aws-samples
diff --git a/‎.cfnlintrc
+2-2 b/‎.cfnlintrc
+2-2
diff --git a/‎.gitignore
+3-1 b/‎.gitignore
+3-1
diff --git a/‎.pre-commit-config.yaml
+9 b/‎.pre-commit-config.yaml
+9
diff --git a/‎CODEOWNERS
+1 b/‎CODEOWNERS
+1
diff --git a/‎Makefile
+2-2 b/‎Makefile
+2-2
diff --git a/‎README.md
+1-1 b/‎README.md
+1-1
diff --git a/‎dependencies/requirements.txt
+1-1 b/‎dependencies/requirements.txt
+1-1
diff --git a/‎doc/architecture.drawio
+1-1 b/‎doc/architecture.drawio
+1-1
diff --git a/‎doc/architecture.png
4.6 KB b/‎doc/architecture.png
4.6 KB
diff --git a/‎pyproject.toml
+12 b/‎pyproject.toml
+12
diff --git a/‎requirements-dev.txt
+3-1 b/‎requirements-dev.txt
+3-1
diff --git a/‎src/account/account_setup/lambda_handler.py
-61 b/‎src/account/account_setup/lambda_handler.py
-61
diff --git a/‎src/account/account_setup/resources/__init__.py
-27 b/‎src/account/account_setup/resources/__init__.py
-27
diff --git a/‎src/account/account_setup/resources/cloudwatch_logs.py
-52 b/‎src/account/account_setup/resources/cloudwatch_logs.py
-52
diff --git a/‎src/account/account_setup/resources/iam.py
-46 b/‎src/account/account_setup/resources/iam.py
-46
@@ -1,4 +1,4 @@
 templates:
-- template.yml
+  - template.yml
 include_checks:
-- I
+  - I
@@ -2,4 +2,6 @@
 .vscode
 .aws-sam
 *.zip
-*.toml
+*.bkp
+.DS_Store
+samconfig.toml
@@ -0,0 +1,9 @@
+repos:
+  - repo: https://github.com/aws-cloudformation/cfn-lint
+    rev: v0.72.2
+    hooks:
+      - id: cfn-lint-rc
+  - repo: https://github.com/psf/black
+    rev: 22.10.0
+    hooks:
+      - id: black
@@ -0,0 +1 @@
+* @aws-samples/aws-startup-sa-fintech
@@ -5,6 +5,7 @@ setup:
 	.venv/bin/python3 -m pip install -U pip
 	.venv/bin/python3 -m pip install -r requirements-dev.txt
 	.venv/bin/python3 -m pip install -r dependencies/requirements.txt
+	.venv/bin/pre-commit install
 
 create-signing-profile:
 	aws signer put-signing-profile --platform-id "AWSLambda-SHA384-ECDSA" --profile-name AccountSetupProfile
@@ -18,12 +19,11 @@ deploy:
 			SSOAssignmentFunction=AccountSetupProfile \
 			ServiceCatalogPortfolioFunction=AccountSetupProfile \
 			RegionalFunction=AccountSetupProfile \
-			AccountFunction=AccountSetupProfile \
 			DependencyLayer=AccountSetupProfile \
 		--tags "GITHUB_ORG=aws-samples GITHUB_REPO=aws-control-tower-account-setup-using-step-functions"
 
 clean:
 	sam delete
 
 format:
-	.venv/bin/black -t py39 .
+	.venv/bin/black .
@@ -32,7 +32,7 @@ This project will configure the following settings on a new AWS account provisio
 
 1. When [AWS Control Tower](https://aws.amazon.com/controltower/) provisions a new account, a [CreateManagedAccount](https://docs.aws.amazon.com/controltower/latest/userguide/lifecycle-events.html#create-managed-account) event is sent to the [Amazon EventBridge](https://aws.amazon.com/eventbridge/) default event bus.
 2. An Amazon EventBridge rule matches the `CreateManagedAccount` event and triggers an [AWS Step Functions](https://aws.amazon.com/step-functions/) state machine that executes [AWS Lambda](https://aws.amazon.com/lambda/) functions.
