Terraform configurations**: Multi-cloud compatible infrastructure definitions
-- **Cost estimates**: Detailed monthly cost breakdown with optimization suggestions
-- **Security assessment**: Best practices checklist, compliance validation
-- **Deployment guides**: Step-by-step implementation instructions
-- **Runbooks**: Operational procedures, troubleshooting guides, disaster recovery plans
-- **Migration strategies**: Phased migration plans, rollback procedures
+### Architecture Design
 
-## How to Use
+- Pattern recommendation with rationale
+- Service stack diagram (ASCII)
+- Configuration specifications
+- Monthly cost estimate
+- Scaling characteristics
+- Trade-offs and limitations
 
-"Design a serverless API backend for a mobile app with 100k users using Lambda and DynamoDB"
-"Create a cost-optimized architecture for a SaaS platform with multi-tenancy"
-"Generate CloudFormation template for a three-tier web application with auto-scaling"
-"Design event-driven microservices architecture using EventBridge and Step Functions"
-"Optimize my current AWS setup to reduce costs by 30%"
+### IaC Templates
 
-## Scripts
+- **CloudFormation YAML**: Production-ready SAM/CFN templates
+- **CDK TypeScript**: Type-safe infrastructure code
+- **Terraform HCL**: Multi-cloud compatible configs
 
-- `architecture_designer.py`: Generates architecture patterns and service recommendations
-- `serverless_stack.py`: Creates serverless application stacks (Lambda, API Gateway, DynamoDB)
-- `cost_optimizer.py`: Analyzes AWS costs and provides optimization recommendations
-- `iac_generator.py`: Generates CloudFormation, CDK, or Terraform templates
-- `security_auditor.py`: AWS security best practices validation and compliance checks
+### Cost Analysis
 
-## Architecture Patterns
+- Current spend breakdown
+- Optimization recommendations with savings
+- Priority action list (high/medium/low)
+- Implementation checklist
 
-### 1. Serverless Web Application
-**Use Case**: SaaS platforms, mobile backends, low-traffic websites
+---
 
-**Stack**:
-- **Frontend**: S3 + CloudFront (static hosting)
-- **API**: API Gateway + Lambda
-- **Database**: DynamoDB or Aurora Serverless
-- **Auth**: Cognito
-- **CI/CD**: Amplify or CodePipeline
+## Reference Documentation
 
-**Benefits**: Zero server management, pay-per-use, auto-scaling, low operational overhead
+| Document | Contents |
+|----------|----------|
+| `references/architecture_patterns.md` | 6 patterns: serverless, microservices, three-tier, data processing, GraphQL, multi-region |
+| `references/service_selection.md` | Decision matrices for compute, database, storage, messaging |
+| `references/best_practices.md` | Serverless design, cost optimization, security hardening, scalability |
 
-**Cost**: $50-500/month for small to medium traffic
-
-### 2. Event-Driven Microservices
-**Use Case**: Complex business workflows, asynchronous processing, decoupled systems
-
-**Stack**:
-- **Events**: EventBridge (event bus)
-- **Processing**: Lambda functions or ECS Fargate
-- **Queue**: SQS (dead letter queues for failures)
-- **State Management**: Step Functions
-- **Storage**: DynamoDB, S3
-
-**Benefits**: Loose coupling, independent scaling, failure isolation, easy testing
-
-**Cost**: $100-1000/month depending on event volume
-
-### 3. Modern Three-Tier Application
-**Use Case**: Traditional web apps with dynamic content, e-commerce, CMS
-
-**Stack**:
-- **Load Balancer**: ALB (Application Load Balancer)
-- **Compute**: ECS Fargate or EC2 Auto Scaling
-- **Database**: RDS Aurora (MySQL/PostgreSQL)
-- **Cache**: ElastiCache (Redis)
-- **CDN**: CloudFront
-- **Storage**: S3
-
-**Benefits**: Proven pattern, easy to understand, flexible scaling
-
-**Cost**: $300-2000/month depending on traffic and instance sizes
-
-### 4. Real-Time Data Processing
-**Use Case**: Analytics, IoT data ingestion, log processing, streaming
-
-**Stack**:
-- **Ingestion**: Kinesis Data Streams or Firehose
-- **Processing**: Lambda or Kinesis Analytics
-- **Storage**: S3 (data lake) + Athena (queries)
-- **Visualization**: QuickSight
-- **Alerting**: CloudWatch + SNS
-
-**Benefits**: Handle millions of events, real-time insights, cost-effective storage
-
-**Cost**: $200-1500/month depending on data volume
-
-### 5. GraphQL API Backend
-**Use Case**: Mobile apps, single-page applications, flexible data queries
-
-**Stack**:
-- **API**: AppSync (managed GraphQL)
-- **Resolvers**: Lambda or direct DynamoDB integration
-- **Database**: DynamoDB
-- **Real-time**: AppSync subscriptions (WebSocket)
-- **Auth**: Cognito or API keys
-
-**Benefits**: Single endpoint, reduce over/under-fetching, real-time subscriptions
-
-**Cost**: $50-400/month for moderate usage
-
-### 6. Multi-Region High Availability
-**Use Case**: Global applications, disaster recovery, compliance requirements
-
-**Stack**:
-- **DNS**: Route 53 (geolocation routing)
-- **CDN**: CloudFront with multiple origins
-- **Compute**: Multi-region Lambda or ECS
-- **Database**: DynamoDB Global Tables or Aurora Global Database
-- **Replication**: S3 cross-region replication
-
-**Benefits**: Low latency globally, disaster recovery, data sovereignty
-
-**Cost**: 1.5-2x single region costs
-
-## Best Practices
-
-### Serverless Design Principles
-1. **Stateless functions** - Store state in DynamoDB, S3, or ElastiCache
-2. **Idempotency** - Handle retries gracefully, use unique request IDs
-3. **Cold start optimization** - Use provisioned concurrency for critical paths, optimize package size
-4. **Timeout management** - Set appropriate timeouts, use Step Functions for long processes
-5. **Error handling** - Implement retry logic, dead letter queues, exponential backoff
-
-### Cost Optimization
-1. **Right-sizing** - Start small, monitor metrics, scale based on actual usage
-2. **Reserved capacity** - Use Savings Plans or Reserved Instances for predictable workloads
-3. **S3 lifecycle policies** - Transition to cheaper storage tiers (IA, Glacier)
-4. **Lambda memory optimization** - Test different memory settings for cost/performance balance
-5. **CloudWatch log retention** - Set appropriate retention periods (7-30 days for most)
-6. **NAT Gateway alternatives** - Use VPC endpoints, consider single NAT in dev environments
-
-### Security Hardening
-1. **Principle of least privilege** - IAM roles with minimal permissions
-2. **Encryption everywhere** - At rest (KMS) and in transit (TLS/SSL)
-3. **Network isolation** - Private subnets, security groups, NACLs
-4. **Secrets management** - Use Secrets Manager or Parameter Store, never hardcode
-5. **API protection** - WAF rules, rate limiting, API keys, OAuth2
-6. **Audit logging** - CloudTrail for API calls, VPC Flow Logs for network traffic
-
-### Scalability Design
-1. **Horizontal over vertical** - Scale out with more small instances vs. larger instances
-2. **Database sharding** - Partition data by tenant, geography, or time
-3. **Read replicas** - Offload read traffic from primary database
-4. **Caching layers** - CloudFront (edge), ElastiCache (application), DAX (DynamoDB)
-5. **Async processing** - Use queues (SQS) for non-critical operations
-6. **Auto-scaling policies** - Target tracking (CPU, requests) vs. step scaling
-
-### DevOps & Reliability
-1. **Infrastructure as Code** - Version control, peer review, automated testing
-2. **Blue/Green deployments** - Zero-downtime releases, instant rollback
-3. **Canary releases** - Test new versions with small traffic percentage
-4. **Health checks** - Application-level health endpoints, graceful degradation
-5. **Chaos engineering** - Test failure scenarios, validate recovery procedures
-6. **Monitoring & alerting** - Set up CloudWatch alarms for critical metrics
-
-## Service Selection Guide
-
-### Compute
-- **Lambda**: Event-driven, short-duration tasks (<15 min), variable traffic
-- **Fargate**: Containerized apps, long-running processes, predictable traffic
-- **EC2**: Custom configurations, GPU/FPGA needs, Windows apps
-- **App Runner**: Simple container deployment from source code
-
-### Database
-- **DynamoDB**: Key-value, document store, serverless, single-digit ms latency
-- **Aurora Serverless**: Relational DB, variable workloads, auto-scaling
-- **Aurora Standard**: High-performance relational, predictable traffic
-- **RDS**: Traditional databases (MySQL, PostgreSQL, MariaDB, SQL Server)
-- **DocumentDB**: MongoDB-compatible, document store
-- **Neptune**: Graph database for connected data
-- **Timestream**: Time-series data, IoT metrics
-
-### Storage
-- **S3 Standard**: Frequent access, low latency
-- **S3 Intelligent-Tiering**: Automatic cost optimization
-- **S3 IA (Infrequent Access)**: Backups, archives (30-day minimum)
-- **S3 Glacier**: Long-term archives, compliance
-- **EFS**: Network file system, shared storage across instances
-- **EBS**: Block storage for EC2, high IOPS
-
-### Messaging & Events
-- **EventBridge**: Event bus, loosely coupled microservices
-- **SNS**: Pub/sub, fan-out notifications
-- **SQS**: Message queuing, decoupling, buffering
-- **Kinesis**: Real-time streaming data, analytics
-- **MQ**: Managed message brokers (RabbitMQ, ActiveMQ)
-
-### API & Integration
-- **API Gateway**: REST APIs, WebSocket, throttling, caching
-- **AppSync**: GraphQL APIs, real-time subscriptions
-- **AppFlow**: SaaS integration (Salesforce, Slack, etc.)
-- **Step Functions**: Workflow orchestration, state machines
-
-## Startup-Specific Considerations
-
-### MVP (Minimum Viable Product) Architecture
-**Goal**: Launch fast, minimal infrastructure
-
-**Recommended**:
-- Amplify (full-stack deployment)
-- Lambda + API Gateway + DynamoDB
-- Cognito for auth
-- CloudFront + S3 for frontend
-
-**Cost**: $20-100/month
-**Setup time**: 1-3 days
-
-### Growth Stage (Scaling to 10k-100k users)
-**Goal**: Handle growth, maintain cost efficiency
-
-**Add**:
-- ElastiCache for caching
-- Aurora Serverless for complex queries
-- CloudWatch dashboards and alarms
-- CI/CD pipeline (CodePipeline)
-- Multi-AZ deployment
-
-**Cost**: $500-2000/month
-**Migration time**: 1-2 weeks
-
-### Scale-Up (100k+ users, Series A+)
-**Goal**: Reliability, observability, global reach
-
-**Add**:
-- Multi-region deployment
-- DynamoDB Global Tables
-- Advanced monitoring (X-Ray, third-party APM)
-- WAF and Shield for DDoS protection
-- Dedicated support plan
-- Reserved instances/Savings Plans
-
-**Cost**: $3000-10000/month
-**Migration time**: 1-3 months
-
-## Common Pitfalls to Avoid
-
-### Technical Debt
-- **Over-engineering early** - Don't build for 10M users when you have 100
-- **Under-monitoring** - Set up basic monitoring from day one
-- **Ignoring costs** - Enable Cost Explorer and billing alerts immediately
-- **Single region dependency** - Plan for multi-region from start
-
-### Security Mistakes
-- **Public S3 buckets** - Use bucket policies, block public access
-- **Overly permissive IAM** - Avoid "*" permissions, use specific resources
-- **Hardcoded credentials** - Use IAM roles, Secrets Manager
-- **Unencrypted data** - Enable encryption by default
-
-### Performance Issues
-- **No caching** - Add CloudFront, ElastiCache early
-- **Inefficient queries** - Use indexes, avoid scans in DynamoDB
-- **Large Lambda packages** - Use layers, minimize dependencies
-- **N+1 queries** - Implement DataLoader pattern, batch operations
-
-### Cost Surprises
-- **Undeleted resources** - Tag everything, review regularly
-- **Data transfer costs** - Keep traffic within same AZ/region when possible
-- **NAT Gateway charges** - Use VPC endpoints for AWS services
-- **CloudWatch Logs accumulation** - Set retention policies
-
-## Compliance & Governance
-
-### Data Residency
-- Use specific regions (eu-west-1 for GDPR)
-- Enable S3 bucket replication restrictions
-- Configure Route 53 geolocation routing
-
-### HIPAA Compliance
-- Use BAA-eligible services only
-- Enable encryption at rest and in transit
-- Implement audit logging (CloudTrail)
