From 53c5a9b3afa44a79fd3d148711d8671364e8c639 Mon Sep 17 00:00:00 2001
From: Biswanath Mukherjee <awsbiswa@amazon.com>
Date: Sat, 3 Feb 2024 11:45:43 +0530
Subject: [PATCH 1/4] Initial checkin

---
 ec2-s3-express-one-zone-sam/.gitignore        |   8 +
 ec2-s3-express-one-zone-sam/README.md         |  93 +++++++++
 .../example-pattern.json                      |  58 ++++++
 .../images/architecture.png                   | Bin 0 -> 13299 bytes
 ec2-s3-express-one-zone-sam/template.yaml     | 194 ++++++++++++++++++
 5 files changed, 353 insertions(+)
 create mode 100644 ec2-s3-express-one-zone-sam/.gitignore
 create mode 100644 ec2-s3-express-one-zone-sam/README.md
 create mode 100644 ec2-s3-express-one-zone-sam/example-pattern.json
 create mode 100644 ec2-s3-express-one-zone-sam/images/architecture.png
 create mode 100644 ec2-s3-express-one-zone-sam/template.yaml

diff --git a/ec2-s3-express-one-zone-sam/.gitignore b/ec2-s3-express-one-zone-sam/.gitignore
new file mode 100644
index 000000000..dbb0539c9
--- /dev/null
+++ b/ec2-s3-express-one-zone-sam/.gitignore
@@ -0,0 +1,8 @@
+# SAM default build folder
+.aws-sam/
+
+# macOS
+*.DS_Store
+
+#VS Code
+.vscode/
diff --git a/ec2-s3-express-one-zone-sam/README.md b/ec2-s3-express-one-zone-sam/README.md
new file mode 100644
index 000000000..9880bfb06
--- /dev/null
+++ b/ec2-s3-express-one-zone-sam/README.md
@@ -0,0 +1,93 @@
+# Amazon EC2 to Amazon S3 Express One Zone directory bucket
+
+This sample project creates an Amazon EC2 Instance and Amazon S3 Express One Zone Direct Bucket under the same availability zone. 
+
+Learn more about this pattern at Serverless Land Patterns: https://serverlessland.com/patterns/ec2-s3-express-one-zone-sam
+
+Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example.
+
+## Requirements
+
+- [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
+- [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured
+- [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
+- [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) (AWS SAM) installed
+
+## Prerequisite
+1. Please refer to the [list of availability zones where Amazon S3 Express One Zone is currently supported](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Endpoints.html) and choose one.
+2. Execute the below from command line and make a note of the `ZoneName` and `ZoneId`. It will be required during deployment:
+   ```bash
+   aws ec2 describe-availability-zones --region {region-name}
+   ```
+3. Choose an AMI Id for your region.
+
+## Deployment Instructions
+
+1. Create a new directory, navigate to that directory in a terminal and clone the GitHub repository:
+   ```bash
+   git clone https://github.com/aws-samples/serverless-patterns
+   ```
+2. Change directory to the pattern directory:
+   ```bash
+   cd ec2-s3-express-one-zone-sam
+   ```
+3. From the command line, use AWS SAM to deploy the AWS resources for the pattern as specified in the template.yml file:
+   ```bash
+   sam deploy --guided
+   ```
+4. During the prompts:
+
+   - Enter a stack name
+   - Enter the desired AWS Region. Please refer to the prerequisite 1 and choose a region.
+   - Enter `AvailabilityZoneName` and `AvailabilityZoneId` as per the prerequisite 2.
+   - Enter the `ImageId` as per prerequisite 3.
+   - Allow SAM CLI to create IAM roles with the required permissions.
+
+   Once you have run `sam deploy --guided` mode once and saved arguments to a configuration file (samconfig.toml), you can use `sam deploy` in future to use these defaults.
+
+5. Note the outputs from the SAM deployment process. These contain the resource names and/or ARNs which are used for next step as well as testing.
+
+
+## How it works
+
+
+Please refer to the architecture diagram below:
+
+![End to End Architecture](images/architecture.png)
+
+S3 Express One Zone is the first S3 storage class that gives you the option to co-locate high-performance object storage and AWS compute resources, such as Amazon Elastic Compute Cloud, Amazon Elastic Kubernetes Service, and Amazon Elastic Container Service, within a single Availability Zone.