-3. The "Account Lambda" function assumes the `AWSControlTowerExecution` IAM role in the new account and adds the account-level [S3 public block setting](https://docs.aws.amazon.com/AmazonS3/latest/userguide/configuring-block-public-access-account.html), creates a CloudWatch Logs resource policy in the us-east-1 region that allows Route 53 to write DNS [query logs](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html#query-logs-configuring) to CloudWatch
+3. Step Functions assumes the `AWSControlTowerExecution` IAM role in the new account and uses the [AWS SDK service integration](https://docs.aws.amazon.com/step-functions/latest/dg/supported-services-awssdk.html) to set the password policy using `iam:UpdateAccountPasswordPolicy`, adds the account-level [S3 public block setting](https://docs.aws.amazon.com/AmazonS3/latest/userguide/configuring-block-public-access-account.html), creates a CloudWatch Logs resource policy in the us-east-1 region that allows Route 53 to write DNS [query logs](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html#query-logs-configuring) to CloudWatch
 4. Step Functions then uses the [AWS SDK service integration](https://docs.aws.amazon.com/step-functions/latest/dg/supported-services-awssdk.html) to call `ec2:DescribeRegions` to get a list of regions
 5. The "Regional Lambda" function assumes the `AWSControlTowerExecution` IAM role in the new account and enables various ECS [settings](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html), deletes the [default VPC](https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html), enables [EBS encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default), and blocks [public SSM document sharing](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-share-block.html) from all regions
 6. The "Portfolio Share Lambda" function assumes the `AWSControlTowerExecution` IAM role in the new account and accepts shared Service Catalog portfolios in the new account and grants specific principals access to those portfolios.
 
@@ -1 +1 @@
-aws-lambda-powertools==1.29.2
+aws-lambda-powertools[tracer,validation]==2.4.0
@@ -1 +1 @@