-- Configure VPC with private subnets
-
-### SOC 2 / ISO 27001
-- Enable AWS Config for compliance rules
-- Use AWS Audit Manager
-- Implement least privilege access
-- Regular security assessments
+---
 
 ## Limitations
 
-- **Lambda limitations**: 15-minute execution limit, 10GB memory max, cold start latency
-- **API Gateway limits**: 29-second timeout, 10MB payload size
-- **DynamoDB limits**: 400KB item size, eventually consistent reads by default
-- **Regional availability**: Not all services available in all regions
-- **Vendor lock-in**: Some serverless services are AWS-specific (consider abstraction layers)
-- **Learning curve**: Requires AWS expertise, DevOps knowledge
-- **Debugging complexity**: Distributed systems harder to troubleshoot than monoliths
-
-## Helpful Resources
-
-- **AWS Well-Architected Framework**: https://aws.amazon.com/architecture/well-architected/
-- **AWS Architecture Center**: https://aws.amazon.com/architecture/
-- **Serverless Land**: https://serverlessland.com/
-- **AWS Pricing Calculator**: https://calculator.aws/
-- **AWS Cost Explorer**: Track and analyze spending
-- **AWS Trusted Advisor**: Automated best practice checks
-- **CloudFormation Templates**: https://github.com/awslabs/aws-cloudformation-templates
-- **AWS CDK Examples**: https://github.com/aws-samples/aws-cdk-examples
+- Lambda: 15-minute execution, 10GB memory max
+- API Gateway: 29-second timeout, 10MB payload
+- DynamoDB: 400KB item size, eventually consistent by default
+- Regional availability varies by service
+- Some services have AWS-specific lock-in
diff --git a/engineering-team/aws-solution-architect/__pycache__/architecture_designer.cpython-313.pyc b/engineering-team/aws-solution-architect/__pycache__/architecture_designer.cpython-313.pyc
deleted file mode 100644
index 3e95ea1611a8a39d45a0bf1e424644cd86644dad..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 24143
zcmbt+Yiu0Zm0t5rHs244Z?eQDscwngd`l!XdNiNn3@K48YBaXT?lilLWLwQ{x~f|m
zUN5jlHdx5mZ0tqiWOk7sa{fdU1Oc4~pybaEke34_0NdPzwFMjDItyg=E7Hs$MuZKL
z@7#N<x|*V9>|J7})OG8=>fUqD{mysJt<P&~y&nAi`+xkaoxb1mc>V|7*neg6$LH_k
z$B#U!NB5{jYVmtT?-uLD@0RE#@0RMN@0RIh3Z<94SN?8=UZHr}JbfOuw8Nv8eONJB
zBI?j9d1^UQD<+F&TGe)Cpo;yrH~c_VqIzs6k<ntAtgb0>%}8vglxQlh7@Gbl5z`c1
zi=}sWwNyNsNu*QCZaSV#Y9a5EmeTZSMl%X4*o$T|nw~P0&8VTp6%>f>?Ija2QCQc$
zlTGLvYRecQ?+fZppwudzPsB1-=}N-LSS8`qzEyd5kJ^eR14UNpLMpo(6a5y~B6;)q
z2!8y?^PxvC!T=SkMS6)^te2`KdYM|Pm#bxZg<7sxsug;bTB&>0D!qE!8>qJG!}%U<
z?C)tWXdakCKMf_l<?gVd7}>qOw4Tx8A*=qewi$7~ja9ds-b^I5$YwP55aVOjVu+%V
zy~LiDOr$icb~h2z({dOMtJa7{jmTayn%PS0yH-siopJ6y@!Sd2Se21TD!QvhB9=E2
z5#x;CHIc}7veBe`QXh$IC3GW0Eu_+TToH-H(=qz-U|}{AUR$&3R`1R(uPj7n!*lN~
z+?ls(=ffM}$lCJS!picU1*>*-d2ao#y0HHK^4x-I)vDpJ8d+NjZ!F$jU$ttM?{4Jp
z&P5_d22&S{U|RLWW)|}uiRg_Ou+M20tl{WmBWR?PS(>k)BTB>0F9=mc2$iOX_V)EE
zl;Rf}bi;?s?|S~U^paWE`@JRe+`#wlm@U5Vt-3DF7k+0&@3Bi22!gXprXUh$3BreE
zAC`YuF;PqzCyHrhe7h6^QFbaFYXj+3Z=_f7bnhGKl{~%rjr1y>Uh_t}m#5dhkzUQy
z>)uGO;pz2nq}THF2BbIQZR+@4lf0|vcg^yyf#0>@?wtEw<v29*r{~osy>+`e&|<ZO
zT`FLnYXD7u(Sku^!{SysttedUyI@UQHSXJ()HkTf<0-}eq?10+@Y%Xwv~DkCdMf`&
z%h_7$z9;GAcuVdQwbYf{Y3(h!%hYmLZt4sFdrR&LwbGTFdjDm)t5mNmw=J2Tx71y&
z*0^$)e?{H3!yZ@eim%9BSMZjVcJA%^Km%jm<y0b*h$a(EQywQWJ8oqMP4Cvu-mt!H
z%y<?2xgX3Zq^(Ii>-$P9oytTLsYGg<DpE2~p+ibWk8W)xVnfPiHomQ8h7>Im3wf;u
zm+FjAPQ4m^v+A^u_OSVA@kkb`(n$OT=EZ8J7BwRSeW~dY13OSEu9L>Fnna~gkEzT~
zavz1_i7y}~R#ire?nVr}*bACjs}7neLUrp2Efv$O%1v!Mk;0y3d9j~iONvrz4OiJz
zDzd$KCs1XTpvP7vx+=Ojh^q99yuQMQ^#DD&Oivo}^+i&e7B}<|k^{w7si7sebRTXE
z5>1R_FXe}t$B<>9vb)b(cp>|7D-}Gz<$Io&b)NQt<2HY;&3_oUc6j~HQQO@orGLBD
z?74K@6Uz034u@}k+H%yh_@wktDmzWz@Ud?^=NmtqSpMnQk?#(rDz3b9pQ=Ya%OWr8
zZ4czy1J5oWeCMcr8nxEBa^C#3<EUpv<Wz=^m64n>a?tf$KT>8XvD@tOA9oGqx`v*8
z>-qXo*R3a||FyE6t81%V*8nL}F=q|qO=uWsc0T_lQh(&R?^(yq=|8pT8j_-G9(wMq
z>3lA=c%})@8~Af)rRASb%AfsjD_`O&@2sY`l&Agb)L%jUr=HQRS~~NA(?62&Q-5Ds
zzRXp=_Ecfqer5S`SNZzCLiq|;dD`kv{S~zTrQ;u{WRJY-Hhw%4DCTjZTgimHC`QsF
z6_88iaINKFQb0_JINg}l@CJ&xcG2ne6Af6viKo9?<k4$ztJ9F`b##FUc>-1X2>qs&
zZgoM|=#Ml#sToFu!#&r|X!Q~(1GtT3c63dPWD?L#ZlGgzM0T^uOd_H~)udCWpSh|&
z1sppg+9N>XNL)|g-$)^hJoT^;R5nHkM!GxkNs&H|S21YWNrltn3|B$Uh#Wa<{7g0U
z<%LKm8YV7KP7R)#h96x2{`JGITSwKm%=+fz`o3I!-_!d?^_R@n&g0gpT<g?P>&#)p
zjM;eZxUoOi*#Gp=QDcxlyq0UdcGP<Pu;Ka%<-L+?y>iq#b=WX<Qrq~0Z+`!qhdrUA
z+K}1YdfYsgYaTmlo;a+Tkk39&AJqo=qw!qx_)+uZVa?>P@hEjvJH$%`a?OFG=F5jQ
zmtU59TH21ACvwdbN6l9bYp!r5R-n8{Zn*NI*M?CBsG<UZsDKqJz=B#8Dp9@oADg>c
ztJb|mxzz`;Wa>O>!+5dUs5Yt1p)y{oMLnmUS6kIKwO!WJp?0cWYPZ^>_R17Ry`c7~
zKDA#RkST+qGPFazI`wBSQuU(hR|D!L^|Cso21Dg)C{#S`QHSpp;W~1!NF7zj)NyqJ
z^-YE<`#pgx%%?hQK*1U)fCy4#Laf7;=>al@^EMTmUd$$w``myOOQ~?>^A*fAJuP!6
zyU|p1n;V5}LXAdM#Ws?RAtjl9tYp&4t`<*ZcWr1v-7;Xa;`!?PYsTw(bzHfu%q7#=
z_@WMAzy?)rwb=QTowSi5kiwhZPNp}bNo8*S4y%(D1vj%W;WDi4_QuAVDze40Mkc+h
z#M8S#ILtQ}jqPZ`In=JFlgf@3g(g7z8X%4m!!uMLD6y)H@rbC)YK>8Uwx~amI80k^
zK0z&56*BuLB~}IL1Q^*?#a>q5gRN-Q0_tofwzDv;k(afE*OrwfnAwk``*_8b=<a4b
z%KFw9)D49mNz+qexojpKG-5z^sclwi=V3i_>22VRv~nM<DQoF;5@xQ>i@&Gs8yr`$
z1`hHFat#Z(#rh^k$CTAs#h->TzDt17G3hb#G@JqE9UZ|W5;`*iWdxfN95z|C(QIZX
zttS|N3(E_Ina+^Sx^2}a`8z~*wcWJ7Z`H|LG@+%lfL`<auyoV&v+VMnw0dtvA!SGn
zi&xx>?gs(sf)XDpdwL>9wbrkNzZO|rSdXkP+`Es#VLfZ<L@E<Zq=Hm4Co!Pc_Z2M_
z-Arn6cK*Fp6*n<`pHmG=G=n@w22)rAo1S{gmAzF?Bb?o{y!pIVg&a^ez(<tc724b8
zIEXtbczt$Z0V0$f-isQ><Fp>fJR0d3Ksb7zev}|NV%;|5p{y>3#jC35Af{>K?#3GH
z8HEUEbtM{$VP_gr#z!zN`v$tag<kKV*Iq);kv*DRt7La8YBgliASDO^C!{QOk`Wgs
z=)1K~HP2x)Ta#o3>kdPBb|GkSa6o&>^geMk3Z!>eSxRJB3of^_n|84|FhWRemW2{A
zB6<LWDX}fCJsMI#8vt%^579fuv)o`nFUt+Q1;o8<Gn+`ptr{)$D1imS`5+P?zFLS%
zDS;?imG;~N%omKYRT@jg;;*YlM}ioM`|AAb%E{oE_(h2m{3k=Ac+9#-f{;{XRQwn)
zO`)xOMwuLWsH}$X2Ux{uaFU(|$}MkRi&*7ixxKD-EkYfz)T7_W#VS_EKPk4VU6zPd
zwW({-hw=2|RG^Ht+&N3boue_cS1C-SM3SVGwXb1;r&CayV26~)JCMiybXLKvvW~^5
zks&20CWZqYC_f_KSl8{uHjKDOkgq7@Hj&v^HusTnD+(YID5bTZ1eKSG>KO&h6NGqQ
z@sEy-1SdyEc8vf#_dZ4&4JOmEhv){i0x4kw^V(*1n<h|kR2L+}*f%oTu0b=sm()ID
zgDYB8=hj~=3)sZFP8v;WeYsf}tZMY35>(LaLso+;|2;G^GQxWD0^}EiO(rEO)2XKc
zXvlh!Ya`;&aMBo)S`JzSdM5r!rBx#v;|!Wr4azB|C-~B~Dp5rw1{GpeQs<y<4OpGf
zU|ifIG3*UiDa6!(Sfx{j)oNEB+llH?n5H_kcOqs0Q*ukN1C=FXSsG3^T%>yRn-B~a
z^wOtDP)5(hSMIXdh6<qBB2`lk2nTdk?&+R3JKs0k?%<~~YW6Oj3{0BitETVvtBTUW
z^RFr@yPICNc$6z<@7zg$$P6r-f#7i<oC}0Moy`Rn5B*DrOAihQKQIHU=A|pIs>`X6
zx2@@An@721_O6`xr_H`ubMQuCeF3v~@nmq>?7d+Qt=Nxzys7I*Jn5S<FI+MGv-YF*
zrdM~1M%wFM#)~{k|8eh)T<?ve-diVqL9@qi`a&i(cEjxOy{fI~X?j)W?XCOleEGS$
z&+5v~)xpB;A2u&eq9dr!U-#-8#p^{4-j|;BqAKs3Sd8F1$6}@2kbD!10aKN#)j%~I
zi>dW$!#4;K^FOumErw-N5ay;$wE&|vkC&*xWwIuT&QyuZfZM2kpfgqCGTc!L(3v_Y
zaF<Mx=t~W$!!l(gRE|D;iScCPGIdhDqFx1Vo8q`_n&Y+^;I?b(JL+}y2I{-Xaoa66
zvY|)gV0VZ(SGb9Sy$?G+2R*`a;XIzb2turTmD@AQ2H7*g4a!`A<K~jsvY_1E_Jybp
z3x$XuEKRPC1cGyX1_qmO_XW~TAd=8hkTwYoTfh+Kj%bf@p}$^N>&i+x8dqkcN#bdA
z#UEao4KUxl4WyvM1<iy#5lh!l5-DgoWHnelHhx%XS|+#^C2+tx7UonX6Ez-k+_Nw@
z=E~eN3@Dcb5e7ZDN05OwSE>zFJc=e+dw6bDK?gDkP+C~=T*q;g2**Xa0Zh27S=G?5
z;Eg2q5fw)8DE1JWv0)_jCCDA?rEV-DCshNTOC2Hor>GLL^{i)U7nLIm#04Ocht&r2
zxhwFy6s=PR8hud0Hi55(l#$Tbr1EHP?Y`m{+kmkfO(p}Zcr5s$6y199q#1oH7vsaa
z*V7#QDA_%1zL=%SkpaR+QEZvJ8eX}{Y0Gh5SoJivVEMO*)*^&kgY7yUk!sZP<^cuj
zp9coX>S;Zy_*eG<@P^l*H@9^SKLf0Dm74-_02`=RA;~rfVBPV}P-Z+NO#uub-A`=G
z1lIaBxNrPBr}x7EYZ(oW@oB@}3=x%sU4E5As5gM11c*Q*b+$-FVzdsdN@3hbnN>?Q
z!OG{3EyHRM7!e8BV5!&o2F-Wl0*Yl4+;C9VVZa!yUj=+a2JFZffo+VhYl3Yvf?Xg3
zLF4aA9wd?#nL=+%NlaNKq9GXmx>$}h-q_8sRJVWx(%67mHD>uC;C(QuXMwz`QdsIj
zK&xfP`Bc?w*bwO#up``b`+A(Z-X%H>fuTC_@><4Fgx!?fXB}9Jia$<3JrN5GDX_js
zwvaUdz(IY_n+noU8jhvY4-;6NZA&b%#{mR@D<2Abz+nx+VgTkablU!`YC;(@lfF&8
z>bwt`hh!$98K6wWsN+X6y^Y0zUZ~Ij@hA{BS9!p>T5La-)D-?|)Oz=Vfd5<^61(Kt
zi$Vnni_Ks?&{`=NmNY|Hm&;)#x&=L8!)**>t(-V15?+iny#%z3Rpqn?7+Fhwgkw->
zFPMCI7dX%KZ_%5T@!7OWVsRLQvO-oh=73r6<OtBLz_8T>*2d*c)%ZwoDi3of`A<EH
zI?-eaW`$L|R0Q+p7n@b>5=K79d`R^jDqF@n*I<cg@YTBLE}K|mT?<iTpT;AbB3p&V
zm@EA_VMNxp2qc(*O=Yhvh3rM(D5j{wcghD_LPoc|8|;$3-0dw1>mJ4ev?FXhd;M=_
z^|+P-mOV#U7qdauAh|ywMKD)c*J>J$YrFo;P86%l!Jy2yE}R+$9M{O^uJ~ap{TQa;
zw#Izu2VAVq8$ie9ZE%G+eOQdJbqU1+I6q`{qXb|19mlZ&w;s<6KeX<!(8I&FLqmUv
z5!X{R>?JVNq8|z3(Tyox?Bbc2avFuLiL)`~mlKr#5G9Q<2Ufn5hn3+Xvv>ZaZ``~%
zNBFUK=2cZ0p~R}brkCeE3O&Ag5>m~}s(ESXpQ;Cq2lK}hOSy@qpHAc^?j8l#4u|d?
z-g|K9|G*qvu*-JwvNz4%cTO%XoBh|#z)f>#f^epUpunwwpyOum!pXpG^Ww63dCCTp
z9UNy4nZ4Ifd^b(soOv;9KLT(C+U=)m19#AzIj~?q>S}tW6<q@aWrYy5a}Yievu~JC
zDBx(vz}q0`h<Wj<*|#bn=y!_0$sy=BzZ`=845NA$9jJN%2g}qNKs3;S1VJU?SIW~0
z2|vo^BK%YZpp()Z!cQH<9i_MkJ(<F3y|>Vf!$da*(L;5_4JiRAuW~>+#Q`N?r8*-Z
zCF;Dv0p(40QFYc4Ru6?baGeXJBoyqD9^Koyw-RFQu8gZ9<E)5@U{m5g$b%NnEY5Wa
zHq@kGYPPf}MWPsNTGk|xqX8A0)Pj51G$ocyZ*7qlkTtvZQG+#x_x9BNR7~;9E(X}B
zqo!mM=fC(qk#F0`ZaQY8VO7YStosZC?Xtt4vG#d{w8S!s&0NubEsR;#`#{@NVOndT
zQjnT&Nx&=8k$i}Q252CA|A&Dt*q)7zl|Z0Oe-E>#ui#=;VO-Kl+H<fGx%<j@OpY=+
zKfwk$WpEaOCdp55YVdJD?-$Z$Ap26mxCTfb53utBV+d!4lGw5pVXu1=g^irTln_Wm
z|MzI>*hSKY0*>VACq4jR53uKw=a>ovN_F!8S+$~55z#5y5;0J_fX<){^*Q8Ve)rC=
z_+hzk6ZuQzSsMQ$046IqB-W=QehI+&{`v|>`}Wkuu(J?2izW>gSO&TW%-u!;w|a=@
zp!p$n%eODkoqYQN?dy=rJjWJMF>(y!*o80``%vWNf|%2PKvVU1=|T(<>*3wTXi9pU
zi~1HiA{n_JP7DqyOX)O(dx#rf_-8R1(>8&ZShbr2><Gtq6DcCpv|VuFLm=lQlVz}T
zq9H94<r5(>1;KTU5Z*eoA91)w{Q<gWm2d0m?4DsY3Yyy$-^1$FJE|fV-&)q#Vf}Pf
zQfX-e(dJHYU{|bk(0xRyu=d1V6=vGn9RrXs41aw(5m)?+bE^T?wM31bssTJzCcT%4
z0c_G3KZs^xJ23jT4IwFDULImz2)a7%0IQsrFsyoe?0I-n7TA0(k>chX>*hm&Ay4iT
zX~TzHOKr;;VCUxqt<N29cn#SMYuex@93*EKxRi63tdUn`Xxk)PTpnnuMM<kF7Tw*8
zLfFu_%whz}^>5PTbCg%JMX_OWD)a~qdea^TGEy**R+ZD$7h}k?{oR&-w)AH#bCcLh
z!DH%wAL*<T6ecGr^%!nnSB^?X(}sT)Qs?CfO1^Zg63nLlPf*0hdaWu~rHZWwZNrzr
zMzNJ}fpW={lpS{qbS~DrARP%>x6`5zVo7mg62mB@L!Ez*U2=3Uf;#klT5bLm%o;47
zVU8)4Erf`04+>!3dAnoD0&<aoujZ_yLY1IJsGF3ssVNlW0nq*kFfPwp7QO(KR5A%6
zK+CLm1<nkjxgo)v5SLqpv+q<0vT~Kx+EnET$9SE2t>(A)7qPVCfjp{%`<2IxoF)P(
zq`?|K8?@!&Dtr#^h{FGiLPm#!*QU(Q`(~R;G$1h3`bmG#4BR#cZkd61P2YkIsvKT#
z>BPTa2EwLq-t4_?V=_Q4;5o2}%O`z{=D-?YpADWaa9jn}4@mEh**j$R-7tgmc0mw-
zq9Cx^Ewk^Id3o6`c##(*a_^*X#vGV7`>)!M!1Lt+S>Mx*<AJH%z|`}}+`z3|Z}_A)
zU@DhQTrZB9odfv&He41oFJ3YGZvIBN>=2`OHZD6&4XTYmJw)BX9jiLHOy+8L<1(36
z=!m6~lJFx(tE_7X7%TV|R2Fhj*{~azp~MxA%C2%$25hEI3tWaeuX9v(gZURIRv;*1
z1(bqtfCBpsK3b7;o<|iZtL|u2c5x*QcO%>lF=%F3LEL5{JuaXfS8`bR1{=4R9c}=(
zz_h`K^>7P*S!}#83{x@q_EPDrL7pCzC!hvvllnNTC&;=QoWpM&=9Q=vTLJgQZfcpw
z8f;FIe!hV;xK%T6yK^0RvBIe`L>ywnK-k!@@FB5Ifw4e8+*5JMXnV?HHpRINgSGMw
z0B~XNz&qNCY9Cu-C0;}jA!RxunSt{Jdxsy~{DoHHbX~V}NL&U{m*?&LJNuh>EubSp
zZs@lH8X?J@*8(y0ufR&ho6*&IH!z>{4hq0hJPG(l!=Ks?>e&?cp4dY$M1JK*`>v5>
zLD>s`)W%fUU2PK4FM96mVgcHplH9*)Rcr~SQU9Byc}g%ytZyE!TAFQFzeJBXZNyP`
z(BV)7l}4W1?Dh`GivZ!;#pT7j0Ew{3b<A^sU6?0MEvZq^H!0>U(7B*YF!peHV`J!r
z4^H}s6@N7TZS21a%zL{J0aiZ2nK(?1m)9UBrzD>Ij@9%iVI+iK3*k1xLktisX|~sO
zr)J&RB3vShy*z4D83r54zh2Tc1N_|<KH_wf<PaYrs2PkW>p~!sz7M*Z@X3$@=YNuj
zCnBAIU7FV5j0PnFDV6;Ls6LHnh)muVkPk0eN<s_=lnxR!!iS$$Or>4iszA+rr#kN#
z6#jzo>RkZER<Q6DI2^%QV~r5}V=eQx&)iiGvoAgCSSuV~3&<<*yI5lE{MlY}h*gF3
zujxOAIO!@~ws2uh_fufTp+Cq+3cej-5v)VXEEK{=+|x{aISKVg`v7|~7{M`;9A`O5
z%X2iGu_Pik;qY`~2GD%9YYYXJswMwtBuSe&Nn*KG#oqzZ7l!@^B=Y54m|!WTL2AL>
zCni8(vucV|ARZoJ6)%YK{GS4L{jHn&ChlH)LB`SU51+99&ygS?m>2Zhs3hG8gaPh7
zr-vF{{+KTRjxO9oOoL-1u3oNdg{DPc0a{LJzP@EJYd|rC)g2OwXf_vf-na;67fV!0
zzyuVkrh7w+?WEF>7uZu|ih#O=@_;vl_&BE6yd8yWz@vdIi8!aZq{apDcm6I!gx3cB
zEIBk(!n*Q~79b^nWa_t!(2K*9LE4O}0#jzdCByy7Hp;@9SMJ~yu}wHW=Qmziuy(tM
ze?Y~1a8FB<f&x`^IE*>hHafEUy3wZE_`e*9wULxaok`N;xYP46O#fFj{-;6MbtGCN
zXM->yJu(8XU|0PX0GQG0pfEUN=gqcNLSaF2#`a$^FWfMFw@lwVHdgAfiLa|CeYZ{D
zis^q~10rx@Ag>0<RXcd!?4313cg=yIU9giE95Dfnly&pcZL@z0HQP@G7dK_Xr|O$F
zeM@HFj9snp0HZ(SCt&bUFmTI$q%^&X70rMX`v{zv?`iyaa5^_Q{d_(*$RU^y-q}k8
zz6M84We5b>8xRaG+LsO7J3C|cz4IGEu)oBByCIm%2TT6Xvx0joPWfOf5hsV>dJfM{
zQE320l;VPHh@BI(nTtx3xe6g0l`Dj7lmf{16<*mOe7Nx93eX0)HqPPN1cz&rfNSv8
zs#EGT>YCwj?HUo#wpGP#^E^sY?2|$v*2*(&P^1#+Zp8`986@8zaW#Tr!D6An1-K_j
zJLIck{;+NE4k^p&4W64jMqHVOl!c8I*76>qxP&1Zl3M|5JJn04p%;*Qj|dT~Pz(e_
z#0@quHo*xhxZAXku=cqvCERIwnkc~P3PY?2n}`bZe@k_ek4zvfiR1`h*qw7;hqZ5z
zPlk?6NmCvXUpr!-Yh2}=0k4#_D+2#|$Xx=89=a+9lmbu+q>)HHN{a(%?EL)7JxS!i
zIwwCP&xXD=3EYHm5GVe`@@`TC{7`}ZAJAP^11A%opq1!D4W=YP2q2$b+n>j~=os_}
zLW}Cyg))ktR4e(iv^Y7wfh=%*BEY(5IT5BQ{(acG!#t8`7=c~G6zm0WH-B}<9krB%
z8pi7gfHf^bz}Pu5VwaKtUc6&-5Fcy^z!~K<X3-2q#=v_`LW4==3>8Hn@?2JVm_pa0
z0JDg+Lr=L~4e7#blCZK)71|hE4xw~ZLof%AWU%Bp)lLHiWD8`Rb=)H(U*S8m7=PLc
zINgL{uBBG?;VL!Yz%(qc^9&m`(Qh>V6k&-+_p*uDL(q9U8K%tI#s}d5LEQm*$D_v1
zW}3@nvv?Ddp}3%9)p1sT8{-HYhZ3=S?o%Y*rWS`c$5oV`@(2YUTNfzNzlNE%Dr9IK
z*hmOHMvgVOVBKW}tP1N`#h7A%Kp6q*O0Fpid=IZwk2GfNM?8|wwP4Rv%!RRo=&Ya!