+Here, we provisioned both the Amazon EC2 instance and the S3 Express One Zone Directory bucket within same availability zone. We will perform both read and write opertation from the directory bucket from within the EC2 instance and outside. 
+
+## Testing
+
+
+1. Log into the Amazon EC2 instance using AWS console and execute the following command to upload file into Amazon S3 Express One Zone diretory bucket. Please replace `BucketExpressOneZoneName` from the `sam deploy -g` output.
+   ```bash
+   echo "Hello World!" > sample.txt
+   aws s3api put-object --bucket {BucketExpressOneZoneName}  --key sample.txt --body sample.txt
+
+   ```
+2. Now, download the same file from your laptop command line using the following command and validate the content.: 
+   ```bash
+   aws s3api get-object --bucket {BucketExpressOneZoneName} --key sample.txt ./sample.txt --region {my-region}
+   cat sample.txt
+   ```
+
+
+## Cleanup
+
+1. Delete the content in the Amazon S3 bucket using the following command. Please *ensure* that the correct bucket name is provided to avoid accidental data loss:
+   ```bash
+   aws s3 rm s3://{BucketExpressOneZoneName} --recursive --region {my-region}
+   ```
+
+2. To delete the resources deployed to your AWS account via AWS SAM, run the following command:
+   ```bash
+   sam delete
+   ```
+
+---
+
+Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+SPDX-License-Identifier: MIT-0
diff --git a/ec2-s3-express-one-zone-sam/example-pattern.json b/ec2-s3-express-one-zone-sam/example-pattern.json
new file mode 100644
index 000000000..4bed5733a
--- /dev/null
+++ b/ec2-s3-express-one-zone-sam/example-pattern.json
@@ -0,0 +1,58 @@
+{
+  "title": "Amazon EC2 to Amazon S3 Express One Zone directory bucket",
+  "description": "SAM Template that creates an EC2 Instance, an Amazon S3 Express One Zone directory bucket and required IAM Role to access the bucket from the instance",
+  "language": "YAML",
+  "level": "200",
+  "framework": "SAM",
+  "introBox": {
+    "headline": "How it works",
+    "text": [
+      "Both Amazon EC2 Instance and Amazon S3 Express One Zone directory bucket are provisioned within same availability zone.",
+      "Access to the directory bucket from the EC2 instance is provided through IAM Role associated with the instance profile."
+    ]
+  },
+  "gitHub": {
+    "template": {
+      "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/ec2-s3-express-one-zone-sam",
+      "templateURL": "serverless-patterns/ec2-s3-express-one-zone-sam",
+      "projectFolder": "ec2-s3-express-one-zone-sam",
+      "templateFile": "template.yaml"
+    }
+  },
+  "resources": {
+    "bullets": [
+      {
+        "text": "Amazon S3 User Guide",
+        "link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html"
+      },
+      {
+        "text": "AWS CLI Command Refernece",
+        "link": "https://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html"
+      }
+    ]
+  },
+  "deploy": {
+    "text": [
+      "sam deploy --guided"
+    ]
+  },
+  "testing": {
+    "text": [
+      "See the GitHub repo for detailed testing instructions."
+    ]
+  },
+  "cleanup": {
+    "text": [
+      "Delete the Amazon S3 bucket content: <code>aws s3 rm s3://{BucketExpressOneZoneName} --recursive</code> --region {my-region}",
+      "Delete the stack: <code>sam delete</code>."