-<mxfile host="Electron" modified="2022-02-16T17:55:59.631Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/16.5.1 Chrome/96.0.4664.110 Electron/16.0.7 Safari/537.36" etag="a_Lcp7LoAxeQ85WEFdLR" version="16.5.1" type="device"><diagram id="e2U1G6x-BJkl-3YJFppk" name="Page-1">7V1Zd5s6EP41eawPQhLLo5c4bW/cpnXTtH3xwSBjGmy5IC/Jr78Si21AdpwWHCcm7WnRIISYme8bLQO5gO3J6iqwZuMedYh/oSrO6gJ2LlTVRBr/VwgeYoGmq7HADTwnFoGNoO89kkSoJNK555AwU5FR6jNvlhXadDolNsvIrCCgy2y1EfWzd51ZLikI+rblF6V3nsPGsdTAykb+nnjuOL0zUJIzEyutnAjCseXQ5ZYIXl7AdkApi48mqzbxhe5SvcTXdXecXXcsIFN2yAV3N3/++zP789PScAeSL9/utcfrd0krC8ufJw/cs6b8mSaiUVVp2jadi6PoAdhDqpUZ9aYs0ixu8b/8xm3lAvMzbVFqqDgnyJf1rAAUS6KNrCBf1rMCkG8e5O4P8h3cEhRKmeaV3P2VrQ7yv7BF58z3pqS99kGFC93Acjyuxjb1acBlUzrl2muN2cTnJcAPl2OPkf7MsoVWlxw+XDaiU5agAKhpOVG8aJV70UwcT1auwFvDWoao4QZ0Potu+YHjQHp2wA8Htk/nzsDymWiIBfSepJ27UCH/0xWe0xp5vp/r9IIEzOOgaPqeK9pnVNzOSko+GUUt8ifxpu51VOpAJem97BaOFY6JkzxS0ZFTr+R3JastUeLYV4ROCAseeJX0bIq6lGWS4nIDWZRWGW/BVYeJ0Epowl03vUESP0jAJAfW3PnRuWJzw/nQ6335/nGI3M9UAqzmXZ8L+ozM+H/d+dRmHp2GopM0uB/5nBpqlL0JlIXcxINRauDB2rwSzLU73FdRpZhb36JszEGYxRyARdABLAGdhkoAnTSaGQXQFTBFHB7ekyIN2Ji6dGr5lxtpi9tx6qwVtalzTYUBIpf6TRh7SPzHmjOadbidug3pPLDJnv4nYyVmBS5he+rpcT3xLHstFRDfYt4iO5QpXevaDqrjQOX+zi/XooAzDPiRK46+0SUJDmM7KePJWE/KfEX2y1SL+Ehyh7xQJtOLQlCsllJYUSiTyfg6fzWQXA1yV0dsWauzVHVKg8+u4U0+KPFzXYiQoW6d63gBiSJExPiBYMxMFODXtNoAYk0WN0bRT57U04hxbQ2Jf0NDL2l+SBmjkydDis17xXGZ4bKnAqUVzmJ1jLyV6Ic8cgYkpr44brZ4URZB7ZgvBiyih3LGhbkYBRUojJ0fGhrFIJXKSmdL85XHqNJjT3LpjeCr3aMLqOYMEgfJ5KqcTdbd+Hsz6cWgNrEeudMWotnlguuwFXhCIXVMq0n4dZMwEd48jL25FApW0clRMCiOWAvI/WeGJSuP/dg6/ima4k8elzqrpOWo8LBVuCGBxx9T+MD+mdo2U0uXIFBxNvFIF4/Bd3TbQcZP7dfA/t59aL6Dx2F0nHMEAFHDVLCqQYB1w0Q6Pojgi5HCNLIOBrSGoSFVMwECGAKUbTZWW2VxAzxzDppM9t+Au6kHutuRBhB5d4PAaMDIz6BmoHx7f+1sqt7QoKkCAHizpmJW5m1SXaLXM5iU+ox+oM+oRxp06mhXrDoWfRTXjT+RJRf0yGQoFk3qLZm3tVj8ZrdksJrlX8mWDEhlpW/JyLFVnNO9xWHfoXFYOw6novw2gZ5rYgejPhnQuedyRthE9IMCelk8nTr3+Q3zDp1VGEdyL9XMeAVC5l+7VwNDDSkKxIrOJybZZhXcMAyITV0HhoHSrJbyvc3o4dtrszkZ9gZf2e/bdtgb30s2k9fLUOkqVCoQ9J5xQ+3PnKYn3oWRXzV5BYBnq83JtBWQNsO7GbeUbZ2Lt+6Y93ff92Yh2RFFt5y4sF6RW3LpdhX+U4xV6wWXEsKTqhyyLKFKApRaQnySWlk9lpXVs7EyPD0rw2NZGZ6PlXFuiGGiI1pZGv12pv+QYOFxVRZ2EdoWs3zqFgxR7yDUu+Knq856Q6byDZkwZoyBnRBEOZNzXcswJjYkCZMVbcnsW+Ar8mX/c02JJ45hjHQ+6XoWhts6gKB7Phj2pq5PBiHvzSCqV8YEJrccoukvDOHiwDbNmFC+