ztCZzhB_*h0vL6m9Yv8T)`D}(r#tK;%*v4d32R~X{z$6g_a+a;-&9|lhJz8l8^j5XN
z)7ZA{xXeo4D81bI(McQdC<1NLQV$5+({9JniANi=gi&ym23AnxbZ~Tv2iDO-%VJaJ
z01ADnkV{#hBl6$szo5&XQ9nvaU>$gr*FE`8yKFYrMM@BsDRGVzn@Rj5&S^@_3eaz4
zg4!0Gy%~TY0P|Ce67C5|x3elKR8fyU76RT%R@@mu%HW|c*t$sQ7Z;1`;GjM!bR@X0
z6LGY3>><Ju0{YyIqPOytq#I_zvw-kCp5I=5lGQR`VCzR1E7m-!EX`8LoU%5{)fp57
z8wkhaj<OV570j@`(CzgLp=lJO<T^)%;5hUzBJ3M|m*zycBlSO|-yxcxZdZsK&uwp2
zJX-DzT=fo>`E_trL0x}LxT@d5RaeZ;IkRn+a1|oirvH4v|E%%Z{PEEB+|cz;n{q>Q
zM+5VR{R^KyIP6<B2Ug6%D>lLb+ybUTOxnyzC~OWcnwOlIv|j!wM34y)ZvG{6092Xd
z+!PK<zu9~BB(P`>!a?bH5=EWxKZZ~GuA06H)3<0h2N;It#?0PpC-6&x@d`N2bvM0=
z6ioqZWrY7R43g^zP_Or@*%N@<(d<E_-K5zy_y))lA#j7!X77aAN6Z>R;2su#o%<iZ
zey0D?IgapeF#2wgWgka)GX(C}<+%V~h|_Wc+thxUG5~+(;9EGYiw>vdK5$U>YaBS}
zAjD#m{HHjq8hW+{gNJrAHs-(~4sy8X!4*KpHzB^7@`{87=F-qrbixqk6la<coeah}
zP2u|phC*blOn+TTwa#J3BdUaxJJ^k=EG#EjR)o3oYJk<Q-rLyVEVi<-qOw+51X?=E
z`(Q_QbkG@ExSx1=FjD+DImP56ez!v~T)W)oAXJ=91`$<-*T|%S7p%Gr(c}DJ5iHq#
z95v_ti(u&^+8C#9iOGs^id)iG=jdHzmsX+t<N=EwaPa^nsF<h~jtO|bY=>l>3M4`R
zOAHljxw{co;Jn>^90d@tbG3*XWiCbdlAvwswy1U-Z;T@*1gu8sx6_;O)@){z4<k<K
zh4H$U`j&@yU2B3l<Q?I98ix(|1QP~nTIQhFZi|MNwVVYCSu+7>G7QN(V2^&!yV<>c
zVyCcKa<7{3FY#sogK3n>hndm<IjU?m2lT;J6;+~9?365Od8rA^0Q{5KRya5!;>K=N
z?$E4xU5k+|&*i{RXbzEit+!z*Bg6@tnS4N~4-d|B*9ni+bdFeHzA&COB6@^-k-!<j
z?TN5PoW|$<;xPKPmj;U4;|PVB2Q>yyGzluu#U9RO(55LjN(d+-^gz%NLLtjt1dAH1
z0bpiGx~w^!ifD9L*g^z^phE7+L8BSy6r69=3fL=(Ho>q}AV``vWvh-0btGf^?#ir2
zDW~~mV>Qbpw+Nz6+LMrEGstx`tP~=Rxs1d&tp*Hvl5>C&ft2*0K<#b+(I3*^zrM*X
zAnac<HUgzcq#)gS=r}pl1bIXBf{deL@S}-?103qW+x{7<)nC))|Iwuw`xC33NAHLR
zfgu8fBZH=zXDN7}TN5+~z(gQja4rhr>+~UwH}nT<6RXD7Lx9LKK#iSqORjz1CeGUP
z$cWD&YNe6KSOcGs)(jdrJ57<PSkU|+4BT#*61eV3HDNfp_Q(@AE$jSbA_S1bb58t#
zp_LRr={RzO8=TT6GzS!BfX->KJz+$@a0;g0VP#~3+dC#E+i@unD=p=~707Qj+e*)c
zP4aN$Yy#&7ro<XNo4`4J5V9NWg7LpmK*Z2rHaqW{ZF2-K;Hg5O{J41uu}%x7-*Isb
za`xpaIlwN>m_Q+yotPs(-}8ql90`=nz%_I58igInAgO*{5MW{E#DATt9k_0T1raaL
z<Crebo4!f&k^?aY-0|{#j&E!{H-O0bn<omYLCjLn>>Dx%M&R9}nE5Ki%(u8=<_D+D
zi&Ktc>}$pMIAFN<R|5>#<Xz_%DPT#a@N<g7F(y;^IYrws2F``b6-L5SN<TlHh!u4D
z&pDkqK%k+3i75jMLnjo2oKp#bQ?c2W60j|FLUDo(6-1`I5%PNqLiC8-Li81WU?%K3
zFvI*y;y_@YY!yB*1neT(13L$i1TYfzSxDw|2OAA3)6=2p=>hDGq_W7orz2JrivGG%
z?Cz7}aB7P-phM`}2yi2CCm13lH1M~AoFGG#4wc~Ki?9h<Z&;W#AO^_J#EvR@<^=iL
zr?yZd^t|x0P;`xm*`W<tHe^Tl{uX8e$E;+Ku!tBU{u`08u7iwXBZfVUokCE}gM19h
zbtI|=^#hFq@I<E)opuASoAOR_yAjqZ-`zhkGIE(t8VR)nwV?kVb*Em0{YLBp@Qt7^
z5ho+;Y#!_^T9*414Ho=ztW6A2khUNgfB89Nm$F7s!vqFLoxZ|#re%YVv4K-!zT2#Q
z7WU}y5&~*cM0RN8U=hu+x~n6@@L-|2$&um75sWFQ0Xp7o=)Xg~ua#38F)-^HcG2;&
z$hY3$kycb*hP{h)YzFR^a)o4L3(0N*P|yaAPVg9WQu&Y#MB8FVh>K%+DS!te_GLeD
zl!`~y%Vr<z2y!584%`-p;IM`jjD^CJ=}1Tl$VdM^e*x^QaX#8~e9UU#St9w8Rx^5n
zP`g-$SQ}}?!mJ%v=5)9kg6n)V5Io}a6jA>2M$(q@h=v?DocbcSalyN}rI$6xm|eUm
zhHY+r9r3o4F#S{X`5{GJ2}5$I>-yiJ{<pctNB{)%mnbBJ@R!6fO*|fpTteLU!`YDS
z|MH*d?=Nri=o$TIc*uC9HBpCf`mk!mUjrft573YB7|5U=icIH=rI|KN@=W{3<nRMt
zv=K<)Csl2QBBmZL!~*yLGLVm(7>$69CYt2L(Sc{F1z0CnRt2Z~{6gDY4zLcmXbSaH
zK2WEVw`h>of+ISGeLb(0^d`IqTtD5Tp~>LbM|eWy#UmhQh>5en;l-5UHu)vx5Y|l8
zk8wWB`P0q=vK_b&utEKxg8+!(alN_#!8WQA{ou184-2k>`rv4T$PfO5Lk~Y;Q!#i2
z&L1eEZJ}hP&dYm)0!8{C(fptG2hAYyZ9zG^v^=@Nb?QqFI^haJi2_$#H#-;1w%Za{
zTs<M*%e!X(oDBd(v@!s|jT7H{=H;7!2ZfK`0oiflyK4@H&A_z%NVtiX5q3RI4xPXp
zj^LTYVH<FWC?0+a@8XgP5HR6H@gM|xwP+X=#AZPV^rz!FoaRHYO<xF6*5=4{bK=$;
zm_mAbM$L=wn0<8Q4<y8wV+uOKR)YUO|0OPO|DX%)@~NWx_+mn^8vA_-zb|&~OZk1t
zH>f85r_xsqO6|M+ziK(<v`^@zN?j!?P@+7a)BdGa7L+Laz(>K*_e=S;jIOEjZ#W-$
z`QUG?(^rO0{n_mSdsMN(1$lB5+uoVfAs6IO!t?tVJ&9Yh^|p=jpKcNdiocp$FKE={
z-Qi8{T+wq#f<O5p{>k%j;%q<(G@m|7&nx(+J*+1CFabx-+-qP}JMIgdX2qwL9QU?3
z-&z~z&j0wPxUG-nzfC~v-zv+b;Sn$@(264d__vDm$4GeF3W2?I_9@u^NGpUk$M1Pg
zx-T4ePv*KOpI7C&!-tg}W^3Tta;|mqc}wp6^(WP4SLmQU*ERDzp6i@FtZe&vTj$5&
zk2A-;Be~v@gNa=4)uXnlC$&HC=>B-~Y5#HGWUg=Wd1<ciouiKHPwGz^I&%%7gYI0z
zjZb@X4Qo%zeqP`7!^z{0V6G#0R3AF5483`D)DhVy=;4n%E|+8xL<n6!{Rg2%sx1Uu
zjHLjprKu9NELEzOr_L5EYK#9tu+9)pyG{sJg-fvb0T6L^lSd?x%||vR%~a?G^-%w9
zTwc&u@m^4H=nFqx+Ht|A&RN_+{MLJE!*UBwt&9mmq%{shS~d197lBH+%Y<|^;P4%t
zc&3wFA_a~DAvyX0>U>j7NV|TunDF-!pUt5be@0^R042ZY`Ez^P$8x=62k~6*%u(C5
zC$(m4|5H8J8hBD;HlKe|X?Au)M9k)MPbyCux^fK{4=>H+8fKn<kZV}@&8Gezq1C_M
z)W1bkq$cA+QS#RoigKL2vb9Z|C<vRM5~860H=1QqSTE>1N84YIU;FQOfBzrc)cbH}
zO9JuvZ%BfEj8v=Up>PF@Ij+E`OK4j33z%Z7I?6qRBIWE!|6f$c*xAN-UN=y`oo{0D
z>V84<9zkKudt=KF?|oc)+!n~S1)i<v+J=uBN1l|Mt=&(H|KPir_NMd4O}<={@2Qq+
zy8NWVJl_VLK^HCngU_)3Cl0=wYnc7D=AZOD->rU%AAGmMtDgR|ZPQedO5ezVNv)QI
z@bO6eE|b5@v2#_>+WxXH?=*YfFE(Jw8pX|?+t~F|#cJh!#4=F1I?s6VTJb6<{A!Pa
z9C$`;c+p0+Y@-IhYvu1c{H_<jhs#qX_e=UwMwHv~;In==?T@jZ3Px10fMXAnpdC4q
zCOejY$(6Wh*Gaz+!sl^Nk^IBJh5mI=SK8x(9CiR5Hw<lpnq78;ljOz#VMG=x`J>k)
z8#O1l2!!;ENcPe7$q!JA<WffTk{@*0sc(h^=&)=CRyD8iE>2CSq}$TAPRZeqU<6q&
zzBj_ZSK-u2wgVX~^uZB)yTK~k+o5kjlnLGET|{xnCUI$H2vLO*1U&!#+MKYk_p+O?
zc!pu)KB9DllY@9QkWZcr)Ra5n4d=r=Xo*VNk@PrcD!aZMUZsdZSS>tWgHG5|NTg4k
zpb=jz+R$N*^ZAKp!N^izArJra<=dhm6?Z&e9?P>@@>cLeL=-}+>yRy0F%Ro24HDos
z?yO3c2uWCWcuiN8urGP4<nDR@?u6%748#}nGqUcF<M<KD5fEKW;*_KeA7d@933?D-
zRJap@wdebdrV*@ZD1!IY*?_EiDGQ^NyxP1@+7@uc+~GDYuk@=6dF+yN<8r^d{QiBi
z55grbh6iuUNp_o!cg-4@ZZIV{bt1d~1rBu9FT3|aa2-LzBtM{l<Y#Z4C^$zfF;5C)
z4weX)B0hpnXeuk4TOOX9$CwYu4!Xa#Lu`QjpbpU&Fr&!a5@$}q&x=T3EK>QMCDyxa
z#~3S{L{y+r5EXgDj96#BRGjEk&ZNfy8c_4RJRRjKU`GYvlP0%FNXqf41AK22d&W53
z*0{BU5Thzbl^BG}2_uTHS$5b*KKS=cAcf+?2c&e~f(YJT;4f%r_?M_2z>&TMH<N3f
zIck09NzKbjPe=b}#pNADf!5aHBtpkv;cWm0SpUd@H|M){?3>N`X8*)D|9M$SN7FBT
z^B-5dEb+AVe7yZMk?R>b>>fR88T(V;{409=s;nIKHGEa|7hJ7Hi)PMwpHxviT|+wn
z$^ZH6y&}|PkYfKAP2pZ|pi+EN@G=rO{?f<j7vG6FFykmcfV4Y-Hob|SHPfYqF6ZcS
zo-VXg;qwt0U8kD$3A)^(3w=~ZpQa0)D$yybQ70F?PV~6WjoLB<=tnagz6;ZrHfx<`
zPM^b`r+3q@M!FD)6j=WP{h|x?!yvYUKFvJ+vb3%&T=aC~neUnL%>UzWec_?|mr8fp
z)q~Ol^||lhgP+uW;lb_88yiJs-e>WH@#iH6Q=g>1@X-CsWN`%l9JCz7o{t~w{G{g#
z58c0<Eunv&%^x%$#17g%xl@?Dao{^J4*Z{>Ihp%I%I!*~`<K6k&wiJApH4h0d8R(A
z{PB%1@L4`2f14+}>z2t?Wy8-FzVP6mm*-Fa&dT&#MP=<M>hw1^bn90hN)%&7BXlR=
z<#U7sY5RLnQ+%$(@bbALtZ$WS_;R^UCYAW=H6P!?F}Et;fx`yA+Z*~a#vA{646;dI
xmJ}5gy(%s#D*ct$QxrV%4E@4$?u+t@qP`!-zwqFnU$t!16t#cmp)2p!{|6bu1y=w7

diff --git a/engineering-team/aws-solution-architect/__pycache__/cost_optimizer.cpython-313.pyc b/engineering-team/aws-solution-architect/__pycache__/cost_optimizer.cpython-313.pyc
deleted file mode 100644
index a1f331b718967cf370d885dad9c482fd55f59286..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 15008
zcmb_@Yit`=mS&M6DT;cKdcUR8Ta-n~vXsPeB+IfazdC-YM8}<Y!luX)#h4=LDpHQB
zyEBc(%s`DSCJuJ8v3Gx1o*iuHncZ#m0K2UK3$zA{!36uGQ5<%ln(CmD#V)qj*gs0!