+    ]
+  },
+  "authors": [
+    {
+      "name": "Biswanath Mukherjee",
+      "image": "https://d1rwvjey2iif32.cloudfront.net",
+      "bio": "I am a Sr. Solutions Architect working at AWS India.",
+      "linkedin": "biswanathmukherjee"
+    }
+  ]
+}
diff --git a/ec2-s3-express-one-zone-sam/images/architecture.png b/ec2-s3-express-one-zone-sam/images/architecture.png
new file mode 100644
index 0000000000000000000000000000000000000000..2d40ba1e37e84e0a7bf7665d13650d8401efda09
GIT binary patch
literal 13299
zcmYj&WmsELvvo@;rO@K8C0McGPLbjcrA32laYBLOEffuI!CeZ)J-8DHQrtbbLvj1^
zzR$hS{r*JGkG*G4)|s=`nn{?3n*3WV3an?(p1oC6koolN*>foBvn3`5>h-5``5)BV
zbJtJuAD@+vQ0+c@_U@UYjMV4vMu&zkzY!@CKB6)7e83ZH++U+QI&#(}z}fD{#XUNr
z0){j<-{rgtp&{YJ1N0CQVBS}F@uUq~Su@Vr^W@)sFiOry+N-eM+b=0U;=VcE=*K<j
z!C%F6Mi)Y(dj0}n@)3DvnZqJUWNwCrH^Xp??PrWed!ECML4{*PEWf%foqd-yxHlD^
z(6rXhb~69>qRE~XQx2$!Ed$0^{Pjc(*A~Sg>24czKY^`MJvV>1S_LCWOAmL|K5bo}
z=>i!M(oi-parNO9C{Vf}%}A_MY;+2nSeO3Ajhc})fIcAykcp3cn4!pAgat?I&RfH~
z8|dNyBRDf9_?2G1b}{?zUE8L!8c-sV1WB!kkG}X+k_@;g3{evFTug8fOxYw*2j<c$
z9N@N-sEB+OV-Jx>{BI=LD!>vgO+SwBy*>HiAqNADX5~zXUb5&cpM^?_P7czWC>rP@
z8RoYIUAhr$ivZf|93=I|%>2ph0gEew(ah1xT+Cd;l2V(#aq~<Ihy6IA6K|&}cF`=1
z-a_SF4CFKNO}i7?T)gr%6@ZkwJ1-)3bP}sjR<x^!$+~3Vf?foDg~q8rT0tVx)O?y=
z7)GXoeH!kkgx+NTo_2<FqiIf+*DAQ?i}tLZNcZ><1xcYcmtdWRKd&{9_3_2btc^^s
z%)2u?A%HmmkA^y86h8}(>{M~LRlU_Rplr!$;4;O;4j2I%$81PWp6kqAu(WVyP2bCY
z3_X#aOrp4^Ia4B_RRb1_tAKv+MM*;65;I(mGWttHzG7%0zrFvFe(4$8O-BnBCi+q1
zCLpBW)G<E9qzCtjItlc@esvw(*1Isuxk`8t=^@35M@5`$_Mo|h$KVZqotEJaXN))a
zp!-cMwKSwFCMa(-Qf8>EHx6mW8*Ts$?n#@uIH&vT>FXJ&YBbENmm6xQM})Y<4!2^9
zZc&qs>0}7hlsd;g@62c*b=f{-6uW4J%+gk2>}TyU_%9qcM9vFJ3-qx=E9bUYFrwN>
zGz&kLnT&b8+BfgH#kxMak}MjIxUJ9QXdnK~sS=#bHi75smWlz!KRf*os(;J>fXg0s
z(t42rEnTN1m%7R{fF5rnx#HKK@Xmr^_3*QISJT^Y_0Uip>B$*PRF2mXf@_=(>wLp8
z<l0*Tm0WefU#uu~Q|17F9B_p6U|n<b#3R~sG5y7OLp&wM(5PFAumz`)jRXI?)1hOd
z>bv6bcoek0G2PHk1RD?4IxFke&auQGny^AInkyExJzpT4MCIN^+5n)435HYrbC=$(