37RrFJ82ik2EO91nRmLchEoLnw2KFzO7mugLMThiSsS+xeAD0p3aYsPizmL2mNe/pm5YI7uesrwiddZTluoTeQVFLAVFDNRqGBMYyksz5u4EUaUPa048bRBrShNC/XkgVnUdgPMBcQirga6q45eGbjFFbw3dy3a/xu5pY7erG5cKeh52OwpuA/1ssEvssBrwIvWFofvMt2fKSrvYqcon0yUkr3Tu2zCqPMMxn78KjYaiIqgBExkmxkYuseHg7AkMco4CGoaOIMIYmTo0Dku3LSstNv14SPWbrOhsN1lRuv74YlusR8uKwWdrZJzms7+YkY+WFKOdrZFlOwdVGfkj+PYbLgerO6M7/GJfuV/upu+liU85BZ9Y4mQuTJeWqCtVz7+OBP7pOzaSjdn0BQTl2poMHaueL9XzpVc+X/JjRy6HXY3sSPi4S5X7Ura3MPyVuJ6gzxrENYhrED8N4mOue+xbRtiC8A03+oj6Hi1u0fbH/NlraNfQrqH9NLSPmfq47x3oLWhHSY/KVfQGaQHczVCkkSXfZ60RXiO8RvgTCD9mZuTtoosWn1D31+jH169j8/3tO8/Z/TLIQ8jIRHwCNv7oclAAcnhPRKJVrO8a1XVe1emqs86rqj4lI+aLwSRhi2peBVHUl2XLA75pc2KrwSW9Rr8vdhz7NXodVfYho91r3JIQ+aHZq4Pia2Lx+mWgp1jcc3gHPPYwsKbOwLJtEqaMHk3qUlIpMLiEZw4mddOobg2aFze/xCTmg81vgoGX/wM=</diagram></mxfile>
+<mxfile host="Electron" modified="2022-11-21T04:15:53.213Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/20.3.0 Chrome/104.0.5112.114 Electron/20.1.3 Safari/537.36" etag="RJDDGnhv1N52IQDD1po4" version="20.3.0" type="device"><diagram id="e2U1G6x-BJkl-3YJFppk" name="Page-1">7V1bV+I6FP41PspqmqSXRwRxnKPnqIzjjC+sUgJ0LIRpg6C//iS9AG0C4liKDHVcI9lN03Tv/X07l91yAhuj+UXgTIbXtEf8E13rzU9g80TXbWTw/4XgJRZgy4wFg8DrxSKwFLS9V5IItUQ69XokzFRklPrMm2SFLh2PicsyMicI6CxbrU/97FUnzoBIgrbr+LL0weuxYSy1sLaUfyHeYJheGWjJkZGTVk4E4dDp0dmKCJ6fwEZAKYs/jeYN4gvdpXqJz2utObroWEDGbJsTHk8frfHl5EZ7tNraw/nX27ZBTxNjPDv+NLnhOzLw6JjLLhkJHEaDpPfsJVVJ3/P9BvX5Edgc0zGXnoUsoE8kFZ7oENeNhmXwIz0nHBLRA8ALzyRgHtdt3fcGYy5jdMKlfTpm7aR5LSmrmkq6ytsg87U6AAvNco8kdERY8MKrJCfA1G6JN0Kg1XAsmS2tC1KTDVcta9tpVSfxqcGi/aXa+YdE82orPNz8/uf35PdPx8BNSG6/PRmvV6dAssK1M+aeNRK3pWt116VT8SlniAn1xizqCz7jv7zTDe0E8yMNUarpOCfIl82sAMgl0UZWkC+bWQHINw9y1wf5Dq4IpFKmeS13fW2lg/wXntEp870x98KUCYQzDQKn55GlQyUOO2QjP3HK2dBjpD1xXKHVGSex1CVjLgK6wkU5lifi82g+EKxXc2Yhqg0COp1El7zkbKQ82uEfO65Pp72O4zMVcPi/lvCcMwXK1PBxkpJP+lGL/E688eAqKjWhAlCLSyywqS3QJUFJAbi16FpwX4IuQ5OghTQFtEyofRxY096P5gWbWr3L6+vb71+7aPAfVQCr/tDmgjYjE/6nNR27jLNdKDpJg6e+zwm6QtlfgbKQm7jTTw3cWZhXgblGk/sq2inmFpcoGnMQZjEHoAw6gBWgM1ABoFNGM0sCnYQp0uODrKRIAzakAzp2/POl9IzbcdxbKGpZ54oKA0Qu9Ysw9pL4jzNlNOtwa3Ub0mngkg39T0aszAkGhG2ol4ydxL1stFRAfId5z9kBZeFaN9ZQHQcq93d+uhEFnC4fzxkD8ekbnRF5cKdkOyXjqVhPyXwy+2WqRXykuEJeqJKZshDI1VIKk4UqmYqv82cDxdkgd3bElpU6