zm_`-@?0)ywgQQG#ob(jzV%4qtIQQIp&-u<nPpYe346d2XZ&$4|4D&z8i*ecXhbL2b
z_<-RUf#EEi^;?#UR>69)Oeni(6Koglf}Lerm|lh}YhyUu3s$X_;E3404(Sco+-n>g
zN{A^okxWI`qEavwO~lz?JQ&-Mcwx+SRY<Hy!@Ni<`NZIQG#+6EK9pEn<KtmkTVz)f
z0xPD1LMokPm($@0pAyGhkI6`0n`%1~4W(4ut5Gqfmd(XCROb~8mB0ugjTY^0*I%Ce
z91kBbHyOc#DOov-P{vsW8&`JIe$#QYe9B5Ha<-e!DH~^RW8Sg}6`Z5++mw|nr{yk`
zJMreEZ<YF61%0d1-(2*qT7RpgZ#DW`6@7E#%~RMv86Uk?)33FMe668h>o~ViAMto=
z)#`chn9Lh2=7q-<=tFvCPUA9btbqu=huNgY@!|zJ!0|D)Hk1|wKAs8)yqHJ}AzoCg
z*Ans6YHTAQCb2Z3GK^tdWYx+0lM&oLU~YI~#uw%W8?zWM<BXq)={tmBA{MVz`YYFk
zcr+Ca#y~fFCz@Ji^?@nX=HQfaIxhCdn9DUMM8p#=7S}U$o?yv_AR9o~U=u4wh2s8b
z)1vvDVCS_NvwAUYK!;?ban{eBab5P7sTC$kLM5i9x({#;Rcs<3TM@{?qE$q~7!axs
z2k(eJF%e4>;(S3Nv>HwEq0~4z9s&J$;7BB~g9CvmxDp7cO-1WEW|UW<OR*WZA29nK
zrtQeTs8Kpce&K9Wx_dTlpE^69;1i=d1U{7(;vtj&C@jZ+x>ElQr5`YKMM!0OahABn
z&ny<Mtp4Q%{WosCQRk~>7+TLbQu;UYW7aFXQE%2GV;;E7dbS%4W<9cN4_szF`;A7k
z9%1}}%dF?P(PY*mTsm;Q;Wi5VkY$FnDkx<ZOSJM^d|1wWeekG6Ew1dupD|3Zoni9*
z-SCvE>B9^-n-BcU_j$#_m7!mQyn<hp))u_#kH(BS`<SDjfvkPkWt?~81c_MwBt1D1
zKF$ll6kkFVAK1S*TZ?qp=*O$zEYZ_>pt>ee5-CUuoMBdz-=gc+2EC8TX&1=taTqtR
zLv1t;Y|-gcTa!j70rLY@2BO+*oQ-h)6Olk_ojzP3$wNTJQ^5!?)L<0VlN6!}A)49<
z1gRtty%qY0fUbE0P%z1KidQ{miI_?V=s~SDOQ3#&%R!M>>&>D#pSqI}Zb1mCU1p)i
z-I#HPHKnDA2fL6+gVOeZP7$OWBx;d%^Og%_Q>wLj4(Rhz-8z*4vp^@(EbtgKnk8<X
z#C(B4p5BQ_jw9p|xdaaxxxrux)PpezUhORwJ*Dcjptb0PAb}XFVc6bH+b^6QN=LWs
zY~6P-?cIBA<Jq?HT-(H^TXD8#ougmzp@ZFPpUAdP<k}}?XA5oO%QrceZ9A50n|ijd
znQYrku5GsX!{Er?z)RVImp=23$>XPXdve}0pAC&>miBzJS>LRDn#=k)*?&DZ^qTVK
z^4^=t?3+nhOy%B8{l$RnJ+U`)C5wOFD>8RIJA7Tf@$FyqzAj7ORl583x+k;UlM36v
z$DYcvr*iD+FRIHuu6?Gw!X?y$BSrF-$TTW%PvH;%MQIWig$J)vQkS!iGlq<cTm9By
zy;1Nz$QV=l66EE#)|;~T1zq09%lu`Wjmo4khQYI)NSt_~#C05`f?*a*NMX*wmHW$T
z7|uCq<tqF(&c#)ZIgD}GLRtW7O44HY+qvo!{{`}K0<_pQTDTfYQK8I!eu~_FJ1Fvi
zqFTR$t1G6cv?MLb<N5*~m;1|29-l4ZaRcU6UV_I?zq5eHPOg#8sNzPesfC_*MonC^
z--#KuU`DO}3a;(Ij4Y7y?b3uP<TU{XtgPcRc6ed_*eLsIaBVpp9A(c2g$N|RcT8x)
zBCFMW=oml+P;?wvu4s#rjWmh>PnK}&V_0lcKU2?~?_!ul?V`S!@X5S5Y-3|va@G@d
z3=_uYzSIVFR<_Q30E6HX%P^JbDPnu6Y{lZWLy{%a0RSJsJSrXqB03%ujP#fcaQTr%
zEd#87WL2$WM^zgkR3uu%5K$G=M2fwg6i%uW#d67%!n&*+n~o(y!I*e*%xr>{WW)h7
z76g^tvHX`aTT?$f|M7Ww0SEhy-1JR35X?>oA6&bC?JsA(eBwmSAGQu#9#jllG}Uzs
zC2ASiE7e>G$9Q(p;JGx+q7?X0=c|TbrzegMu=7{_Y{7)3b6hHsWMRmpcwsFXC(1ZV
z`ZC*&l8@oUow!J#a4NxyYr$BI7t9)LY9k34Zd;8;Rv$Uka*-F-qaj|kk#f}@6~#2K
z))Z?OflOO<8v5{`aosH^ZWOG$^}xE9(RH_}<rp~xZ7Ed%@`m{}Xc&QT^Rhs8oIpTK
z;W`V)N$JbDk-aGP<3`u4=k{M$XKa7h@;5D?cxC^0a&tkMPiE(mAN4%!`RnR0g%hM1
z!Nb3vq*rcMYPhP6%<5JV-F8y9$xV@k9eO41J41<rRix1wyb5Dy6-u9-*AEz{!4URp
zEEp$CgvAHr`7nFITy<ifCIvnWyCb-aH6;)smI#JLc6h?K!3PE4uC=vj3MOsJt2)+D
zGrgvIV)Up6R?=||rIcQsKf<&MPUVZwc`5-#jZ^8jlsv^y4(2Jgo2MA7!#VWT#A?t}
zTuxWhsaCA<YYAZ^u(tg82cRm-;E1Yq!SzT$|Bx1WfV5@p)G#>N1&i&q3ZR`)tt;`;
zOCH8o@msi&CEsV5j<eRkA3na-`?IqjpWS^$zRKmMm*m%8&rZMoZ{~1f_X2!2z{@L=
z{Jrnz0`H)~Y3qXZ3x@fQWx@Jj?*1Gae<>1Z^~2UV#`2&6x1Uzv_LvAf)u9PWscI3&
zDdoeVBinRJm!GV;C~RV#7kt!c7Gbwx-G{Zw;)o_#au&VPv>*G0SlL>i?A62_oZF>z
z99@!XF>;&@6wB((fzDI-E~;g*#2v3)fK|l^Q-riKF}<eYRYx#MkgnIILBw($!U@pl
zjOrrt13)$%PpK99GkhTKL_DCKH2s@Ph#Fu}I8Pc@kSP%<6IN^VJ!oJ<B9RF&)Gi7S
z1?T}r?fTtPcNTR-V(9;X`Mj=iv;6axjt4dOYxY`3vMnQ-*`3q5mf6kfUsbmJ&(@A?
z$MU0@T*q>*b$Rom;%>b+_wGAN$6%)J{*}8Gil;g2>Azd9cpCOR{dnB-9Lai)DBb-^
z$Ed=N-20w<gp)g$l);4JJ*KdO0AIekr%ZWm{nG}fyEof&`zO`8p4+*u+nZMuch^==
z&fTYUj%I{x=fw7zZ0GU2E;`0Q=`qmdxZHhIK6*v&yt;2?hAvtaFVNm_ew_UVrh|QO
z^8U%ac3-yLCy$-l?aj3>0I~k6vi-A`c5Fdx-R$sjSmAiUz4feh^Mc}Txi|6d_m!TJ
z%(aJ|cWWpW-V#&{DIFsU>%I3~dE`yGGoTEH74J(5J5WGD9ph=<ta%n~lI5dlQ^8XF
zzGxE=;BSE!fg(%drULO1w;fW)&N&Pb6Sp5yr<`*dbqwqk#x@1Ytf1KSG<|kGgA{F;
z>w#;rgr|Y4<f^#pL&mP*+{V}hOZsiN*G}5GIv~n=uAva)0<$_ymG`HVrba>^6|(<|
zzBf@C%WpKB*zfsiZ01_%=&h4wT${g~YcC%C(%)&K*iTSkhcslMKyH#+;EB{K1deVT
z<{_bu{aoT?U^yMS1-B_s12I7(nuu1b4SO;a3yPxZ<d)_xpP5@cqc%VV24c|_KC}^n
zkVz(D(a^?OirOMOU4Q(4uI>EktZL;ZCC{ryB}hF|Nh&{0hhkM*Jh;ZI<>~mXI8cpb
zWrw8>_S|VNi@w=-f;GEmweF>B7uJ$7o+!y@zMWu~gdmU+^&Uf*UYKKpD?n20<WV*p
z+z?0EbFpA3iUO_pWvy5^haDoE#4Y+1CnECQhW~i(ze}lEsTydESo`cenYdK*D$p_y
z-!fqm=xnESrbQyZ4W1b6m1Y*=RLg_+7vd>C7K;L#rhH2nozy2_Aec@i)_^!d&pKQL
z_}SsM&Wn30=>?9II;of!2=)>F05{d4Q6#)cN&=*$*5sNY(^Yp$8`&rjov2tW!n;Y+
z!$i2g2Sn5nn+rsEW9x@+zW?T4<50G7C{wk)oNIh})Ah?HcJr*#)bZh4@4vOxnwiTr
zjcuM&I(i>mynk`)4|iO-j`__?F#a3bK0NXM3At-(o8POS&el)wHh(htUptllBN_hT
z71`56#ouTN@z<wxj49oNTk9W552fwF9dB;vj6AroyZA}@?uL9dCU>qWgByzX#6h9#
z>D+RC>K@75*{S~z-&cCQnT3brcinWHk<#Npt@tvL%(vwiugRT@${??Jj~goGABjr&
z;t12+vp@Y+()Q<&x&I8(_WwSgwB;yR3ob(Dl$Ok})(xpftbNW&<kHucNfpG(KV$?*
zRAU54%o@lnH{>-Phx2f?MRKz=jdfhT(L+g(LxbU6Fm(bkG5_VEb8gJfnQJn^>|Y&P
z-@!E-<8v)kZWnr(pI2_T!b)#{E*^D&N1f0iUB%qF^iR56FX{O$sdu{z{1pzr16uko
zuy5eGC|R53ddzwDnEDGo>O<=Ha(zbqxbu)Y{RMR@4yiMcUyr!U@8Sl{HTgEic5*|6
z=kRh2)4d7N!+FUQH$vB<@<#jD-mgcvQO<V=HO2dN3~Mp&uY6`L{#}8NJt`eFbnN08
zZj?Q<0d1Bzb9%Hu-x|JGD&$4O(ISM!yrV^}4<+JpM0sF3h{R7FfVPVMZ^#P)elSL@
zGMwEZ1c5a5`mgVk>+!5whJmH(B8P)iaYpw^vqA{%g)nYX3)QIbI)D&!uyG6|orIc8
zLP2VNY&N<Ay_;g=JRj!6)ZdT_-s0I6xFg`Zj|Y?DDn64SVVIBcP_IN+QT3@h_;@55
z=T+#WU|N9gR4WU-8;^;N@c0wlA{zPsFe|x0K08P2N(~$_nS~fHitMFm1fdA<L-J@}
zO_Q93-X+)o_E4eggdLuqJUZZ&PH8QvZ$xid(Czv$Q}g;nIDm*MCNoI}H+<l`52h(a
z1FAbrmomH@pvJnWRxL-N!{abw6JcJhyt;Vh`UUR7mCFlf)Ovvrh6ABs64(OK1Q>KF
zks7yZ!yUvIV0{&RQkx2RQV^AR+(0-p|F_5gu-?@(8~L+;bOi3bx-c76A=3onol>2~
z{*tOrYt*opK#k;BqEJH`E6ErdktsAy4RWNHID8AO61y|+<Iv}c0B0DB4w$kY6r#lr
zi$Xgz4@^`SjlPRyJa1J2NO_CUZVfN1<zOe-!idS3D{bHrAw_E0DYw<?B95vx#cULA
zld83O3)ZkpNx02`G~`#aOj%O9`w+|2*!A~NN%Vlzztc4RWnK5?>CfG@@2&r6U2Zy(
zS<1POZ7=5BFDY#u4+ifKZgp+f=h|K%IHGxryFZil441$ZFj9djhBI|PZhF+T?bxZv
zc~8s3^YZ)~a_3EDa7FPR-JX2ZX<!U$w!)nB)RAHDu5MXjtnRtTvhK0W+k5WgIrs6M
z#h+dO`1<Z8#36DsugS09{B-7~GBEVf^@rCpmv`oK1E+SUvIFO2PcH>Jz7j+oQ96z(
z-Q(NVpE`cx*k0e+$Q`{Pk6)B8@^a^jGPtUEUooJR26_gVdUpRf;x`Y*?vL%Yjb__M
zW#7qNYp!j6)BVfF{>=r&-SFPVk2dagWjev4otaPF=V73JRPnGv9+};(&9U=$tCgO?
zk6ItL%17pQCvrUtFnGKA9z^d)<>6DieYvi)cPl@y@7k*Sw7yUAzPQtz^`6>2DKEW|
zoqr?ieM1f`XNQ+%el<J1DmM%$4ei;6qj%3K4J~^O!`X)6y@v5@!?@DtQ`j-3&zl+e
zvG<X8`|Qqz+{jtkdrm%=mV4Hfk&xm$sq~M+a-L|y+!~v|sArl6_WKV3bY`%o2HWNL
z19bWDjNfWN89hL}0>$_I>K<7rrb31(Zo;AY!tg}l7&KJvplbA+gnD3(m!cgouL6My
z7hoO?>LP&m{Bx<!Ll<)%SHBiF3Ji8Q6zrVG3~$-FS~6#@j?Vm>gp^?LbB$aRO#kKs
zGbBcLi!^Njf_xBI)BNl(ku_|JSg0$!Fv?z@TVl__!+$5ZG0O6((3la0se<1>K*BQk
zB2wR|TDz8xrJ{kLgt+kSbQE6XvyXicSyE*|FH(~ca)4VpjvSIGMkFe9tZ*z5YC9QA
zY)~I1>D4#)I#u{a&tB;o@l+DC7GCOt{-J`=c6}UT9$G#^p#iXjh|Da3y?%9`g%dKF
zh{jV|E*5ch5;>3PgIItOs@IdDfLT+mhueWLCSWkea64!?$F=uwlQXWL&i)#c#q~J=
z4@Q!z$#4tCaMF?U@UXHlwToCx<1C4Es+cxuejeHdft6<|*8L=gmL+;IxSoiHi<m$Z
zm`FiFp&EpLmXGIkp&qW+jPySN;i}VELA8=BudcFG&%x=d9)mYVoo7PvLJ#S%=MasS
z-*-PpHL;_>R&Q?q@SXSH*=zP@o4uK_o!(sY%x2YRl{K5+%T;#VyPd0KmBK3W$jnYU
z*SxTK{#W(wpLO?cP3O9gZck*pr*^E_t`m1FsWKTXp-e`Vj;YVszO7et?1bEXOg{D<
zxid)Z@u_FDTElzq{OFxMcTd*cvo*ebY|s5-*8L(P=nvkx|IS`FMw^h2o%^IV*ZnQI
zszY&iZ}sKe14`fIb~xL2Vu#E2osvB)rQ}EnN~o^wyr>M`QoJu43QW_eU+EtGr{7z?
zlOXr`#B&?$My!k&UZo9UM?M+@cdCsmr_zj?)bVd(ntomL9kTR*X$mYxqCa0lSJma^
zd))DcnMlCZBX|x&)ks+~^dT`?xdu~$m+QfE=Z%)HZTykoc{y~H7Cd*tEH8FKJim@=
z=Q<31YwD<8s-vFQDbNYSvYTU}O};r5J-;^<Fyy&@ZU9sa9^eJhW<yf<Ihqp|qj4)D
z`HTP+RV;=z+Zc)^(&0Nn*b;$QA`*xopD8JlC^Jp@B0$~HWRL$JF3nT<F2qx0g<k(_
zR&vjiK3*ezu&*W}qU1q_89b)YUxv@vg>shmU1--fQ==yuhkXiL3vO+_6=Lb|(weVC
zn7>55z|^RTBhpNA0b)^->HuRh0`IWyCZ-i&Foo09A{VZKP|d!r<lzX0!!{629+Dk#
z9d!%huyCn<b#{cYgMyGZmvHtuBTf!EPa~^FoZJ~qrGlYVKD<;SVp_(7DD(geNV9uL
zlw6%XL`xXyUV6MyU(RQ<B1qnr*omHKguR9P^IP}CpEZBnyxaE4(%#F94{Gn%{`svh
zsWbV9ZC=Y(g;&dlh-e}9>Qllr8cQC39Hw=+ASa@kO+ycA(_t4hwz3zliqf$~coj%!
zJ*_n<_?B15tH?HvZLo;J!y~Vu3$>O+BecZtKoBVrDe<gSNkGVHEg2kJjBMab3G5T(
z{UMIqemS9MinCe+;u=|rM$*7n(rL1NkQrIfgO<3VR}H4v7mf~$vd777;wX|ikVdRK
zYV=+;lE|?MAS)%75O~2LA{a+pfdnyB*Y&6vh0zVyfz(PVT+r)MRL0XVLRh+}#}f!S
z#kH`pft^CPSR?Zp-i#F7GI1@F8|VzDXk`O_4n!MbQLu}|I|{)|9=8ba7c<C%Bmr>>
zUQ}1Xfkq5EqE?auJwBw?n&-<vE5e6ps=D%vt5#xT8ec^s?ultmFKwSfZZhg9nUkJ`
zf%IlGU#H|g{S8`(|2_|F5J_li%ZDN4;o04~T;mzUA?iCf=M{I|dv|_xM{XX<)aKkr
zGQy|s38ky&LF9g9E4p2q>zV|T=^x+j&-TB#Q=jdh{#|j0qcrZ|&Gh|v=+O|3JB*x>
zy$kZfO}X<AXt)^>2Q3JznaPz*L)U&616&n<Kfc#AoNXG;bnaMlO|NWLe%9EMZQ&l?