z|Hir6P}k1znj&q;-A1>CevkMowzu-Oj2m9;;uS1P=ec_F!rtNbcIaagPy7d+1rU5w
z_nD(wkmh6^RZaS5Lj3t94;`1=0h$&ZpVWNuKP2;G=TTC7ijhjmn}8VQd4<9tgU(#l
z^vy2#rc?=LQZi@~(mBBRB{)Qol^*>cBdGzld@aWU;aiBC$|T~IxZp{{6$@(TpFd8b
zi-QBc%JC8ne!}Xl(UIIu{}QuO@EuK0VZ_iwd)1TY0*X4Xh1@)V6j6@``&FU(0bE5%
zX$=Eq26GO9HM4qriZ2t+gN4z)QvHmw8{B0#O#w}DHIAr|EHM@qWgV?e?_)O}`BFR<
zE4)t?kpk9k6^LmxDA?hhhVEXbL3F(>F#-S&Zhex%8zV+f48<V*_dV>;7;=)YQY1_-
zV7==D1!g6BKzH-JWU(=5ksTc=9j!Xm^Qa$Q=m`U|6H)i&iNV>PEFQ9qeETat=5(32
z%UbtI(;olgr>5FKPJHjDrRaFe?o`AV3A4I<h(^3m3+o@@nV^6oLRfw*KNP@WN^A}L
zRYnI^%-|>W=KRSAx4i*>ZDJ5N6ED~OPtm-<tTi^&X5+hn)Jq@l8HM}omyh&?$p^fW
zj$(;6mx{2de5U8{wSwm4-$Xl^$6u}E@`EE^onxM_1<z_gWU&0Vj#6?(04|Q@r~$%<
zQQLdWE9FER?w2r7cnyf*WDOaoO=Ag^*O&bf3n6)^F5D-dH4v$K8yO$<FQDNm{<G(C
z-9YiEuPd+en+l2OvH=Z!A4m3bF^O`Wb_;c&)WkRrY=`$di|4O~?nWWR=J+=m!#EsS
zlJkNo(lkUbzJde#d>L!rSyksRTH2w*&v@AL$5v*Juqv`wM-G3JB_3Nz%~QTeSS7oc
zQ?sX6_C37WUkI`esXAEv&Ild@K4psYG=KsM^=vcr@`($a*oCS3WU(B%<$x26D0mlK
zVh=5BW9ENBZ2~~ZE|EIE+_W_}jebi*ntUBCvE2Df`a@*>i{({Ht<Sf+nwDg#(7nFf
z`t2<KSr=DWFy|xF@-@9T_(rUkr*{U#PB|3dxhZvxPZ*W0r$=;X>FgZ%(9!?q{^a2U
z-nmJdnK7iSpT%NOi`v-OP;z#wFMNd;div`Ngt%1YWc?$m3L0r<b%$PYRXO)S4cPEK
zeRSjQHie|#L4QLg<|J6$Q33y7R?6QKdQen<#{#dnr+I^d3Q~v(FM?L+RU`zS<!DOj
zBVHF_DbJ+oU#aq@<hb@ex6u?4mo(jloeDkui!nMoIwYkXikaW|?Q~~9Ec*_cpc*zH
zYr`2RZ8VGPlP?2YAP$)IO8*RiGW|D54FI$Y6`z_5XC_FS?(F(6g9j@&>~}?YymB1f
z*2{_4Xb##5V<H1-GmfHXFrqK-2re1P44l}zd#yw8A0nf4mFOW|`baK8e)&zGi!qp)
zzk6Q_n4)>*#Zwhrkh(34W@bbj7O%XDOkgHus|KNp0Af4E0*1*#AB)KT4i0OpkO5{g
zn^K^#?)V7+t){7rssRO%Ffx$#$L4NUW8wG5sR7jpH#nehYzx?Lb+fi_xy;`Mh0(m|
z|K5&{>m%Mcagk18@oA(TpPg?AT{^#dyi0bsK4tJ8{y41BSypIa{6TP1PGQozO!vL@
z?8=jI>se93&=B}_I(u>+OG+ul5Gom^tjMz%!*~PsTR)%coU-jOAuufT7jnH^1}ICQ
z3yh*)>4o)%g5VrUwMahh0OE)yp%<wGvhaRF`5*MzG|vs;1$LWKHU{Od{+Qg{DDG(F
z;DSC|Jw9J+`@Z8!IV!%?ul&UPo$#8yH_CfVAgP`N=Y4D|n$p(qA6TAtodc|XT|?jW
zzP-m;T*4$xJ3y6UYSEd}^VE|064h_Umq-FG#ahstr`8~qIVElYJRwrWe525*4HwU^
zQKIc8bo+c~Sz=o;VDn=Siid<DMAg@kW{aAeWdm=2Y9o}ty4g;#O=G;URW~!-ud1R!