C1WnMvisG97kgxI/1oIIWfrKsaYXkChCRIwfCMbMRAF+zlkDQGyo4kY/+smTehoxrpwu8W9o6CXNdyljdPRmSHF5rzguM1z2VqB0wkmsjr43F/1QR86AxNQXx80zXlRFUDfmiw6L6KGYcWEuRkENKmZdyJKDVCornC3tA49Rhcee5NQbwVfrRxdQzxkkDpLJWTmbLLrx52aSlyfqI+dVLE/ko9n5M9fhWeAJhVQxrSLhwyZhIry5G3tzIRSso09HwUAesUrI/TDDkrnHfqx8/ima4ncel5rzpOWo8LJSuCGBx29T+MDmmdoqUyuXIJA8m3ilz6/Bd3TfRNZP47Hjfm+91E9hOYyOc44AIKrZGtYNCLBp2cjMrXGuIXg5UthW1sGAUbMMpBs2QABDgLLNxmrbWdwA75yDJpP9vbjbVq6lXLwHW7pWSYOFvGtBYNVg5FPQsFC+vW0dC+l2plVdQ/l1+OKcSak+dDhjRSUDmVu6iV7SmNJE60JRWewgLwv/S2ZccE1GXbEmUu24/F1rwX/tjgvWs5Sr2HEBqazwHRc1tuQp2+cY1e0+zBrl8OefB8Q3Izb3U47/ZcjeKmIXxcqpKx/CmG0/UwRrPw6GkP3H7lXD0ECaBrFm8llGtlkN1ywLYts0gWWhNFGoeG+zrvH9lV0fda87d+zXfSO8Hj4pdoYXa0rpklIqEGSecUPj95SmB07DyK/qvALAk/nyYNoKSJvh3YxbyrbOxStXzPu773uTkKyJmStOLC0+5NZPWi2N/8iRabF6UkAw0rVt1hhUuTV6AdFIaWW9LCvrR2Nl+PmsDMuyMjweK+cS5YCNSrSyMvqtzeUhwbPHVSltCTQc5vh0IBmi2g6otrg/rzqr3ZWd766EMWN03IQgipmKm0aGMbGlyH7c0f7KpuU8mS/b/1WU+MkxjJHJJ13vwnDDBBC0jgfD3njgk07Ie9OJ6hUxgckthxjmniEsD2zT9Aft+02jQvHnRrGNcLP1zkiM61A7w0eD4ueJu5voi3Rjv9BVpOOuyVxqiM2JB4e5Q17/ig7CCtfVhOWA1FlNWHafkysoYiYooqPvhi+BpXoQslTGXJ/rqbVhxYmfG8SGVofQfB+IddME4HhAHMLdQFc38b6hK2fbLaB73mhX2P3c2G2Z1rmG3ofdpoYbwDwa7BI33NEqYbqbti/ovvNBmKKSLtaq8s1kCcXTmZu2i3aezZjPe4ZWTdMRNICNLBtjK5fWsHXuBAa5CS2oWSaCCGNkm9DaLpu2qBTY9G0su99iRUe7xaqbZW6kq81cWlYMPlozYxvt2cilJcUYR2tk1c7Broz8FXz7BWed+YPV6t66F4Pbh/EXZeJTTsGHn4WrvPOS4n6pj6VsyhqVXt3liDOvnFG350g2r2Ze1czrsGZefuzIxbC0bebG1OVtEm2ay6xA+IYbvU99j8r7RO0hv/cK2hW0K2groJ1OiPeQfbXpocsVaEd5V9pF9MiaBO56KDJZkvc9VgivEF4h/A2El5mcdf/cQs//otZj/8fd3dD+cn/q9dbno7+EjIzEKyXjl7gGEpDDJyKyPWJ9V6iukjs+rzqr5I7d7wvHfNEZJWyxk30miEGJm8RKvtziNRoHtiSleG53U6Qoe0nKRDt76c6mlTcpIF7Wr6sQeEicXT198BZnez3eAY+9dJxxr+O4LglT/o6mcDuhcNsqkcGVfKd6znZDrsBOX4SUI9PC9hSU9fQP8vWHtK6g1TCcjsRS4B31xR9PJFqte2XRUt/rXr2zupfWDak/ZaQeuCmUhHRZQguIp9+GskxI/dg3c+Smd8BSPXCcrupk3L2APTSl4vHf5u76lu6O9unu8s7lBRGDnHhzS3444kD9WzdU2R6l+vcW7988LP9WjMfX75zuy7/ladAx0DnEqiTlgtydF5dfoxXPZpbfRQbP/wc=</diagram></mxfile>
@@ -0,0 +1,12 @@
+[tool.black]
+line-length = 88
+target-version = ['py39']
+include = '\.pyi?$'
+extend-exclude = '''
+(
+  /(
+      \.venv
+    | \.aws-sam
+  )/
+)
+'''
@@ -1 +1,3 @@
-black==22.8.0
+black==22.10.0
+wheel==0.38.2
+pre-commit==2.20.0