z%C&I0MsCxkR5sqTyn9k<>)%Rc+m390OR1{QR`nuuQsvpJVzX83Ue!>xYDj5km6j1i
z!|zSYLnr0dS*7>7G62$gVZ(ZB0B@?@#9>eXt>oSpw$pp=nXG%}na+ll7O&F!qSCvf
z3=DqLPDYiMex-Fv>5bD)`U@yI3~0d+)8f#7ga?vNMmFEUtDd=T5s~325-5djnW*I~
zq#;tu47h}x2*2g3^-`@SF5_0@om)%#x#?e@aQ2t204!FLuV`cX(KCzxamxxqYf{fS
zoO<F8HIkvAK}cE-K)IpvU{f>Ho+--2A$q?a|DO!vMkj;)dGI2C8e`xF=-0B#H1mr3
z3Tdj7*P>e97D+=r>DD=|rCyv=Upa6<boxr93K!(I>5Y#PAx@Hbf52pFf86+}Q64|N
zJNFCkS(+QL<h810xA+aUT;NH{2Y*?(g1X4WslgBaP$40tyk%4*s1`x3CfO`Trt*gI
zcMIB4?k5er&rPY1&_%|A)2)AaumAYp_aD!-Ea86d_Rd=$U;5;FcA9%oo9#coSuM9L
zDbB_{XImEky3fj2mt^wnSKJ-<7ViaRH!C~YFMnfaTKyKPj^3-9u|06i*os!kfx*h~
z{|QMlBEFk(Y@};Qsvom*Hay$)X9u3k^=BuZE41fv8&=IFO=+kIXhX{!r`}QM<<PAd
z{=SI9htNT+G$yrPz%~j;iRn3~x%%1Rr38?X*K3oy@>;K?R&1s|dYTJZluIbJo}o^7
zQ(K<q*meB%$Qmyae>&A*noiVJ92VOd0u2$QXdxXi#jlA{#nNh2WMAX?TcD&nA76((
zYzC6G@H@1J)Sq`Q6uAdP;vXQmia;l6hzx!J)0IMF(%>S$9_8;)H@rZytcY$Q36tX_
zG+-t^N-jzyv^TuVHfeNWJs3+9UUCJQcSzSOm3k-nerHhN4$>m9lu3ZW5LrrTD9?gY
zPJ(g6K_E@(4s@e{)q({Cr{o>#h^Lq?bdv9<mS2fS;3kP+8twYz$&q1Ay?+NQfxmnk
zSPCLK5sQIsM)of8$J4EaVkEFq@6M2pXpsDn7E=IObK&(U4(&n7MHh}>S`($vo^a?1
z``37$CYn8BfZ&MwFBC)Fni@tZqYy6!%q_3_$OQ80`zxwXl5>9^V<3ai$#fq7jn&>(
z_l4bAT?4JvIb8heEq)y=czt<*WYiDn8TF7+mFQCgGbB&$vbTZ!krYWV!5>Mv0wi>k
zMxIJQtqKHgr-L#5i#rfli3(y0;T=Anz~}NnAe;yV0s;{gNVH1{0#P}teFf{65};=o
z;Rv~rfR;egCIpt;ddQ8y8No(wL>dbJ88@{t5P;K+7!EkxLUb8_QzD}K|3oSfrJ+er
zCwU?_0+PfGZhyl3gKc5o=Cb!@`ZMD8eCF*(WBUwVKWThQe)d}i?5?eFW^%hMbNpfa
zDTCMj%a&vI=B<IJ41V@kEq&Sxe)ca~rttE@QwBf#F-tFA{7)JD?4P&1Y;WGSKV|T<
zzizSFdooMg{oCTs{Px>F8O!?So-!!guNtzuwi~v?JCnO*JI8+#&rU4-mO+^|2}1g1
zc)pOoj{qR@jj_im3pI8S779cF(>WfPyy~3RR_CPfH>iRQ!ia>s`(+l3<qK<>#r9hl
VWAWvf(ce0**)6W$Fyv0h{r}8n(lh`7

diff --git a/engineering-team/aws-solution-architect/__pycache__/serverless_stack.cpython-313.pyc b/engineering-team/aws-solution-architect/__pycache__/serverless_stack.cpython-313.pyc
deleted file mode 100644
index fd662cb484db07b1692dcdea0831b2cb41689d10..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 19901
zcmcIsO>i66ksc5rML`nvXDRfL;t{Esq)dRMeqsrZY(pd@QQ}_!P;w$E;}I|<$HHG`
z29!t@lWf&iR$IGUu@9*vwTCFD$S2FEWKWyp9<5cXl;tT^dq^dRE$rI0zHRN-?`P%>
zekdw&P&R~l{rbIr-TnIY>+a!ad-lXNe17xri<KW{H0?j>L4IQ5$7iST<HuS~bF^F}
z*L5Xwxy$Lg9Cf0XV@~XHx6`d_{n~(*i@v1gVyC+}meaG`J<_wj9M4(Ks^yd{*VSFm
zEZo+Yt%~KCUe(c;@PGPRE*YP6EYq`GeX>-o7cW$uvgz5?%Gl)872UJSwGsnTZ#Njs
ztkp_(fpv6~@jue6BeBiclwI&PV>7nvZAR0Twawo78jWR^3Y;$f-6I}8`wo8mSi7M)
z5iGAO7jdGwE+>|Y-ssN7ZuH#fzOmy}S2y~cisiar(%z3by*ad=>dNh4Pdmj^FMEoM
zr=9F+S1#`CUfwmbd$T{_L5^5(QF7pqJ2CY7ka)H_ERXZeO>XvL%|^v6TbsKb>$`Q^
zvC3A(a|=<i8v2KXM$ez!$JdXw#Yi@SA5EXr;yJ5giZ&9l6yl;*65`afclDCrd$B7^
zlsA2H(LnsbB(|{+Q-qJ>(-qsZ&62%t>33{zMOOr<tIJ8o<7sEvO~rM5<cd>zI*_+c
zJkW>hu2p0@<XCRC?i4I)w=2sd3{xF4rIT8a8aQiw^7O*=s9rQZ^Oosaqq<oKK`KUk
zGoo)s5}Q4awG6!Vopm>1nXZ?Zm>cQY>@HRBSkC4S$AWGaEQj`xvkPCF(PhhX_Ttw_
zbTj5!rKJGo68o^E&Ew`BH{n)Gb)qO?I)xS6vkKl=pxg%ADajht*D!4G%`i5Pc2c6G
z?6Mo<yJzwB1Ff-7d-3Sc`+nB<q<{En|M=tn@ka+A6`u5`?#KRd&+lFt{%!AzzdJne
z^zdts55M-{?xUBV96onH_D{P$1F}YI_UcZhpeoJ|0GL|+8x#VzpsiYsX}PY2$fB0@
zm4?RSpFV9Nl8bhNW_@Lm{WaK<Ttq4&!|v{c&7eJ7LU(k6ZfoY=PS|Ybot>cD8av(z
zn~l9|OX%(`p?kK3_H7B>yCrnrmeBoMLJw>SJ=h7lEndFR37hfq&_d+2(CJEKF>*{B
zIlNwu`^GnX`1l78voOKd<i;2_D$6#BFjL=3&(1WRUcmq+oqP@qQ+!ifuj0VVi!+U%
zbXP6Mg&|1kLnp>3#uMXb@!wE9@0b-AM_w70?^-UE3U+@2-M*ec&yy4JDa$Q5Hap=`
zdeB9jv~*&cXR+jXe8F^JGd)a2b~RI3wVi5(P7iKo^J_H=18^$I?oL@tX1(O4^rE%O
z%xStrHm`WqEY&TsXkAbEVEPTCwM?rde0r`q)nc8QUDgz$bqbcVx<&-(RzOS~9Ve@f
zD<+$FYz!!7>rCR%@uAiUCg-y`-Q+~;RXz}RI2NY$i*P9Jm}?|NesZum2KA{moFLVy
z^LpOARkARs(+7LBeuF)#oMIx8y;CXKUDp?!YRz&yJKzz6&4KwT{b;U!OCLIRPhtN?
z!n_S@nV_SHuR_<)+ocltI9n|OXCeJ9V<D3@vYBr#W^#G9P+d=Z5Y?@^XF*PMK0tqb
zp%CkRIG=doiohem_%OjyAJl@D+XmVdYb{q;vC1ZA50|_@MVsk?z$d<x&RyE(+&)e=
zJ$Er9kQS<T#hb3=?Xs1%3RO6nYq^?Lu$P2a7!cH^XQo0DE~a$Psgt1Tlgni~3;;-5
z1P^{|xf2cpUbU?|e7SR(Yesr*%9x*-GNxzK7c)6AZQhj54iS;ivDlQlLwz3UI@^8F
zqpY>mwueAgT%}fIa{=c#ZL~ps#w_0|ntJB0Rbak|o~<&i=k0zowYDh#bb2<G68+n$
zecE;F5DZWks_@g-rm6)zOM62r4cWaDWY8wwkXr!4@UTb22*jMs(h^)H*hJdd%HoIw
zyHc=gW+{+6&4Q6|XRr&{N+q`3q**rC;R)VxlZ9$IG(?&is}u~Gn+oU`U1rUSxoj2r
zYSK=4znM-Yg%MM>Sx&JZHMVHx(qZm|13rwwXmHM+H(k3BVy~Ek4X)S@S}~uHZzO4P
z(uD%<Qwr_8Q!9^Y{af>yai|@y39uEv2`(6>5JIi=!O6gEY4KL-qUB9Plv{UNsBfdw
zVhv`}diG#bRtZPlv-^Fs4x6zxUAcl;Y3U(P4eUfL4#rMj{|9E~lhBLM*1Axy$OAB4
zv*lCEW(rR3R7!SYv$h^563i8%?TNDfhlE+P<yN|6R*EIdN$GZ_Xx&Y&@JF$xY`x;a
zex~#a4x9Jgi8IN&0y2q)MaNF*$uZX{h{jo~T!odz6)vTpo;V>|$pTmF*pw6Fa#*q$
zK6Bcb6UHd6Dav6O?A)uSW0Qea4mDlRr_ax1jJfn|MwmeJCHOYM*(=7IyE>hnpPS9h
z<vUu+%qrcRgXtg}))cg0Hs%rmBGyEsw~B+$xnO!LDShl7Jf6F2uWu+Ax;|@pD^(mc
z>A7!(+Mz@qMxO?V*>n7sZV4YWd@iVL>U;nwmOrJh*SId?uIqa|*t7mTTdJX4c<Yk4
z&^+@P`7&mpe6ZrnmOyBKXpy@Yu$`H8&M`No4-8$*<VP3gbNE`!k4|M~GWpEt{6c<u
zel9mO;IorqU9!v~xwpWYtX4b-I6)#DP2*}0|8Jc|ibmf}q|57xDVP!ZS+f&3ZAD`a
zr=VkdYl(dIwpD2!p8KMZ75Q)jaN=71)D0hp<_s1kd}&Dt?ZwIJGQ75G&=jmikSjcO
zt_tK8Hz5SWQ<p{8au%x966_C16h=ulDw{38;#57aWaTW+gNvzf{(RkWy&1b~V;`Rw
zmm68vvtX5Ip75Lha@G7ES52`jMn6uvY6*OhWVfiN=$uN)9*k+N3M#={De7-XQS0EE
zEA1p<Rp6%kzN^BVgboMSCgSJ=sa0{P!qK#f&+grNrZ1STd#CCMS3(u!EPVNLy*y)8
zmdT);@wEbS-~qqI8m<=w#H>P|D^Vpn%ur-%s}6JZ@-4Pc6wg<|&#jejRZG}LOJ>QH
zp7HFGi9NMsFV_*cWp`D+3DYxzLg5{wUx;hD`3w1L>1@Wx&tJ*R8M7DCqCYX)XB|J*
zTUFBU;EJ_zrt_HZc?-8&i=(P642!DuYQmL56{oWJ@O^*)vvrToA;E1>KPb0iptHF6
z+b}l(O3mX9&sJa`vE9+afm<o@A8`C73T$#!i)kPE$BHCLFkVJGVC)d(3riUW8j;i$
zX8v%~u!}H;DgC6h1>EUuf=-BWr;8l`q2@&xJw-v(2@z>9*8-PTnJlHRAi5iX#8lzt
z%w5U`*dAHb3%D96v*21gGc$k9Sj^!Xoy#s5>BW5L;>n=d%!O<wcS&d}>%yf?DT!;Q
zS6I<!s>}LCr&_N8fTIJC?5Rb}0Jy1?1TzM;8Yu}@<vWHe#2CM&j5S3G*8ij)tB5^8
z;jj^>D^uWFN`E6BpRaqhI_EBkTXe)dC=_*3JOPAViZ!}H>x)^wi{<5#1u0fMujZ!4
zKn4aAe#u7CVmC#LNJ#=haj7hek8dPHx2h)UxpG28RY$~|bX{F{^IHFwPG+oNhz<#<
zz|d&M%Fu#Z&JTThiuIC<A*Vx*zyRB);-3=|ak?0ygm27k(!)D%MHcVzoWx!AiIdbY
z5`$n<E3f3`kq5V!09shJell>Ux6i5F34h+9I3+&bhhp)>$9}}mM!KAX_-C`%&*f2m
z0Kv5vs8!|zEu%nNjY6L6j4@>I&9gZ_>j!^QNuMQ`c_OVNYCk4$e}vh7pncJIDf&X}
zGmX9*T37#IgZ=#d;LtD6{o>q%u|_w8#15W_il4`|SnuDR`<ru5qy3Mg{XaeU(_2rX
zM?dWvXuQsP9*+)=h@a!y@#M!xK05MnZ)1YN#t)x4Ab#G6Xa~RYlf;LK4_<BDj4<ep
z$SX$&<wL$pJ2p%tJRLmqc<{`x5B~brlfm?-1LqryU95M$t7kGYDxco#(h?IN&we!f
z@a=}lJG|Gm^UYV}gVUuQIr{V2pUpmfW#aKG6ORTTIZs|mefsj74VU+Jx^{izuza`_
z)xPrbPs$&bKQJ28Q8wMBXwTP<$%lMY``XAaXMZvK;O)jDhv%dFP9ByIo`PTJa1Z#S
z4e{_!ETA?WW8=RQd-=`d4e_uV(_SC@IPp>9;j4{19KISmaQ2LR_;$B;_T0bj`IkM9
zzTddc1@!Ii-iwiA^6CBVfWX_l!~5MmCyzD6!>R(m!{Mt8E*{SJ1o)FZjKK3fv6K57
z;^A_ScHr<&j(m9J>HgOq?|<!q`|$je{bQf*8*g0Uy)XB4O&pUCbING*96r|*IT`t!
zKiuzaWP7xI{rC4eUx8wV@@tebWcjuK!w<@@A&Z7z&7Zaj+pb(x=E>S+No2CO4;i)g
zqXN?15z^BUvZEuUw<Ba{M@anSUXhjAwLTYQWpK#oR0n|M0%`~B3cHu*Skj|82@`ZH
zAb6n%X%}-Gj*?xb<3~SE?S<lPeaWeo^&v{d;we$GZw<W}SNrgDxV0M{(g_Z1!oaDx
zjN1|t3mve64o#RcR@MPef}5}k{7%>bNk9Xfd+=N<NJJqeqi+bLf^2coFK)3DS}&Av
zLE)(n=Ot+1`fr%o)vdemI*N>YN#1e~2Z%pJ)fsjR$bQi6R?IW1+i<CQ@@tgxK{fa7
z6mg&9lUL-9=roG1yLH@b_y~k1x{rV?f{u-~CTGOlI`h!=b9%+P<3}Bn>_i&&R%~|^
zQvNE=0M;@zDyGvp8h1n9J9f_}Dp_4(Xd_9ca@1jirDxt7Wt8Z8%|wESye}51zsIT(
zkiA>Dg26o&HIf2L`d1hVMI>|i?DX74eM1i9LLtLr<eqzsTWYe%pI1pCC7Uuxa&oIu
zaMncT(8psu%J`5ZcAqhuo<p``O5!o6F`Rbcw<FmB;zm{k{=5hPL)O$FGa<>=M2N&h
zJxg`fEb(AA*ORQ;l+0%G>FGJ%eM3==7B`SdifN`^$5oSVL_$Htwn$3f&R3DILq%kx
zq9qc2n~Fl+U0+kE03>HGR~Bob^pRYz3(#~WU9xeXhZBE~M;SOb11&LSxB-{34qa;D
zh=Q-;x{i7nKbjz?h3CbC2~Dwr7I;&zp#?sL^ek>1EQi(t3<nY<*w_8?k_icO3zkIO
zASojXvL`y=l3J}4FPH@si(&0z`@vL{Wqd+**7d4a3lrkc^yg_+Sb2mOf6mvYq**NT
z#^Is$|K-0Ft%1zMHB=#+bR*|<BGY6!ozQieZ-FThbV;&n@bJWlT(r~nzD|bBN1;3Q
z@X2w3qHdWPp8J#O1ZBhEl#;Dt&+yYODO>$5Gl4CGo0@D_*1sh39^2eCn9|=fj!a32
zSw)H>IX6F*xtud5&KU1X28dh+Y;P#HF(l#S2KZ?|N@yhM&_`y^@`i_4USr5-W;vYN
zkV8;*gyl9uY;~Dpy2BHav$|TvpsK2xvtZ{`l6@0j<P^B#Qe<LbetyQ7o=OEOCQZ+D
zQFirpx>Q~EV*t4QkJ9<*$4^u-Uql&+ClkFmV9T~k#U`%qRs92%$(|FpOx?4Hq+dfM
z+(MY#99GmpvA9YkA*?z=Wq>7op`=K3NUd4_4pc@_6@;895AtVdN>MF-86t{U!OMT4
zmdsayBClhiVEqF2OUYhd@pwfj8C>6@utE`8Zi1pipLjw{B7S7dXQwYt&*h{fP?<;>
zXg^ia4rMlzzcfG9jN<1hu7~mz;K&dKul!WS&`mj)FZCiTnrTBmJQbN{8G@Hp^p_7W
zhe!Mo><>rs<=|?MrW`=f1(idNU2xkTV!94xq`IFOYt<^HROWH+AkyW7lhbn-=H<9z
zU8=gugIsa~rIqCUabrwImDpoBtx6^k7sX-k1_MaFgN_A_ivEc+$j40S*X70&5>N>w
zEt^Jm2^)nxK!rMl(qwBZdEDA6h@G}ou}E(6-8CH1qNa7&Pb>1eR?Z972|J6|y`Cek
zC!K25qjL#v_1(2$soY`*D05RP*r!zr!>p`vafMG&fz3f}G%t_|B=5^d4vJl(sx(ij
zDqBSggz=KO$dmII=ce;psfdVkGR~97PlkDNsluBTVN?7taQ5L=)^QdPo9a$U(${K1
zM5vR3qGA*I((gE#R2_r~TPBpMl$1XLV;-JdYCa9dGGPcAJ~st^EU+UTyoXPXL}<^D
zR+@PK=OK;VD9E_C@}|Ri80O1Vs3ea?Efu!t`bK;MA;%!txY>=nS;>+y$8L6sbK$6H
zGT?Y1h#D4e^GfT@*K^MfG0M(=!dULl@r5$$z8#198hzT{gFh<&efeqM;N!l*2a^vE
zJn0*K+IQk{--#!Er#{_tx}kM{J<*73$rB&n{OIPx`G&Up8z&n5+Q~P5mG~s_=+%by
zLOL?u7}h3E|7y=Cdmetjq3wM8RO5hl`s}Y}Kbd{>c0)Tb85wIF)5cGIyz$Y-!zv<}
zZyotPB7HZ1cJrqg?~Tz&BiHp#*Z$c3?#B6;w(rpW-K{|;Dzaulrg!k8bC3z)pe}@I
zh-Xb7K%ytRMVKbGUJAlAdCPH3irtc}4ibgiDxM8+FHO!g;VVI$uOf(p0#-2%nKyBb
zDH^M|bio?K?hd?lPM=7QQ*D3`g{@q*sWw0y_z2*jr?ij4gc9zG>8{v?s#BvFk1Q`x
z#{S-0`e{Bk=^fX-xEx&{AS5;{e`f$Au9{8~tp;y^rpD323R_rj(aw<+wI^CA?#0oF
z5DF{MK}er-BA|k1VVy<u!1})rgy&F7Yuiqu6qT?j#`dQ|S#Z-_@=cAl6Df5m&pDC#
z+ryg1rfMnA^^Zv6ydlF41~V%I`T#Qa6;4bA=7;f!e}TKl?vZE|_G~10lUxN4`4B%u
zfW;_NOp&-h&=gRiPNX@;ZEH=;LY=NqJKX7ID*&K9hjsu=S->mwkdf%434v308U=dO
z8G{C-X_<<IFmRGUc?}o3Zv@dEF`>l^V6h%i2f!v_!5zGDV$i(@>dDJ$w?yIL9!$Ur
zY8i*bhyt>T5?Di0*Bbm`?129o>`7HC`5saP#n!5-lh|eA%_zn#ETv7FJ|5N=;rAJI
zFdH=lh+0(!+}wtu&;YO&n3;Z&APrx-w5aO?tlD7UCVIdfs*<&0wIiLnp`Q%sfG{ea
z6#_sohsr~Y5~~j(p`Q~qBEr@gxRUVdk3g=zAv7wy@<SC-0IbWxl6IIbFA8CpvMz+_
z3xYI8*x-X_GLpl1;#QZuJEmh99#vHttq9x>OZ5q>qsuDG)h$AcRz8@GGZ#Elwupf`
zQPbBs#2;}z;k!g03d$Jjg3G+zLxl!lw&E{cQ=g%g$cj>NNvm>78n>sUVicjIOy3Q=
zh_#XFY}pD)vYko0NJ{N{O9*<PWCSQ&0{}w4fE8UB<mDSnRCWRIbta2}HboZ$+|3lA
z)`|-f(M_6DM7D&^z;|c0C>Wa+qwq*sGZ0WJMzM=60OAw@0p&_42Q=zbk0R77G$;BG
zP&|bzjXEJa0azrC!{mHi96<A7<e9<_p-`UH)iYO!-vgU05sJnQDiDW^dCW^WwYDc+
zj>f9Y`RT%n@7bWzf}GRecdHc~131RS-SBGQHQ|*aQGw4_h4c=uz6T?&OHYYcdlPHI
z1@asPZxylHe1fxrOxf%g<^v*!@~iTxH>W-ssvwcbyq0!@Z0E)Zli-(qQiS)Pl!ag$
znP{`HLhm8?(lKsP`97BsiA`)ozLg|?QY?y&1JKURxPjLMXu*H!+XBoT+LCS%EB&Fc
zGRf8i*J)xiTSI&5xdjks(3hY=9W=yOEN(i8p+5QY^#Nf!!Z7jHKwDVwvOrsK@Qy%R
zFncwiEri|(klIOVNuR6|h-q;}xiN*zS!b!r%r?w41>wUo<tk*zSUO~i@C6s=k_{ig
z_iBSZv~JgkHi^Ps7AK9{h8sg;OKsq*!gqVM;A;`lchMJ<go5yFEFQ`adIWD75SWMD
z;h*A-aGHw0Q6M7jJ`!FkKwrfJ6h=heqyoQDeM5i^*m^DCvJjh+rcgugVzr%5LrzmB
zc)@_EZn{W-R(UzZ&oA9ufM46LATg{stdQys)hxmxTsD@eX3;laiap@#5#JDCxc-p1
z*QA0;il2p)YlF#ImLt;5fsReE1r>>ZmF266hw!RFn;~)zxVgBV!FEfBYv6P3iRP=h
z$TT$F82>sKna*pJp;gO)Y=zRc6E2o2pa}&9(veIeM^J9{c1-lWL2=3S)dnMrcr7ok
zr4$ysu*#SS9eB(o+``L5mz(4%bzZ21V3`>B?iydDN<BAI&!8P;8#u<dw^$0LlM=D;
zI#9r^8s70SsPu#JYCyj0)8;Hz=|JWLZ~t_re4Bh%Na-XhMrx8Vh&*@1Bv8U@@cB8(
zcms)ct5gCObjMEZAVb*=w`2dJpsp-{<2_3Datckmr685GLz6jrZegknX)FCL+0lx@
z`6Sq<aE`2)LbjoRh;{UC67f`x&-vR!a2+Ky3)%U18Sn9ekqY*IbAsAgTf4G~i!*Jc
zR^E#KL0T7Fg@~5#@EwBCH+SNh&VyR!mcxLGB*!!xnyCbPNl{XRo_ypK?{PsS^QmXZ
z_=5x6IwXKslW*s;NiYM^$&2M$9e=Uyux9Fw&d2W2JgW9dh2ge|*QFx@OnllHJ3e;&
z8QYR)QiWR|1Paki6>bI#C39!Ad16HwgpZHa-6S=UB(>iz5~>(embK+B8W!2?M=%Fb
zCc99AfZ~3}H3Ru8F5foCl9Ik6X|b%A5NoT>2TTw|aaF_kq-t_XKR$+awViiTlp!u6
z`Xw`0?I#y@A_%$p%xF6wk6CPgT0c3p&Dlk0r5zD0hRj6McFAp$QtjuI*DW5D<})$x
z6G^Ks_IH9<=1OL(cKZ2^P{t~V!T9iS)NMN@@*Pk;WL4xJ4eHzf;(^8h)vLe$;p-n9
zL7M8-14vW(_3PUAqDLc*H?PMI#qRHH-0ju&z4&QwKg%=86dcttv%iEiH?oKRco8iY
zf4nGeQ2e}JqTjm><GXdUBp`bYW68#=hxm&ZR;3E?4#Ox`3-}R5{Mey%l|y+e=Ma4z
zp|1h@dJSKjhYZT!d3Hewr5eUZ8Y79lUf}dnXZoT)Smn;(>xbHZ#3mZCc=uZm4mLFW
z^JofH_k~~ge=_$uJvRCmqTT(E20z#6-$t?LQdjq(2a}&`^lu{{E5y2Ad^GrlM*s4O
zX!yC29nL8J-R!|xfN&$Hoc<aYC!hY}7$;_oeo+B9fB&KP8=Nz5ITL7uG&J|C_-aHW
fk;s2{MI*5<;#wr}L>v90XD%Lj@qaY>X88XP(;cW8

diff --git a/engineering-team/aws-solution-architect/expected_output.json b/engineering-team/aws-solution-architect/assets/expected_output.json
similarity index 100%
rename from engineering-team/aws-solution-architect/expected_output.json
rename to engineering-team/aws-solution-architect/assets/expected_output.json
diff --git a/engineering-team/aws-solution-architect/sample_input.json b/engineering-team/aws-solution-architect/assets/sample_input.json
similarity index 100%
rename from engineering-team/aws-solution-architect/sample_input.json
rename to engineering-team/aws-solution-architect/assets/sample_input.json