z1KexWXb|$T%)OQc6>wx-NiCy7LvupQ+W6Ap|D6&UsZMuXTVDi;=YXgR2<bL;^fIM6
zhcZ6Y3=BqHjcz6zA97uX`1Zu!EjX`_0cHFn19T<|hEh*2pK!a~-ToSszj(^?^*d8R
zB{|t5(F~|sq=_s9EAW5w^LZ_`T6*AhrOpru$974A^i0497^i}h1lbAE^?{td%Mv0%
z$pOVZjITEBs?iD?jQYL!tlF7r?(Xy8S^dS&TvIG-5W_^iM%w@`!6}~-%!~jka>C%y
zWM_B4Sv0K#Up?obb<!Bsh(NishO0&)(P9N!=6dH{TI1Cb#Ze0^HQOH{LMy2j;?sD$
zPPCOt1)TF|@j=zAN5Z%AK<&Dg^_f3BDV^1~&H_x_oFl6XcWGX1o~^~=M{A7A1ErOf
zYJ?Y8pYE>-`jEHycW+~%R(6TqmenS)GMQOFG4)+z-;r`>sVut!ndCcmFl%+SKkeUb
z*>8qlEUEL(kz`Sa)I{Ujg04nv<6k(A1g&m;#`H|b=CKPX*Alr2@_nYqtnT~NyAgeL
za`M1&NvzEB;B525`Q#{b!LDkz>7PeVZKC?FUxCcS5co99rp)ccP4kSYaLbv7Hd}k-
zWFrsH%@-y$KgKxQ)soI^uMbpaKtwx@VJ7e8f5CwctSKRRq+h@=Z@#aic=sfIHa0BA
zPnb_bqo>)iqA#f(x<~lA;JZYaJyltCWu=wKecYpd&%?^#kld;NW;bJE!6OA_;3)oM
z_C-cE{26-i1atHQ9@*t<Db45l7s1t;->Qa#-Drw*FO)~rI#QVLE?CvQ)EJnB#SJ1r
z_k9rT+olRd%na4!6^8hiASR`FWn|r^3tbT4^MIXto$sa{#8}L9B79ysITUoyEZX<*
ze#tMXIAD`NDhVOXt<UcA$gU*}gP(S8^HAdc+)`HBnVeO+qKBIv2O~z+Oh#UJZqRLi
z7SXX(v1?6oGaWKgCyB^*5)o6tbdNI+r-xo|l)asM9X~YfOumgMVL-^fBi&&52|`CO
znmC&J;9iXVF^%Oz2dB{KCB;LGD$j;?@ty-n4N3koH-LT`pMCCkZI>r&%F6@dU}fx0
z`Rar%2M6_CQbKorJWZu^$Ss=tQv2XsO&A!>#UqMbSmc3veb`6>_aQj)(=uT_05-%D
zq5ENgai6afKxg)PMiPiBWxsj9Lxs^q=>FPs$3iYM{yo@w=IHH?ghsrUzavikH$PCW
z{Lr^N@N`$vJ$4B_dZ%OX$I>!>GK)UY(h=rEVVyT2o$JI@4XTbHZ6hIdx36{KfS%DP
zAwMy^MiP+719|IWATiO*QP1QhKcK0S#v7<KAC6a-ih9kE^|J0ZR%3PL?JkWQ0Tm&<
za=$%5HH^RG+JV^dN9_fPMxy7vezb|Auxl^!5imEx!0_}}O0s@Or+JnnP+p#{E7`H?