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-aws-lambda-powertools==1.29.2`
	`1`	`+aws-lambda-powertools[tracer,validation]==2.4.0`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		-<mxfile host="Electron" modified="2022-02-16T17:55:59.631Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/16.5.1 Chrome/96.0.4664.110 Electron/16.0.7 Safari/537.36" etag="a_Lcp7LoAxeQ85WEFdLR" version="16.5.1" type="device"><diagram id="e2U1G6x-BJkl-3YJFppk" name="Page-1">7V1Zd5s6EP41eawPQhLLo5c4bW/cpnXTtH3xwSBjGmy5IC/Jr78Si21AdpwWHCcm7WnRIISYme8bLQO5gO3J6iqwZuMedYh/oSrO6gJ2LlTVRBr/VwgeYoGmq7HADTwnFoGNoO89kkSoJNK555AwU5FR6jNvlhXadDolNsvIrCCgy2y1EfWzd51ZLikI+rblF6V3nsPGsdTAykb+nnjuOL0zUJIzEyutnAjCseXQ5ZYIXl7AdkApi48mqzbxhe5SvcTXdXecXXcsIFN2yAV3N3/++zP789PScAeSL9/utcfrd0krC8ufJw/cs6b8mSaiUVVp2jadi6PoAdhDqpUZ9aYs0ixu8b/8xm3lAvMzbVFqqDgnyJf1rAAUS6KNrCBf1rMCkG8e5O4P8h3cEhRKmeaV3P2VrQ7yv7BF58z3pqS99kGFC93Acjyuxjb1acBlUzrl2muN2cTnJcAPl2OPkf7MsoVWlxw+XDaiU5agAKhpOVG8aJV70UwcT1auwFvDWoao4QZ0Potu+YHjQHp2wA8Htk/nzsDymWiIBfSepJ27UCH/0xWe0xp5vp/r9IIEzOOgaPqeK9pnVNzOSko+GUUt8ifxpu51VOpAJem97BaOFY6JkzxS0ZFTr+R3JastUeLYV4ROCAseeJX0bIq6lGWS4nIDWZRWGW/BVYeJ0Epowl03vUESP0jAJAfW3PnRuWJzw/nQ6335/nGI3M9UAqzmXZ8L+ozM+H/d+dRmHp2GopM0uB/5nBpqlL0JlIXcxINRauDB2rwSzLU73FdRpZhb36JszEGYxRyARdABLAGdhkoAnTSaGQXQFTBFHB7ekyIN2Ji6dGr5lxtpi9tx6qwVtalzTYUBIpf6TRh7SPzHmjOadbidug3pPLDJnv4nYyVmBS5he+rpcT3xLHstFRDfYt4iO5QpXevaDqrjQOX+zi/XooAzDPiRK46+0SUJDmM7KePJWE/KfEX2y1SL+Ehyh7xQJtOLQlCsllJYUSiTyfg6fzWQXA1yV0dsWauzVHVKg8+u4U0+KPFzXYiQoW6d63gBiSJExPiBYMxMFODXtNoAYk0WN0bRT57U04hxbQ2Jf0NDL2l+SBmjkydDis17xXGZ4bKnAqUVzmJ1jLyV6Ic8cgYkpr44brZ4URZB7ZgvBiyih3LGhbkYBRUojJ0fGhrFIJXKSmdL85XHqNJjT3LpjeCr3aMLqOYMEgfJ5KqcTdbd+Hsz6cWgNrEeudMWotnlguuwFXhCIXVMq0n4dZMwEd48jL25FApW0clRMCiOWAvI/WeGJSuP/dg6/ima4k8elzqrpOWo8LBVuCGBxx9T+MD+mdo2U0uXIFBxNvFIF4/Bd3TbQcZP7dfA/t59aL6Dx2F0nHMEAFHDVLCqQYB1w0Q6Pojgi5HCNLIOBrSGoSFVMwECGAKUbTZWW2VxAzxzDppM9t+Au6kHutuRBhB5d4PAaMDIz6BmoHx7f+1sqt7QoKkCAHizpmJW5m1SXaLXM5iU+ox+oM+oRxp06mhXrDoWfRTXjT+RJRf0yGQoFk3qLZm3tVj8ZrdksJrlX8mWDEhlpW/JyLFVnNO9xWHfoXFYOw6novw2gZ5rYgejPhnQuedyRthE9IMCelk8nTr3+Q3zDp1VGEdyL9XMeAVC5l+7VwNDDSkKxIrOJybZZhXcMAyITV0HhoHSrJbyvc3o4dtrszkZ9gZf2e/bdtgb30s2k9fLUOkqVCoQ9J5xQ+3PnKYn3oWRXzV5BYBnq83JtBWQNsO7GbeUbZ2Lt+6Y93ff92Yh2RFFt5y4sF6RW3LpdhX+U4xV6wWXEsKTqhyyLKFKApRaQnySWlk9lpXVs7EyPD0rw2NZGZ6PlXFuiGGiI1pZGv12pv+QYOFxVRZ2EdoWs3zqFgxR7yDUu+Knq856Q6byDZkwZoyBnRBEOZNzXcswJjYkCZMVbcnsW+Ar8mX/c02JJ45hjHQ+6XoWhts6gKB7Phj2pq5PBiHvzSCqV8YEJrccoukvDOHiwDbNmFC+37RrFJ82ik2EO91nRmLchEoLnw2KFzO7mugLMThiSsS+xeAD0p3aYsPizmL2mNe/pm5YI7uesrwiddZTluoTeQVFLAVFDNRqGBMYyksz5u4EUaUPa048bRBrShNC/XkgVnUdgPMBcQirga6q45eGbjFFbw3dy3a/xu5pY7erG5cKeh52OwpuA/1ssEvssBrwIvWFofvMt2fKSrvYqcon0yUkr3Tu2zCqPMMxn78KjYaiIqgBExkmxkYuseHg7AkMco4CGoaOIMIYmTo0Dku3LSstNv14SPWbrOhsN1lRuv74YlusR8uKwWdrZJzms7+YkY+WFKOdrZFlOwdVGfkj+PYbLgerO6M7/GJfuV/upu+liU85BZ9Y4mQuTJeWqCtVz7+OBP7pOzaSjdn0BQTl2poMHaueL9XzpVc+X/JjRy6HXY3sSPi4S5X7Ura3MPyVuJ6gzxrENYhrED8N4mOue+xbRtiC8A03+oj6Hi1u0fbH/NlraNfQrqH9NLSPmfq47x3oLWhHSY/KVfQGaQHczVCkkSXfZ60RXiO8RvgTCD9mZuTtoosWn1D31+jH169j8/3tO8/Z/TLIQ8jIRHwCNv7oclAAcnhPRKJVrO8a1XVe1emqs86rqj4lI+aLwSRhi2peBVHUl2XLA75pc2KrwSW9Rr8vdhz7NXodVfYho91r3JIQ+aHZq4Pia2Lx+mWgp1jcc3gHPPYwsKbOwLJtEqaMHk3qUlIpMLiEZw4mddOobg2aFze/xCTmg81vgoGX/wM=</diagram></mxfile>
	`1`	+<mxfile host="Electron" modified="2022-11-21T04:15:53.213Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/20.3.0 Chrome/104.0.5112.114 Electron/20.1.3 Safari/537.36" etag="RJDDGnhv1N52IQDD1po4" version="20.3.0" type="device"><diagram id="e2U1G6x-BJkl-3YJFppk" name="Page-1">7V1bV+I6FP41PspqmqSXRwRxnKPnqIzjjC+sUgJ0LIRpg6C//iS9AG0C4liKDHVcI9lN03Tv/X07l91yAhuj+UXgTIbXtEf8E13rzU9g80TXbWTw/4XgJRZgy4wFg8DrxSKwFLS9V5IItUQ69XokzFRklPrMm2SFLh2PicsyMicI6CxbrU/97FUnzoBIgrbr+LL0weuxYSy1sLaUfyHeYJheGWjJkZGTVk4E4dDp0dmKCJ6fwEZAKYs/jeYN4gvdpXqJz2utObroWEDGbJsTHk8frfHl5EZ7tNraw/nX27ZBTxNjPDv+NLnhOzLw6JjLLhkJHEaDpPfsJVVJ3/P9BvX5Edgc0zGXnoUsoE8kFZ7oENeNhmXwIz0nHBLRA8ALzyRgHtdt3fcGYy5jdMKlfTpm7aR5LSmrmkq6ytsg87U6AAvNco8kdERY8MKrJCfA1G6JN0Kg1XAsmS2tC1KTDVcta9tpVSfxqcGi/aXa+YdE82orPNz8/uf35PdPx8BNSG6/PRmvV6dAssK1M+aeNRK3pWt116VT8SlniAn1xizqCz7jv7zTDe0E8yMNUarpOCfIl82sAMgl0UZWkC+bWQHINw9y1wf5Dq4IpFKmeS13fW2lg/wXntEp870x98KUCYQzDQKn55GlQyUOO2QjP3HK2dBjpD1xXKHVGSex1CVjLgK6wkU5lifi82g+EKxXc2Yhqg0COp1El7zkbKQ82uEfO65Pp72O4zMVcPi/lvCcMwXK1PBxkpJP+lGL/E688eAqKjWhAlCLSyywqS3QJUFJAbi16FpwX4IuQ5OghTQFtEyofRxY096P5gWbWr3L6+vb71+7aPAfVQCr/tDmgjYjE/6nNR27jLNdKDpJg6e+zwm6QtlfgbKQm7jTTw3cWZhXgblGk/sq2inmFpcoGnMQZjEHoAw6gBWgM1ABoFNGM0sCnYQp0uODrKRIAzakAzp2/POl9IzbcdxbKGpZ54oKA0Qu9Ysw9pL4jzNlNOtwa3Ub0mngkg39T0aszAkGhG2ol4ydxL1stFRAfId5z9kBZeFaN9ZQHQcq93d+uhEFnC4fzxkD8ekbnRF5cKdkOyXjqVhPyXwy+2WqRXykuEJeqJKZshDI1VIKk4UqmYqv82cDxdkgd3bElpU6C1WnMvisG97kgxI/1oIIWfrKsaYXkChCRIwfCMbMRAF+zlkDQGyo4kY/+smTehoxrpwu8W9o6CXNdyljdPRmSHF5rzguM1z2VqB0wkmsjr43F/1QR86AxNQXx80zXlRFUDfmiw6L6KGYcWEuRkENKmZdyJKDVCornC3tA49Rhcee5NQbwVfrRxdQzxkkDpLJWTmbLLrx52aSlyfqI+dVLE/ko9n5M9fhWeAJhVQxrSLhwyZhIry5G3tzIRSso09HwUAesUrI/TDDkrnHfqx8/ima4ncel5rzpOWo8LJSuCGBx29T+MDmmdoqUyuXIJA8m3ilz6/Bd3TfRNZP47Hjfm+91E9hOYyOc44AIKrZGtYNCLBp2cjMrXGuIXg5UthW1sGAUbMMpBs2QABDgLLNxmrbWdwA75yDJpP9vbjbVq6lXLwHW7pWSYOFvGtBYNVg5FPQsFC+vW0dC+l2plVdQ/l1+OKcSak+dDhjRSUDmVu6iV7SmNJE60JRWewgLwv/S2ZccE1GXbEmUu24/F1rwX/tjgvWs5Sr2HEBqazwHRc1tuQp2+cY1e0+zBrl8OefB8Q3Izb3U47/ZcjeKmIXxcqpKx/CmG0/UwRrPw6GkP3H7lXD0ECaBrFm8llGtlkN1ywLYts0gWWhNFGoeG+zrvH9lV0fda87d+zXfSO8Hj4pdoYXa0rpklIqEGSecUPj95SmB07DyK/qvALAk/nyYNoKSJvh3YxbyrbOxStXzPu773uTkKyJmStOLC0+5NZPWi2N/8iRabF6UkAw0rVt1hhUuTV6AdFIaWW9LCvrR2Nl+PmsDMuyMjweK+cS5YCNSrSyMvqtzeUhwbPHVSltCTQc5vh0IBmi2g6otrg/rzqr3ZWd766EMWN03IQgipmKm0aGMbGlyH7c0f7KpuU8mS/b/1WU+MkxjJHJJ13vwnDDBBC0jgfD3njgk07Ie9OJ6hUxgckthxjmniEsD2zT9Aft+02jQvHnRrGNcLP1zkiM61A7w0eD4ueJu5voi3Rjv9BVpOOuyVxqiM2JB4e5Q17/ig7CCtfVhOWA1FlNWHafkysoYiYooqPvhi+BpXoQslTGXJ/rqbVhxYmfG8SGVofQfB+IddME4HhAHMLdQFc38b6hK2fbLaB73mhX2P3c2G2Z1rmG3ofdpoYbwDwa7BI33NEqYbqbti/ovvNBmKKSLtaq8s1kCcXTmZu2i3aezZjPe4ZWTdMRNICNLBtjK5fWsHXuBAa5CS2oWSaCCGNkm9DaLpu2qBTY9G0su99iRUe7xaqbZW6kq81cWlYMPlozYxvt2cilJcUYR2tk1c7Broz8FXz7BWed+YPV6t66F4Pbh/EXZeJTTsGHn4WrvPOS4n6pj6VsyhqVXt3liDOvnFG350g2r2Ze1czrsGZefuzIxbC0bebG1OVtEm2ay6xA+IYbvU99j8r7RO0hv/cK2hW0K2groJ1OiPeQfbXpocsVaEd5V9pF9MiaBO56KDJZkvc9VgivEF4h/A2El5mcdf/cQs//otZj/8fd3dD+cn/q9dbno7+EjIzEKyXjl7gGEpDDJyKyPWJ9V6iukjs+rzqr5I7d7wvHfNEZJWyxk30miEGJm8RKvtziNRoHtiSleG53U6Qoe0nKRDt76c6mlTcpIF7Wr6sQeEicXT198BZnez3eAY+9dJxxr+O4LglT/o6mcDuhcNsqkcGVfKd6znZDrsBOX4SUI9PC9hSU9fQP8vWHtK6g1TCcjsRS4B31xR9PJFqte2XRUt/rXr2zupfWDak/ZaQeuCmUhHRZQguIp9+GskxI/dg3c+Smd8BSPXCcrupk3L2APTSl4vHf5u76lu6O9unu8s7lBRGDnHhzS3444kD9WzdU2R6l+vcW7988LP9WjMfX75zuy7/ladAx0DnEqiTlgtydF5dfoxXPZpbfRQbP/wc=</diagram></mxfile>