diff --git a/engineering-team/aws-solution-architect/references/architecture_patterns.md b/engineering-team/aws-solution-architect/references/architecture_patterns.md
new file mode 100644
index 0000000..028a70a
--- /dev/null
+++ b/engineering-team/aws-solution-architect/references/architecture_patterns.md
@@ -0,0 +1,535 @@
+# AWS Architecture Patterns for Startups
+
+Reference guide for selecting the right AWS architecture pattern based on application requirements.
+
+---
+
+## Table of Contents
+
+- [Pattern Selection Matrix](#pattern-selection-matrix)
+- [Pattern 1: Serverless Web Application](#pattern-1-serverless-web-application)
+- [Pattern 2: Event-Driven Microservices](#pattern-2-event-driven-microservices)
+- [Pattern 3: Modern Three-Tier Application](#pattern-3-modern-three-tier-application)
+- [Pattern 4: Real-Time Data Processing](#pattern-4-real-time-data-processing)
+- [Pattern 5: GraphQL API Backend](#pattern-5-graphql-api-backend)
+- [Pattern 6: Multi-Region High Availability](#pattern-6-multi-region-high-availability)
+
+---
+
+## Pattern Selection Matrix
+
+| Pattern | Best For | Users | Monthly Cost | Complexity |
+|---------|----------|-------|--------------|------------|
+| Serverless Web | MVP, SaaS, mobile backend | <50K | $50-500 | Low |
+| Event-Driven Microservices | Complex workflows, async processing | Any | $100-1000 | Medium |
+| Three-Tier | Traditional web, e-commerce | 10K-500K | $300-2000 | Medium |
+| Real-Time Data | Analytics, IoT, streaming | Any | $200-1500 | High |
+| GraphQL Backend | Mobile apps, SPAs | <100K | $50-400 | Medium |
+| Multi-Region HA | Global apps, DR requirements | >100K | 1.5-2x single | High |
+
+---
+
+## Pattern 1: Serverless Web Application
+
+### Use Case
+SaaS platforms, mobile backends, low-traffic websites, MVPs
+
+### Architecture Diagram
+
+```
+┌─────────────┐     ┌─────────────┐     ┌─────────────┐
+│  CloudFront │────▶│     S3      │     │   Cognito   │
+│    (CDN)    │     │  (Static)   │     │   (Auth)    │
+└─────────────┘     └─────────────┘     └──────┬──────┘
+                                               │
+┌─────────────┐     ┌─────────────┐     ┌──────▼──────┐
+│   Route 53  │────▶│ API Gateway │────▶│   Lambda    │
+│    (DNS)    │     │   (REST)    │     │ (Functions) │
+└─────────────┘     └─────────────┘     └──────┬──────┘
+                                               │
+                                        ┌──────▼──────┐
+                                        │  DynamoDB   │
+                                        │ (Database)  │
+                                        └─────────────┘
+```
+
+### Service Stack
+
+| Layer | Service | Configuration |
+|-------|---------|---------------|
+| Frontend | S3 + CloudFront | Static hosting with HTTPS |
+| API | API Gateway + Lambda | REST endpoints with throttling |
+| Database | DynamoDB | Pay-per-request billing |
+| Auth | Cognito | User pools with MFA support |
+| CI/CD | Amplify or CodePipeline | Automated deployments |
+
+### CloudFormation Template
+
+```yaml
+AWSTemplateFormatVersion: '2010-09-09'
+Transform: AWS::Serverless-2016-10-31
+
+Resources:
+  # API Function
+  ApiFunction:
+    Type: AWS::Serverless::Function
+    Properties:
+      Runtime: nodejs18.x
+      Handler: index.handler
+      MemorySize: 512
+      Timeout: 10
+      Events:
+        Api:
+          Type: Api
+          Properties:
+            Path: /{proxy+}
+            Method: ANY
+
+  # DynamoDB Table
+  DataTable:
+    Type: AWS::DynamoDB::Table
+    Properties:
+      BillingMode: PAY_PER_REQUEST
+      AttributeDefinitions:
+        - AttributeName: PK
+          AttributeType: S
+        - AttributeName: SK
+          AttributeType: S
+      KeySchema:
+        - AttributeName: PK
+          KeyType: HASH
+        - AttributeName: SK
+          KeyType: RANGE
+```
+
+### Cost Breakdown (10K users)
+
+| Service | Monthly Cost |
+|---------|-------------|
+| Lambda | $5-20 |
+| API Gateway | $10-30 |
+| DynamoDB | $10-50 |
+| CloudFront | $5-15 |
+| S3 | $1-5 |
+| Cognito | $0-50 |
+| **Total** | **$31-170** |
+
+### Pros and Cons
+
+**Pros:**
+- Zero server management
+- Pay only for what you use
+- Auto-scaling built-in
+- Low operational overhead
+
+**Cons:**
+- Cold start latency (100-500ms)
+- 15-minute Lambda execution limit
+- Vendor lock-in
+
+---
+
+## Pattern 2: Event-Driven Microservices
+
+### Use Case
+Complex business workflows, asynchronous processing, decoupled systems
+
+### Architecture Diagram
+
+```
+┌─────────────┐     ┌─────────────┐     ┌─────────────┐
+│   Service   │────▶│ EventBridge │────▶│   Service   │
+│      A      │     │  (Event Bus)│     │      B      │
+└─────────────┘     └──────┬──────┘     └─────────────┘
+                           │
+                    ┌──────▼──────┐
+                    │     SQS     │
+                    │   (Queue)   │
+                    └──────┬──────┘
+                           │
+┌─────────────┐     ┌──────▼──────┐     ┌─────────────┐
+│    Step     │◀────│   Lambda    │────▶│  DynamoDB   │
+│  Functions  │     │ (Processor) │     │  (Storage)  │
+└─────────────┘     └─────────────┘     └─────────────┘
+```
+
+### Service Stack
+
+| Layer | Service | Purpose |
+|-------|---------|---------|
+| Events | EventBridge | Central event bus |
+| Processing | Lambda or ECS Fargate | Event handlers |
+| Queue | SQS | Dead letter queue for failures |
+| Orchestration | Step Functions | Complex workflow state |
+| Storage | DynamoDB, S3 | Persistent data |
+
+### Event Schema Example
+
+```json
+{
+  "source": "orders.service",
+  "detail-type": "OrderCreated",
+  "detail": {
+    "orderId": "ord-12345",
+    "customerId": "cust-67890",
+    "items": [...],
+    "total": 99.99,
+    "timestamp": "2024-01-15T10:30:00Z"
+  }
+}
+```
+
+### Cost Breakdown
+
+| Service | Monthly Cost |
+|---------|-------------|
+| EventBridge | $1-10 |
+| Lambda | $20-100 |
+| SQS | $5-20 |
+| Step Functions | $25-100 |
+| DynamoDB | $20-100 |
+| **Total** | **$71-330** |
+
+### Pros and Cons
+
+**Pros:**
+- Loose coupling between services
+- Independent scaling per service
+- Failure isolation
+- Easy to test individually
+
+**Cons:**
+- Distributed system complexity
+- Eventual consistency
+- Harder to debug
+
+---
+
+## Pattern 3: Modern Three-Tier Application
+
+### Use Case
+Traditional web apps, e-commerce, CMS, applications with complex queries
+
+### Architecture Diagram
+
+```
+┌─────────────┐     ┌─────────────┐
+│  CloudFront │────▶│     ALB     │
+│    (CDN)    │     │ (Load Bal.) │
+└─────────────┘     └──────┬──────┘
+                           │
+                    ┌──────▼──────┐
+                    │ ECS Fargate │
+                    │ (Auto-scale)│
+                    └──────┬──────┘
+                           │
+        ┌──────────────────┼──────────────────┐
+        │                  │                  │
+ ┌──────▼──────┐    ┌──────▼──────┐    ┌──────▼──────┐
+ │   Aurora    │    │ ElastiCache │    │     S3      │
+ │ (Database)  │    │   (Redis)   │    │  (Storage)  │
+ └─────────────┘    └─────────────┘    └─────────────┘
+```
+
+### Service Stack
+
+| Layer | Service | Configuration |
+|-------|---------|---------------|
+| CDN | CloudFront | Edge caching, HTTPS |
+| Load Balancer | ALB | Path-based routing, health checks |
+| Compute | ECS Fargate | Container auto-scaling |
+| Database | Aurora MySQL/PostgreSQL | Multi-AZ, auto-scaling |
+| Cache | ElastiCache Redis | Session, query caching |
+| Storage | S3 | Static assets, uploads |
+
+### Terraform Example
+
+```hcl
+# ECS Service with Auto-scaling
+resource "aws_ecs_service" "app" {
+  name            = "app-service"
+  cluster         = aws_ecs_cluster.main.id
+  task_definition = aws_ecs_task_definition.app.arn
+  desired_count   = 2
+
+  capacity_provider_strategy {
+    capacity_provider = "FARGATE"
+    weight            = 100
+  }
+
+  load_balancer {
+    target_group_arn = aws_lb_target_group.app.arn
+    container_name   = "app"
+    container_port   = 3000
+  }
+}
+
+# Auto-scaling Policy
+resource "aws_appautoscaling_target" "app" {
+  max_capacity       = 10
+  min_capacity       = 2
+  resource_id        = "service/${aws_ecs_cluster.main.name}/${aws_ecs_service.app.name}"
+  scalable_dimension = "ecs:service:DesiredCount"
+  service_namespace  = "ecs"
+}
+```
+
+### Cost Breakdown (50K users)
+
+| Service | Monthly Cost |
+|---------|-------------|
+| ECS Fargate (2 tasks) | $100-200 |
+| ALB | $25-50 |
+| Aurora | $100-300 |
+| ElastiCache | $50-100 |
+| CloudFront | $20-50 |
+| **Total** | **$295-700** |
+
+---
+
+## Pattern 4: Real-Time Data Processing
+
+### Use Case
+Analytics, IoT data ingestion, log processing, streaming data
+
+### Architecture Diagram
+
+```
+┌─────────────┐     ┌─────────────┐     ┌─────────────┐
+│  IoT Core   │────▶│   Kinesis   │────▶│   Lambda    │
+│  (Devices)  │     │  (Stream)   │     │ (Process)   │
+└─────────────┘     └─────────────┘     └──────┬──────┘
+                                               │
+┌─────────────┐     ┌─────────────┐     ┌──────▼──────┐
+│  QuickSight │◀────│   Athena    │◀────│     S3      │
+│   (Viz)     │     │  (Query)    │     │ (Data Lake) │
+└─────────────┘     └─────────────┘     └─────────────┘
+                                               │
+                                        ┌──────▼──────┐
+                                        │  CloudWatch │
+                                        │  (Alerts)   │
+                                        └─────────────┘
+```
+
+### Service Stack
+
+| Layer | Service | Purpose |
+|-------|---------|---------|
+| Ingestion | Kinesis Data Streams | Real-time data capture |
+| Processing | Lambda or Kinesis Analytics | Transform and analyze |
+| Storage | S3 (data lake) | Long-term storage |
+| Query | Athena | SQL queries on S3 |
+| Visualization | QuickSight | Dashboards and reports |
+| Alerting | CloudWatch + SNS | Threshold-based alerts |
+
+### Kinesis Producer Example
+
+```python
+import boto3
+import json
+
+kinesis = boto3.client('kinesis')
+
+def send_event(stream_name, data, partition_key):
+    response = kinesis.put_record(
+        StreamName=stream_name,
+        Data=json.dumps(data),
+        PartitionKey=partition_key
+    )
+    return response['SequenceNumber']
+
+# Send sensor reading
+send_event(
+    'sensor-stream',
+    {'sensor_id': 'temp-01', 'value': 23.5, 'unit': 'celsius'},
+    'sensor-01'
+)
+```
+
+### Cost Breakdown
+
+| Service | Monthly Cost |
+|---------|-------------|
+| Kinesis (1 shard) | $15-30 |
+| Lambda | $10-50 |
+| S3 | $5-50 |
+| Athena | $5-25 |
+| QuickSight | $24+ |
+| **Total** | **$59-179** |
+
+---
+
+## Pattern 5: GraphQL API Backend
+
+### Use Case
+Mobile apps, single-page applications, flexible data queries
+
+### Architecture Diagram
+
+```
+┌─────────────┐     ┌─────────────┐     ┌─────────────┐
+│  Mobile App │────▶│   AppSync   │────▶│   Lambda    │
+│   or SPA    │     │  (GraphQL)  │     │ (Resolvers) │
+└─────────────┘     └──────┬──────┘     └─────────────┘
+                           │
+                    ┌──────▼──────┐
+                    │  DynamoDB   │
+                    │  (Direct)   │
+                    └──────┬──────┘
+                           │
+                    ┌──────▼──────┐
+                    │   Cognito   │
+                    │   (Auth)    │
+                    └─────────────┘
+```
+
+### AppSync Schema Example
+
+```graphql
+type Query {
+  getUser(id: ID!): User
+  listPosts(limit: Int, nextToken: String): PostConnection
+}
+
+type Mutation {
+  createPost(input: CreatePostInput!): Post
+  updatePost(input: UpdatePostInput!): Post
+}
+
+type Subscription {
+  onCreatePost: Post @aws_subscribe(mutations: ["createPost"])
+}
+
+type User {
+  id: ID!