zEVI&%qp>%j!K3>sw6QLmb_M_ZwnY2Gs)%7F2yXjYg6)um@ce68jP)vJz7~2ad#?I3
zJLa%(Pdn332nlkf!1}s=YzYxp4R2vzIAe%3&A(D{f&#Gi5A_o}`_@Nh$L|w4DZvgQ
zdj`uF&(1_hyXr`-xenpk46%qRx~^SDu!{X~?+l{v-R!4Y-RXfniEVQCZ?%%ZU|Q+A
z(Ii<<+?TNTxNkUi{8M*Izu?U52FMcl35<YaV+@9v`%yS@MUVLTjGi=1D>mqXxeFs1
zq;^v^_`pT@b!*JD@&4Xo@iC#N=q2QW1*&6jfiL(sIhlb~{bCzD1kGOfASlomk}YVf
z&NkiPx9N98=^S#{Kj&)wVcIwqntyAl4y5g;hysC%eltV=()TfvDg&Sbd(yGK%r?wW
zd*1Z{#t3%O*I@i}@(spK2WNC-sN_aa?>F(e$7_wXU;p0fkeJPs@rytwoO9a)T)`s9
z&iSK$y$5Jk#>b0~U3yl{PG!AK2<%B0t+<7ThHrhB;!xcO<q?&xs=Ma6&+VZhRQ(xx
zs2Jv1S=3$F%4~XfJsgs*W`u$<;BhYh77@<)@J;msa+UGDXj+Hi&6i-k!Findqo2oX
z&jW(aKag-&RD3;jswdCELNFd2s0`eji3{V1LsRHY-k?)(uot?8v^7fmx{jV7geJ!0
zUYU*Uo_ZbIKt-Pa*lQTF5AuC#W^9=;{%Gpp_-98Pw(7nN8di{BdW|-(MyAnfEM_1)
z^yGm3$NyjEQRCHRuo^S^??Fx!<Koi43uya#IS$X}BOAos6nxqaeM^|zl@K46LR_ti
z?}tkVhMBc!SRk-yDxKJLfmv20Qud*KIq*5_*GbB=DJhtu^sQTfE#5xm!37lR_|dmU
zv!a(<y}SG5^h5a4Y5f!01a7w77kj3qkJ_8V@SDYIEobi9yz8WPKEbjqgtM{*hs;Dy
zC6kGm`KLISvAQXTEqa^FieI#A&{Zm~d^?L~z9muQy-C?TGyNtO_(v(JvkNEcNYpe*
z=T>HP)i)5|(^WcG?KKkcgEa<HscRj<5CbuR`K0Rcp|0ry(O{UkVND6XN&mSoCB0-i
z#>WY&s;bC@!3=jrQ5OH`pr&t&a!kYOF)`0&p;L8Q=;I`o&Do&LlJBRx+-e`@qvaSE
zay)m{D(fnBYUPvO!m4qenyLMAX#XX3=gq(S7DdnPds{Idb1=|roxlgv)!Bd1OybHP
zpo}DNk$wxasF%BB>FW4JMHA^v9|!r;`yG6mks|>^CR3{ebBYQEWQU5bCi=0R(f!cS
zNjUV;IXO9}<BwO`&96_^!W0TSTL2<gwOR$@J4S}rIPv0}-y9_Y=36RTHX6BaMYIos
z*y~?QoVjgmzNBhuAZ{=+oQ9=T4R7UX#}=|boz-Z$oE&LqAXu%%`0v{p5|y!ok~i0R
z2h~*HXTHmHco?fJ77TunFiCutWP7{ygjQv0k(1m38`bP}h<`(Fx}_}}2HKhESs!dn
zR%P{J_q;;kwu?2)(;J(JvG3D?4ti-pvg`20b~1GrPs|j7msb)>FtyckC4(@cByHcV
zB9XsFvx1^c^mKJAF*z*b=;HqJE7V%WGM(7g|CpL`mDXx`?eq0t#;qGfKz@7BH+F$#
zt?HIGU}gQJ^-$=>gtIGGnt!macHfc6ouilx2Mpm5;iqXZG9LRQQOyj!qA%beUAQ%u
ze0u+NQ2t7lCxyQMjYQq32bUfY8o5nE4|cI(ZtP7UjExx8B`rHP84*UYHf;zKBIvA2
zLn%`TZI|rl8*&~lgsh5{m6gpz;oEwrl_)P)?EMH8x*3A&nzYJgZbxHdkiVzVc6IQG
zZk?oI?M?3sOR$d8Xa2GQss|6|OrOtB1@OQ?$8J{Fb+`A`CP|qoxi!D7<;13ho%9iK
zc2t;$4AKrS!Q|BP!10@&;xOfv?}(S=JOJ19O#&aAh*gpaH>~&}A2b+4J;=`oQUmh)
z%beu;F5cXz?#=?V&dyb>PX<$f$Gb+Etf727g$hg|QBis>t{6At43yZH?Z291s^PfA
zB>*%fWo1M?cnIv)$bZ^)|CShXMm(sER)&D(`JE<(1z#7e5N@4`JR#rbw#ijrI<Oy9