+  email: String!
+  posts: [Post]
+}
+
+type Post {
+  id: ID!
+  title: String!
+  content: String!
+  author: User!
+  createdAt: AWSDateTime!
+}
+```
+
+### Cost Breakdown
+
+| Service | Monthly Cost |
+|---------|-------------|
+| AppSync | $4-40 |
+| Lambda | $5-30 |
+| DynamoDB | $10-50 |
+| Cognito | $0-50 |
+| **Total** | **$19-170** |
+
+---
+
+## Pattern 6: Multi-Region High Availability
+
+### Use Case
+Global applications, disaster recovery, data sovereignty compliance
+
+### Architecture Diagram
+
+```
+                    ┌─────────────┐
+                    │  Route 53   │
+                    │(Geo routing)│
+                    └──────┬──────┘
+                           │
+          ┌────────────────┼────────────────┐
+          │                                 │
+   ┌──────▼──────┐                   ┌──────▼──────┐
+   │ us-east-1   │                   │ eu-west-1   │
+   │ CloudFront  │                   │ CloudFront  │
+   └──────┬──────┘                   └──────┬──────┘
+          │                                 │
+   ┌──────▼──────┐                   ┌──────▼──────┐
+   │ ECS/Lambda  │                   │ ECS/Lambda  │
+   └──────┬──────┘                   └──────┬──────┘
+          │                                 │
+   ┌──────▼──────┐◀── Replication ──▶┌──────▼──────┐
+   │  DynamoDB   │                   │  DynamoDB   │
+   │Global Table │                   │Global Table │
+   └─────────────┘                   └─────────────┘
+```
+
+### Service Stack
+
+| Component | Service | Configuration |
+|-----------|---------|---------------|
+| DNS | Route 53 | Geolocation or latency routing |
+| CDN | CloudFront | Multiple origins per region |
+| Compute | Lambda or ECS | Deployed in each region |
+| Database | DynamoDB Global Tables | Automatic replication |
+| Storage | S3 CRR | Cross-region replication |
+
+### Route 53 Failover Policy
+
+```yaml
+# Primary record
+HealthCheck:
+  Type: AWS::Route53::HealthCheck
+  Properties:
+    HealthCheckConfig:
+      Port: 443
+      Type: HTTPS
+      ResourcePath: /health
+      FullyQualifiedDomainName: api-us-east-1.example.com
+
+RecordSetPrimary:
+  Type: AWS::Route53::RecordSet
+  Properties:
+    Name: api.example.com
+    Type: A
+    SetIdentifier: primary
+    Failover: PRIMARY
+    HealthCheckId: !Ref HealthCheck
+    AliasTarget:
+      DNSName: !GetAtt USEast1ALB.DNSName
+      HostedZoneId: !GetAtt USEast1ALB.CanonicalHostedZoneID
+```
+
+### Cost Considerations
+
+| Factor | Impact |
+|--------|--------|
+| Compute | 2x (each region) |
+| Database | 25% premium for global tables |
+| Data Transfer | Cross-region replication costs |
+| Route 53 | Health checks + geo queries |
+| **Total** | **1.5-2x single region** |
+
+---
+
+## Pattern Comparison Summary
+
+### Latency
+
+| Pattern | Typical Latency |
+|---------|-----------------|
+| Serverless | 50-200ms (cold: 500ms+) |
+| Three-Tier | 20-100ms |
+| GraphQL | 30-150ms |
+| Multi-Region | <50ms (regional) |
+
+### Scaling Characteristics
+
+| Pattern | Scale Limit | Scale Speed |
+|---------|-------------|-------------|
+| Serverless | 1000 concurrent/function | Instant |
+| Three-Tier | Instance limits | Minutes |
+| Event-Driven | Unlimited | Instant |
+| Multi-Region | Regional limits | Instant |
+
+### Operational Complexity
+
+| Pattern | Setup | Maintenance | Debugging |
+|---------|-------|-------------|-----------|
+| Serverless | Low | Low | Medium |
+| Three-Tier | Medium | Medium | Low |
+| Event-Driven | High | Medium | High |
+| Multi-Region | High | High | High |
diff --git a/engineering-team/aws-solution-architect/references/best_practices.md b/engineering-team/aws-solution-architect/references/best_practices.md
new file mode 100644
index 0000000..85925a0
--- /dev/null
+++ b/engineering-team/aws-solution-architect/references/best_practices.md
@@ -0,0 +1,631 @@
+# AWS Best Practices for Startups
+
+Production-ready practices for serverless, cost optimization, security, and operational excellence.
+
+---
+
+## Table of Contents
+
+- [Serverless Best Practices](#serverless-best-practices)
+- [Cost Optimization](#cost-optimization)
+- [Security Hardening](#security-hardening)
+- [Scalability Patterns](#scalability-patterns)
+- [DevOps and Reliability](#devops-and-reliability)
+- [Common Pitfalls](#common-pitfalls)
+
+---
+
+## Serverless Best Practices
+
+### Lambda Function Design
+
+#### 1. Keep Functions Stateless
+
+Store state externally in DynamoDB, S3, or ElastiCache.
+
+```python
+# BAD: Function-level state
+cache = {}
+
+def handler(event, context):
+    if event['key'] in cache:
+        return cache[event['key']]
+    # ...
+
+# GOOD: External state
+import boto3
+dynamodb = boto3.resource('dynamodb')
+table = dynamodb.Table('cache')
+
+def handler(event, context):
+    response = table.get_item(Key={'pk': event['key']})
+    if 'Item' in response:
+        return response['Item']['value']
+    # ...
+```
+
+#### 2. Implement Idempotency
+
+Handle retries gracefully with unique request IDs.
+
+```python
+import boto3
+import hashlib
+
+dynamodb = boto3.resource('dynamodb')
+idempotency_table = dynamodb.Table('idempotency')
+
+def handler(event, context):
+    # Generate idempotency key
+    idempotency_key = hashlib.sha256(
+        f"{event['orderId']}-{event['action']}".encode()
+    ).hexdigest()
+
+    # Check if already processed
+    try:
+        response = idempotency_table.get_item(Key={'pk': idempotency_key})
+        if 'Item' in response:
+            return response['Item']['result']
+    except Exception:
+        pass
+
+    # Process request
+    result = process_order(event)
+
+    # Store result for idempotency
+    idempotency_table.put_item(
+        Item={
+            'pk': idempotency_key,
+            'result': result,
+            'ttl': int(time.time()) + 86400  # 24h TTL
+        }
+    )
+
+    return result
+```
+
+#### 3. Optimize Cold Starts
+
+```python
+# Initialize outside handler (reused across invocations)
+import boto3
+from aws_xray_sdk.core import patch_all
+
+# SDK initialization happens once
+dynamodb = boto3.resource('dynamodb')
+table = dynamodb.Table('my-table')
+patch_all()
+
+def handler(event, context):
+    # Handler code uses pre-initialized resources
+    return table.get_item(Key={'pk': event['id']})
+```
+
+**Cold Start Reduction Techniques:**
+- Use provisioned concurrency for critical paths
+- Minimize package size (use layers for dependencies)
+- Choose interpreted languages (Python, Node.js) over compiled
+- Avoid VPC unless necessary (adds 6-10 sec cold start)
+
+#### 4. Set Appropriate Timeouts
+
+```yaml
+# Lambda configuration
+Functions:
+  ApiHandler:
+    Timeout: 10  # Shorter for synchronous APIs
+    MemorySize: 512
+
+  BackgroundProcessor:
+    Timeout: 300  # Longer for async processing
+    MemorySize: 1024
+```
+
+**Timeout Guidelines:**
+- API handlers: 10-30 seconds
+- Event processors: 60-300 seconds
+- Use Step Functions for >15 minute workflows
+
+---
+
+## Cost Optimization
+
+### 1. Right-Sizing Strategy
+
+```bash
+# Check EC2 utilization
+aws cloudwatch get-metric-statistics \
+  --namespace AWS/EC2 \
+  --metric-name CPUUtilization \
+  --dimensions Name=InstanceId,Value=i-1234567890abcdef0 \
+  --start-time $(date -d '7 days ago' -u +"%Y-%m-%dT%H:%M:%SZ") \
+  --end-time $(date -u +"%Y-%m-%dT%H:%M:%SZ") \
+  --period 3600 \
+  --statistics Average
+```
+
+**Right-Sizing Rules:**
+- <10% CPU average: Downsize instance
+- >80% CPU average: Consider upgrade or horizontal scaling
+- Review every month for the first 6 months
+
+### 2. Savings Plans and Reserved Instances
+
+| Commitment | Savings | Best For |
+|------------|---------|----------|
+| No Upfront, 1-year | 20-30% | Unknown future |
+| Partial Upfront, 1-year | 30-40% | Moderate confidence |
+| All Upfront, 3-year | 50-60% | Stable workloads |
+
+```bash
+# Check Savings Plans recommendations
+aws cost-explorer get-savings-plans-purchase-recommendation \
+  --savings-plans-type COMPUTE_SP \
+  --term-in-years ONE_YEAR \
+  --payment-option NO_UPFRONT \
+  --lookback-period-in-days THIRTY_DAYS
+```
+
+### 3. S3 Lifecycle Policies
+
+```json
+{
+  "Rules": [
+    {
+      "ID": "Transition to cheaper storage",
+      "Status": "Enabled",
+      "Filter": {
+        "Prefix": "logs/"
+      },
+      "Transitions": [
+        { "Days": 30, "StorageClass": "STANDARD_IA" },
+        { "Days": 90, "StorageClass": "GLACIER" }
+      ],
+      "Expiration": { "Days": 365 }
+    }
+  ]
+}
+```
+
+### 4. Lambda Memory Optimization
+
+Test different memory settings to find optimal cost/performance.
+
+```python
+# Use AWS Lambda Power Tuning
+# https://github.com/alexcasalboni/aws-lambda-power-tuning
+
+# Example results:
+# 128 MB: 2000ms, $0.000042
+# 512 MB: 500ms, $0.000042
+# 1024 MB: 300ms, $0.000050
+
+# Optimal: 512 MB (same cost, 4x faster)
+```
+
+### 5. NAT Gateway Alternatives
+
+```
+NAT Gateway: $0.045/hour + $0.045/GB = ~$32/month + data
+
+Alternatives:
+1. VPC Endpoints: $0.01/hour = ~$7.30/month (for AWS services)
+2. NAT Instance: t3.nano = ~$3.80/month (limited throughput)
+3. No NAT: Use VPC endpoints + Lambda outside VPC
+```
+
+### 6. CloudWatch Log Retention
+
+```yaml
+# Set retention policies to avoid unbounded growth
+LogGroup:
+  Type: AWS::Logs::LogGroup
+  Properties:
+    LogGroupName: /aws/lambda/my-function
+    RetentionInDays: 14  # 7, 14, 30, 60, 90, etc.
+```
+
+**Retention Guidelines:**
+- Development: 7 days
+- Production non-critical: 30 days
+- Production critical: 90 days
+- Compliance requirements: As specified
+
+---
+
+## Security Hardening
+
+### 1. IAM Least Privilege
+
+```json
+// BAD: Overly permissive
+{
+  "Effect": "Allow",
+  "Action": "dynamodb:*",
+  "Resource": "*"
+}
+
+// GOOD: Specific actions and resources
+{
+  "Effect": "Allow",
+  "Action": [
+    "dynamodb:GetItem",
+    "dynamodb:PutItem",
+    "dynamodb:Query"
+  ],
+  "Resource": [
+    "arn:aws:dynamodb:us-east-1:123456789:table/users",
+    "arn:aws:dynamodb:us-east-1:123456789:table/users/index/*"
+  ]
+}
+```
+
+### 2. Encryption Configuration
+
+```yaml
+# Enable encryption everywhere
+Resources:
+  # DynamoDB
+  Table:
+    Type: AWS::DynamoDB::Table
+    Properties:
+      SSESpecification:
+        SSEEnabled: true
+        SSEType: KMS
+        KMSMasterKeyId: !Ref EncryptionKey
+
+  # S3
+  Bucket:
+    Type: AWS::S3::Bucket
+    Properties:
+      BucketEncryption:
+        ServerSideEncryptionConfiguration:
+          - ServerSideEncryptionByDefault:
+              SSEAlgorithm: aws:kms
+              KMSMasterKeyID: !Ref EncryptionKey
+
+  # RDS
+  Database:
+    Type: AWS::RDS::DBInstance
+    Properties:
+      StorageEncrypted: true
+      KmsKeyId: !Ref EncryptionKey
+```
+
+### 3. Network Isolation
+
+```yaml
+# Private subnets with VPC endpoints
+Resources:
+  PrivateSubnet:
+    Type: AWS::EC2::Subnet
+    Properties:
+      MapPublicIpOnLaunch: false
+
+  # DynamoDB Gateway Endpoint (free)
+  DynamoDBEndpoint:
+    Type: AWS::EC2::VPCEndpoint
+    Properties:
+      VpcId: !Ref VPC
+      ServiceName: !Sub com.amazonaws.${AWS::Region}.dynamodb
+      VpcEndpointType: Gateway
+      RouteTableIds:
+        - !Ref PrivateRouteTable
+
+  # Secrets Manager Interface Endpoint
+  SecretsEndpoint:
+    Type: AWS::EC2::VPCEndpoint
+    Properties:
+      VpcId: !Ref VPC
+      ServiceName: !Sub com.amazonaws.${AWS::Region}.secretsmanager
+      VpcEndpointType: Interface
+      PrivateDnsEnabled: true
+```
+
+### 4. Secrets Management
+
+```python
+# Never hardcode secrets
+import boto3
+import json
+
+def get_secret(secret_name):
+    client = boto3.client('secretsmanager')
+    response = client.get_secret_value(SecretId=secret_name)
+    return json.loads(response['SecretString'])
+
+# Usage
+db_creds = get_secret('prod/database/credentials')
+connection = connect(
+    host=db_creds['host'],
+    user=db_creds['username'],
+    password=db_creds['password']
+)
+```
+
+### 5. API Protection
+
+```yaml
+# WAF + API Gateway
+WebACL:
+  Type: AWS::WAFv2::WebACL
+  Properties:
+    DefaultAction:
+      Allow: {}
+    Rules:
+      - Name: RateLimit
+        Priority: 1
+        Action:
+          Block: {}
+        Statement:
+          RateBasedStatement:
+            Limit: 2000
+            AggregateKeyType: IP
+        VisibilityConfig:
+          SampledRequestsEnabled: true
+          CloudWatchMetricsEnabled: true
+          MetricName: RateLimitRule
+
+      - Name: AWSManagedRulesCommonRuleSet
+        Priority: 2
+        OverrideAction:
+          None: {}
+        Statement:
+          ManagedRuleGroupStatement:
+            VendorName: AWS
+            Name: AWSManagedRulesCommonRuleSet
+```
+
+### 6. Audit Logging
+
+```yaml
+# Enable CloudTrail for all API calls
+CloudTrail:
+  Type: AWS::CloudTrail::Trail
+  Properties:
+    IsMultiRegionTrail: true
+    IsLogging: true
+    S3BucketName: !Ref AuditLogsBucket
+    IncludeGlobalServiceEvents: true
+    EnableLogFileValidation: true
+    EventSelectors:
+      - ReadWriteType: All
+        IncludeManagementEvents: true
+```
+
+---
+
+## Scalability Patterns
+
+### 1. Horizontal vs Vertical Scaling
+
+```
+Horizontal (preferred):
+- Add more Lambda concurrent executions
+- Add more Fargate tasks
+- Add more DynamoDB capacity
+
+Vertical (when necessary):
+- Increase Lambda memory
+- Upgrade RDS instance
+- Larger EC2 instances
+```
+
+### 2. Database Sharding
+
+```python
+# Partition by tenant ID
+def get_table_for_tenant(tenant_id):
+    shard = hash(tenant_id) % NUM_SHARDS
+    return f"data-shard-{shard}"
+
+# Or use DynamoDB single-table design with partition keys
+def get_partition_key(tenant_id, entity_type, entity_id):
+    return f"TENANT#{tenant_id}#{entity_type}#{entity_id}"
+```
+
+### 3. Caching Layers
+
+```
+Edge (CloudFront):     Global, static content, TTL: hours-days
+Application (Redis):   Regional, session/query cache, TTL: minutes-hours
+Database (DAX):        DynamoDB-specific, TTL: minutes
+```
+
+```python
+# ElastiCache Redis caching pattern
+import redis
+import json
+
+cache = redis.Redis(host='cache.abc123.cache.amazonaws.com', port=6379)
+
+def get_user(user_id):
+    # Check cache first
+    cached = cache.get(f"user:{user_id}")
+    if cached:
+        return json.loads(cached)
+
+    # Fetch from database
+    user = db.get_user(user_id)
+
+    # Cache for 5 minutes
+    cache.setex(f"user:{user_id}", 300, json.dumps(user))
+
+    return user
+```
+
+### 4. Auto-Scaling Configuration
+
+```yaml
+# ECS Service Auto-scaling
+AutoScalingTarget:
+  Type: AWS::ApplicationAutoScaling::ScalableTarget
+  Properties:
+    MaxCapacity: 10
+    MinCapacity: 2
+    ResourceId: !Sub service/${Cluster}/${Service.Name}
+    ScalableDimension: ecs:service:DesiredCount
+    ServiceNamespace: ecs
+
+ScalingPolicy:
+  Type: AWS::ApplicationAutoScaling::ScalingPolicy
+  Properties:
+    PolicyType: TargetTrackingScaling
+    TargetTrackingScalingPolicyConfiguration:
+      PredefinedMetricSpecification:
+        PredefinedMetricType: ECSServiceAverageCPUUtilization
+      TargetValue: 70
+      ScaleInCooldown: 300
+      ScaleOutCooldown: 60
+```
+
+---
+
+## DevOps and Reliability
+
+### 1. Infrastructure as Code
+
+```bash
+# Version control all infrastructure
+git init
+git add .
+git commit -m "Initial infrastructure setup"
+
+# Use separate stacks per environment
+cdk deploy --context environment=dev
+cdk deploy --context environment=staging
+cdk deploy --context environment=production
+```
+
+### 2. Blue/Green Deployments
+
+```yaml
+# CodeDeploy Blue/Green for ECS
+DeploymentGroup:
+  Type: AWS::CodeDeploy::DeploymentGroup
+  Properties:
+    DeploymentConfigName: CodeDeployDefault.ECSAllAtOnce
+    DeploymentStyle:
+      DeploymentType: BLUE_GREEN
+      DeploymentOption: WITH_TRAFFIC_CONTROL
+    BlueGreenDeploymentConfiguration:
+      DeploymentReadyOption:
+        ActionOnTimeout: CONTINUE_DEPLOYMENT
+        WaitTimeInMinutes: 0
+      TerminateBlueInstancesOnDeploymentSuccess:
+        Action: TERMINATE
+        TerminationWaitTimeInMinutes: 5
+```
+
+### 3. Health Checks
+
+```python
+# Application health endpoint
+from flask import Flask, jsonify
+import boto3
+
+app = Flask(__name__)
+
+@app.route('/health')
+def health():
+    checks = {
+        'database': check_database(),
+        'cache': check_cache(),
+        'external_api': check_external_api()
+    }
+
+    status = 'healthy' if all(checks.values()) else 'unhealthy'
+    code = 200 if status == 'healthy' else 503
+
+    return jsonify({'status': status, 'checks': checks}), code
+
+def check_database():
+    try:
+        # Quick connectivity test
+        db.execute('SELECT 1')
+        return True
+    except Exception:
+        return False
+```
+
+### 4. Monitoring Setup
+
+```yaml
+# CloudWatch Dashboard
+Dashboard:
+  Type: AWS::CloudWatch::Dashboard
+  Properties:
+    DashboardName: production-overview
+    DashboardBody: |
+      {
+        "widgets": [
+          {
+            "type": "metric",
+            "properties": {
+              "metrics": [
+                ["AWS/Lambda", "Invocations", "FunctionName", "api-handler"],
+                [".", "Errors", ".", "."],
+                [".", "Duration", ".", ".", {"stat": "p99"}]
+              ],
+              "period": 60,
+              "title": "Lambda Metrics"
+            }
+          }
+        ]
+      }
+
+# Critical Alarms
+ErrorAlarm:
+  Type: AWS::CloudWatch::Alarm
+  Properties:
+    AlarmName: high-error-rate
+    MetricName: Errors
+    Namespace: AWS/Lambda
+    Statistic: Sum
+    Period: 60
+    EvaluationPeriods: 3
+    Threshold: 10
+    ComparisonOperator: GreaterThanThreshold
+    AlarmActions:
+      - !Ref AlertTopic
+```
+
+---
+
+## Common Pitfalls
+
+### Technical Debt
+
+| Pitfall | Solution |
+|---------|----------|
+| Over-engineering early | Start simple, scale when needed |
+| Under-monitoring | Set up CloudWatch from day one |
+| Ignoring costs | Enable Cost Explorer and billing alerts |
+| Single region only | Plan for multi-region from start |
+
+### Security Mistakes
+
+| Mistake | Prevention |
+|---------|------------|
+| Public S3 buckets | Block public access, use bucket policies |
+| Overly permissive IAM | Never use "*", specify resources |
+| Hardcoded credentials | Use Secrets Manager, IAM roles |
+| Unencrypted data | Enable encryption by default |
+
+### Performance Issues
+
+| Issue | Solution |
+|-------|----------|
+| No caching | Add CloudFront, ElastiCache early |
+| Inefficient queries | Use indexes, avoid DynamoDB scans |
+| Large Lambda packages | Use layers, minimize dependencies |
+| N+1 queries | Implement DataLoader, batch operations |
+
+### Cost Surprises
+
+| Surprise | Prevention |
+|----------|------------|
+| Undeleted resources | Tag everything, review weekly |
+| Data transfer costs | Keep traffic in same AZ/region |
+| NAT Gateway charges | Use VPC endpoints for AWS services |
+| Log accumulation | Set CloudWatch retention policies |
diff --git a/engineering-team/aws-solution-architect/references/service_selection.md b/engineering-team/aws-solution-architect/references/service_selection.md
new file mode 100644
index 0000000..a81bed2
--- /dev/null
+++ b/engineering-team/aws-solution-architect/references/service_selection.md
@@ -0,0 +1,484 @@
+# AWS Service Selection Guide
+
+Quick reference for choosing the right AWS service based on requirements.
+
+---
+
+## Table of Contents
+
+- [Compute Services](#compute-services)
+- [Database Services](#database-services)
+- [Storage Services](#storage-services)
+- [Messaging and Events](#messaging-and-events)
+- [API and Integration](#api-and-integration)
+- [Networking](#networking)
+- [Security and Identity](#security-and-identity)
+
+---
+
+## Compute Services
+
+### Decision Matrix
+
+| Requirement | Recommended Service |
+|-------------|---------------------|
+| Event-driven, short tasks (<15 min) | Lambda |
+| Containerized apps, predictable traffic | ECS Fargate |
+| Custom configs, GPU/FPGA | EC2 |
+| Simple container from source | App Runner |
+| Kubernetes workloads | EKS |
+| Batch processing | AWS Batch |
+
+### Lambda
+
+**Best for:** Event-driven functions, API backends, scheduled tasks
+
+```
+Limits:
+- Execution: 15 minutes max
+- Memory: 128 MB - 10 GB
+- Package: 50 MB (zip), 10 GB (container)
+- Concurrency: 1000 default (soft limit)
+
+Pricing: $0.20 per 1M requests + compute time
+```
+
+**Use when:**
+- Variable/unpredictable traffic
+- Pay-per-use is important
+- No server management desired
+- Short-duration operations
+
+**Avoid when:**
+- Long-running processes (>15 min)
+- Low-latency requirements (<50ms)
+- Heavy compute (consider Fargate)
+
+### ECS Fargate
+
+**Best for:** Containerized applications, microservices
+
+```
+Limits:
+- vCPU: 0.25 - 16
+- Memory: 0.5 GB - 120 GB
+- Storage: 20 GB - 200 GB ephemeral
+
+Pricing: Per vCPU-hour + GB-hour
+```
+
+**Use when:**
+- Containerized applications
+- Predictable traffic patterns
+- Long-running processes
+- Need more control than Lambda
+
+### EC2
+
+**Best for:** Custom configurations, specialized hardware
+
+```
+Instance Types:
+- General: t3, m6i
+- Compute: c6i
+- Memory: r6i
+- GPU: p4d, g5
+- Storage: i3, d3
+```
+
+**Use when:**
+- Need GPU/FPGA
+- Windows applications
+- Specific instance configurations
+- Reserved capacity makes sense
+
+---
+
+## Database Services
+
+### Decision Matrix
+
+| Data Type | Query Pattern | Scale | Recommended |
+|-----------|--------------|-------|-------------|
+| Key-value | Simple lookups | Any | DynamoDB |
+| Document | Flexible queries | <1TB | DocumentDB |
+| Relational | Complex joins | Variable | Aurora Serverless |
+| Relational | High volume | Fixed | Aurora Standard |
+| Time-series | Time-based | Any | Timestream |
+| Graph | Relationships | Any | Neptune |
+
+### DynamoDB
+
+**Best for:** Key-value and document data, serverless applications
+
+```
+Limits:
+- Item size: 400 KB max
+- Partition key: 2048 bytes
+- Sort key: 1024 bytes
+- GSI: 20 per table
+
+Pricing:
+- On-demand: $1.25 per million writes, $0.25 per million reads
+- Provisioned: Per RCU/WCU
+```
+
+**Data Modeling Example:**
+
+```
+# Single-table design for e-commerce
+PK                  SK                  Attributes
+USER#123            PROFILE             {name, email, ...}
+USER#123            ORDER#456           {total, status, ...}
+USER#123            ORDER#456#ITEM#1    {product, qty, ...}
+PRODUCT#789         METADATA            {name, price, ...}
+```
+
+### Aurora
+
+**Best for:** Relational data with complex queries
+
+| Edition | Use Case | Scaling |
+|---------|----------|---------|
+| Aurora Serverless v2 | Variable workloads | 0.5-128 ACUs, auto |
+| Aurora Standard | Predictable workloads | Instance-based |
+| Aurora Global | Multi-region | Cross-region replication |
+
+```
+Limits:
+- Storage: 128 TB max
+- Replicas: 15 read replicas
+- Connections: Instance-dependent
+
+Pricing:
+- Serverless: $0.12 per ACU-hour
+- Standard: Instance + storage + I/O
+```
+
+### Comparison: DynamoDB vs Aurora
+
+| Factor | DynamoDB | Aurora |
+|--------|----------|--------|
+| Query flexibility | Limited (key-based) | Full SQL |
+| Scaling | Instant, unlimited | Minutes, up to limits |
+| Consistency | Eventually/Strong | ACID |
+| Cost model | Per-request | Per-hour |
+| Operational | Zero management | Some management |
+
+---
+
+## Storage Services
+
+### S3 Storage Classes
+
+| Class | Access Pattern | Retrieval | Cost (GB/mo) |
+|-------|---------------|-----------|--------------|
+| Standard | Frequent | Instant | $0.023 |
+| Intelligent-Tiering | Unknown | Instant | $0.023 + monitoring |
+| Standard-IA | Infrequent (30+ days) | Instant | $0.0125 |
+| One Zone-IA | Infrequent, single AZ | Instant | $0.01 |
+| Glacier Instant | Archive, instant access | Instant | $0.004 |
+| Glacier Flexible | Archive | Minutes-hours | $0.0036 |
+| Glacier Deep Archive | Long-term archive | 12-48 hours | $0.00099 |
+
+### Lifecycle Policy Example
+
+```json
+{
+  "Rules": [
+    {
+      "ID": "Archive old data",
+      "Status": "Enabled",
+      "Transitions": [
+        {
+          "Days": 30,
+          "StorageClass": "STANDARD_IA"
+        },
+        {
+          "Days": 90,
+          "StorageClass": "GLACIER"
+        },
+        {
+          "Days": 365,
+          "StorageClass": "DEEP_ARCHIVE"
+        }
+      ],
+      "Expiration": {
+        "Days": 2555
+      }
+    }
+  ]
+}
+```
+
+### Block and File Storage
+
+| Service | Use Case | Access |
+|---------|----------|--------|
+| EBS | EC2 block storage | Single instance |
+| EFS | Shared file system | Multiple instances |
+| FSx for Lustre | HPC workloads | High throughput |
+| FSx for Windows | Windows apps | SMB protocol |
+
+---
+
+## Messaging and Events
+
+### Decision Matrix
+
+| Pattern | Service | Use Case |
+|---------|---------|----------|
+| Event routing | EventBridge | Microservices, SaaS integration |
+| Pub/sub | SNS | Fan-out notifications |
+| Queue | SQS | Decoupling, buffering |
+| Streaming | Kinesis | Real-time analytics |
+| Message broker | Amazon MQ | Legacy migrations |
+
+### EventBridge
+
+**Best for:** Event-driven architectures, SaaS integration
+
+```python
+# EventBridge rule pattern
+{
+    "source": ["orders.service"],
+    "detail-type": ["OrderCreated"],
+    "detail": {
+        "total": [{"numeric": [">=", 100]}]
+    }
+}
+```
+
+### SQS
+
+**Best for:** Decoupling services, handling load spikes
+
+| Feature | Standard | FIFO |
+|---------|----------|------|
+| Throughput | Unlimited | 3000 msg/sec |
+| Ordering | Best effort | Guaranteed |
+| Delivery | At least once | Exactly once |
+| Deduplication | No | Yes |
+
+```python
+# SQS with dead letter queue
+import boto3
+
+sqs = boto3.client('sqs')
+
+def process_with_dlq(queue_url, dlq_url, max_retries=3):
+    response = sqs.receive_message(
+        QueueUrl=queue_url,
+        MaxNumberOfMessages=10,
+        WaitTimeSeconds=20,
+        AttributeNames=['ApproximateReceiveCount']
+    )
+
+    for message in response.get('Messages', []):
+        receive_count = int(message['Attributes']['ApproximateReceiveCount'])
+
+        try:
+            process(message)
+            sqs.delete_message(QueueUrl=queue_url, ReceiptHandle=message['ReceiptHandle'])
+        except Exception as e:
+            if receive_count >= max_retries:
+                sqs.send_message(QueueUrl=dlq_url, MessageBody=message['Body'])
+                sqs.delete_message(QueueUrl=queue_url, ReceiptHandle=message['ReceiptHandle'])
+```
+
+### Kinesis
+
+**Best for:** Real-time streaming data, analytics
+
+| Service | Use Case |
+|---------|----------|
+| Data Streams | Custom processing |
+| Data Firehose | Direct to S3/Redshift |
+| Data Analytics | SQL on streams |
+| Video Streams | Video ingestion |
+
+---
+
+## API and Integration
+
+### API Gateway vs AppSync
+
+| Factor | API Gateway | AppSync |
+|--------|-------------|---------|
+| Protocol | REST, WebSocket | GraphQL |
+| Real-time | WebSocket setup | Built-in subscriptions |
+| Caching | Response caching | Field-level caching |
+| Integration | Lambda, HTTP, AWS | Lambda, DynamoDB, HTTP |
+| Pricing | Per request | Per request + data |
+
+### API Gateway Configuration
+
+```yaml
+# Throttling and caching
+Resources:
+  ApiGateway:
+    Type: AWS::ApiGateway::RestApi
+    Properties:
+      Name: my-api
+
+  ApiStage:
+    Type: AWS::ApiGateway::Stage
+    Properties:
+      StageName: prod
+      MethodSettings:
+        - HttpMethod: "*"
+          ResourcePath: "/*"
+          ThrottlingBurstLimit: 500
+          ThrottlingRateLimit: 1000
+          CachingEnabled: true
+          CacheTtlInSeconds: 300
+```
+
+### Step Functions
+
+**Best for:** Workflow orchestration, long-running processes
+
+```json
+{
+  "StartAt": "ProcessOrder",
+  "States": {
+    "ProcessOrder": {
+      "Type": "Task",
+      "Resource": "arn:aws:lambda:...:processOrder",
+      "Next": "CheckInventory"
+    },
+    "CheckInventory": {
+      "Type": "Choice",
+      "Choices": [
+        {
+          "Variable": "$.inStock",
+          "BooleanEquals": true,
+          "Next": "ShipOrder"
+        }
+      ],
+      "Default": "BackOrder"
+    },
+    "ShipOrder": {
+      "Type": "Task",
+      "Resource": "arn:aws:lambda:...:shipOrder",
+      "End": true
+    },
+    "BackOrder": {
+      "Type": "Task",
+      "Resource": "arn:aws:lambda:...:backOrder",
+      "End": true
+    }
+  }
+}
+```
+
+---
+
+## Networking
+
+### VPC Components
+
+| Component | Purpose |
+|-----------|---------|
+| VPC | Isolated network |
+| Subnet | Network segment (public/private) |
+| Internet Gateway | Public internet access |
+| NAT Gateway | Private subnet outbound |
+| VPC Endpoint | Private AWS service access |
+| Transit Gateway | VPC interconnection |
+
+### VPC Design Pattern
+
+```
+VPC: 10.0.0.0/16
+
+Public Subnets (AZ a, b, c):
+  10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24
+  - ALB, NAT Gateway, Bastion
+
+Private Subnets (AZ a, b, c):
+  10.0.11.0/24, 10.0.12.0/24, 10.0.13.0/24
+  - Application servers, Lambda
+
+Database Subnets (AZ a, b, c):
+  10.0.21.0/24, 10.0.22.0/24, 10.0.23.0/24
+  - RDS, ElastiCache
+```
+
+### VPC Endpoints (Cost Savings)
+
+```yaml
+# Interface endpoint for Secrets Manager
+SecretsManagerEndpoint:
+  Type: AWS::EC2::VPCEndpoint
+  Properties:
+    VpcId: !Ref VPC
+    ServiceName: !Sub com.amazonaws.${AWS::Region}.secretsmanager
+    VpcEndpointType: Interface
+    SubnetIds: !Ref PrivateSubnets
+    SecurityGroupIds:
+      - !Ref EndpointSecurityGroup
+```
+
+---
+
+## Security and Identity
+
+### IAM Best Practices
+
+```json
+// Least privilege policy example
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "dynamodb:GetItem",
+        "dynamodb:PutItem",
+        "dynamodb:Query"
+      ],
+      "Resource": "arn:aws:dynamodb:us-east-1:123456789:table/users",
+      "Condition": {
+        "ForAllValues:StringEquals": {
+          "dynamodb:LeadingKeys": ["${aws:userid}"]
+        }
+      }
+    }
+  ]
+}
+```
+
+### Secrets Manager vs Parameter Store
+
+| Factor | Secrets Manager | Parameter Store |
+|--------|-----------------|-----------------|
+| Auto-rotation | Built-in | Manual |
+| Cross-account | Yes | Limited |
+| Pricing | $0.40/secret/month | Free (standard) |
+| Use case | Credentials, API keys | Config, non-secrets |
+
+### Cognito Configuration
+
+```yaml
+UserPool:
+  Type: AWS::Cognito::UserPool
+  Properties:
+    UserPoolName: my-app-users
+    AutoVerifiedAttributes:
+      - email
+    MfaConfiguration: OPTIONAL
+    EnabledMfas:
+      - SOFTWARE_TOKEN_MFA
+    Policies:
+      PasswordPolicy:
+        MinimumLength: 12
+        RequireLowercase: true
+        RequireUppercase: true
+        RequireNumbers: true
+        RequireSymbols: true
+    AccountRecoverySetting:
+      RecoveryMechanisms:
+        - Name: verified_email
+          Priority: 1
+```
diff --git a/engineering-team/aws-solution-architect/architecture_designer.py b/engineering-team/aws-solution-architect/scripts/architecture_designer.py
similarity index 100%
rename from engineering-team/aws-solution-architect/architecture_designer.py
rename to engineering-team/aws-solution-architect/scripts/architecture_designer.py
diff --git a/engineering-team/aws-solution-architect/cost_optimizer.py b/engineering-team/aws-solution-architect/scripts/cost_optimizer.py
similarity index 100%
rename from engineering-team/aws-solution-architect/cost_optimizer.py
rename to engineering-team/aws-solution-architect/scripts/cost_optimizer.py
diff --git a/engineering-team/aws-solution-architect/serverless_stack.py b/engineering-team/aws-solution-architect/scripts/serverless_stack.py
similarity index 100%
rename from engineering-team/aws-solution-architect/serverless_stack.py
rename to engineering-team/aws-solution-architect/scripts/serverless_stack.py