z`md@cd7Rg6RthwjZuZJ_Vs+PhOcWcVvg<*guh<<0FZd}5Og$^6WG8fGL#8v8!q91{
z0=ekpA?DscLE<WG;j^o_VHgvImnO4<Q(_Rz#bwIar-K9^8`t4YWSmhV>#^Xwa##$T
z$`m!zx|Rn{EM$D9D?vcG<nEzkb)k~Gp|?#mt@3_|uPzPuqL@>WQe_fu=inF;%&4Dd
z2?J(lJPxwlE|8}C`jF{lW_+~yjG5%N(CZkzG=VMH!b#U)ZWQ4tLK;-_y1bftM#p@(
z;6~p?SoG6Y5~3OZGA^U`kA!|0DF3{e(w@-O4t0QE&#;lzAK8+Fy=+QZo9Ht^;dBDC
z%wy8FTHcrkX=+K6_{N!;K~Jdy6tqVm*Fad*8fLx$I{Z_PO_gSzoT41$D}dBZboJ@m
z3L@d;0!qr|uI|)}<7eo;`e!d1c~Dt&nLh|cXuVWbs*^v=4V%g7Zu`Xp&gZjI=Un{P
z*7MKEN(;Nxc?BXi@^bb=mu#93D%B1Ce*@ZXEoPkG9IUgGs@_Z{3Jll>fp}4DDHOgL
zcRCF!W%KN)3N(RTtDxfOS^GtP=-M&KQZXOpAB`n9^y-i~ZYy(?1N!Zco@aj!LL53@
zvx6ObS_FUq(N7c1ruJWRkmk9MF@2}pc^l3Dme?AsxH+S3thC&~(;yW{P&Sr3<b*Y@
z;maOCFR^iy)~@G22>T*6kiMyxq{e33Er@LGd(5DGP^niZH*od5llSpyuvI^xh|&g-
z?)sPspWnB$mShLA8G0R}u7s2Ds#TXG%ilqNsAhKI_<HsD`^eW`@dv(+^%idcy}@9r
z*eQ~cM3HwzSxDc?v8Fj$lQyw{$aLlxF14FIBcpeO8`~b$BLTKA_d8nWC580ta45Wv
z?l4;g>!<NPu)+O}j*w?o$&wU%;w9bif}F~&Gxy}yc{eT>GF}TF`EubfkG+Y9>=zcW
z(!aV!dwJq!54VdAB?mY~LI~NL$O4-x5BeIW7<!fqNQJ`D%XE;RQY2i|k_+8-m?7Zr
z2Y%obNnYxwYl*+6o{<d4jx(*Y-CLk>H&LZc)@WwhqnaSUYHg*>k`8eg%9D`548!V*
z)6zOo3>i)#?GqC$b(SlQ)B`#N3o~#TBubQ+&p0O#z=VE3>_jUl&ktA@^qqa8J=f&7
z`*L2~?DPeeh5>d_eJB5Ek5ob}!CNW@KLjG!iyuRab{mHs^a$Joq$Bvh83-==x*BR{
zEKBS-3F!)N{9U5fbvE;<wt#+swa~C09#uQ>QCy-lUZD>lVCyA8Q*ZSp$)Z^nZiLj1
z>;|mY9uD4pUkbZ^+6<c&Y9RCT>4!ptT_G?IWRi0AGL6x7k$m=61lq04Bgz96IG}lV
z5S-;bge`w`IQhrN)^|F2emG(5jkWx1X3+{EQS1e$(kZ)%eA}MO-YQOuJ0C8@=7q+q
z0SyBH$(>x+%o^XOmf$V<P+6?^wCGRJWwh)LV>pTOxS;DlptaTjwOTuel|y?Lh-xK(
zAOyf{H@R`URv%*ktoFTyt;$Jd_eG$2wYQ^^DT@&wF?)N(S}G!;b9~k}&RcRwG^GD#
z-;2tu(d%$G1fj0JUz;VXw5*J}i|BCT@H>XU_ye-i;%=q~<Y6Eylq6{MXYT@*bA8UQ
zn)WJXYwp%#fGYN$^6v!ZbS)81Zq$dyLp1q_oMh@TKWAkcJAr4%uZYfsHv5B^`?>vA
zp0y&1NMMsJ^F;9rm^6gZQ;}<jSL}L7@Z5fZeLsqK6XoO6&T#Y@6IS)aL-GJXgBH$v
z;)V(a_N=i*448HM7XUQTE3wG@3*S`5ZkyYtqb;1#<ta|Teb&E0wkt(R%mvkx*~3@B
zf(`99l6=9M>~me|zxFkBor_U!D0vubzNCE<DpC`^zTc4iPZhWvXd@-z0-(+H-57JW
zVQ=jHd>+=OT9qI6)e4zWA+FEvyrTOHq|msPt8err0J+#uyp97^3ouX-)~ucVV_JSt
zgq-9|8g2e%00b3-(fR03_9uU35v!eum!MNXt}q1Ce_RrOz{jVK3U*ae)UKeIP2cf_
z{x%-6-Z?Wj7?O$~KU}5Vf=ok7m_!P7jBm;#u96PBd)Y~krJ`&T%Ort$M94GS82T5=
zQcNzI^XqOH6GP5v6_0sBKkr)byreK?lUTDtOF!?;Y`3W<I#R%8g+3W%-R7Td8+LJ!
z&WS&Oob%pEB6IzUrx<{?yj7;-<+;qkeCZuXJCP?+ba{+oJwPImv)20l&fn|E%oOgi
zve?m~n!$Ki^v6f153$Ix^+Ds^TQ^M-9M$y!SzmFN?J|wbGd4JV9{B+!=89FQ4;W{x
zBIw0#MC=eaG5AZETxoI4Iortt#Ch;EdR7-bE4^rP<<}W=pVaw-k20!-V=m@Nc_y2^
zM^p{^wvwZsns3`VpFH!GdjDI6o5KlwyF7sX6S)6_1Gj?OLrCzF3FUj-m8CGfkbW+(
zqMEM`GkgiG83SRRNbATMfPZh8m1HJnQcE|UeWDwYQHinM(z2*^SF01;@cxEwggZ(s
z*fYQRCDC}nt*xNzYvupI0}n2%GViey&oi=-PP=fIWfjD9NEx7o8-&Tedn~o9)82Nr
z6Su;bM-KFQO?##9;*KL=Y?xy2Suv0SGI|r^4vA%4C$o-hp~{})C>$BK_)^Xf@+Y-=
zR~#$ua1dF!;H^6m>>OC!baBSHk)&)J!RDkTj`=x7W&3Kk;T2t=A_geqUE{CmbmJcv
z(D!I;{2rAy(DrOQ7yIzL&ml8Mk3v`1jmr<(y}QR@6-eH{tZ~)+P|_Fax>-HHIbGiD
z>c4}=md+xctFfc&-n5m^jFc61wK@97Fs?nwJIZ>eq%X!;pHXYKuNXhzdAUM!AE~5q
zI&)3<Wj-{&$?7d5I-Aoz3}83><=j5Ap}b-6*IU-tu_lW?FOmKuuw1(1C{{5^2Mc%V
zam%>x{{s=gcU@dI?GuspdUroAPII5YXPP??&cXv)U{#`IQ%m+}gh#vMDO2*YpK$l2
zucemQ(?6lPLqrznQ9hpz=VMp9411JnkXr&N#hGFvslSIUFEI`P_6AXA!x^td)2MnA
zGW8S&-|QP{3^{xS#`(Y=gP1^kZ*MGE_h>FLj4k*h39RT#{AeE&o!i#piVl9=)=2Wa
zSx)g%IjyB>nX@we|0+)=ve3;qRRpXz=KBiu<n3#Ba>}`Cx@4(VSB)MWvT<0ck@Nre
zhfSsDk2=S%iYji!y@s=G$8vQqjs+J|c2YTtJqd%4K<@rRG?Ub`uax;cNB~N#Ko*EP
z!T4}Xs2QFsPUL^u5IqJ!cMI5icmbbT;4&LBni=YbIm@UE)NfNwD7{MuS==4Cc1He^
zEKqd3_3G92t4OLD%LU1!|GLT9Z3+Ln#1?#7ww0?lcX>@k^P|rdK`FCL31)_FKiK3L
zeISV%mg{7R0`YB5Y{h<a6eY&FKyR2u(7}igEy3>6%f)E0Ye&3Avs`Qb8LpooKp2Rm
z?$f;*GOjMo1oquKQSM;-D*X0rn2-bNcCy0#NnO3-@mR8xcoEDU7qvbNC;AyqNZ?ne
zIpg?!`kMB3hLEYgU5({eveQ@-iE5(HAMXRX6fxq{<AsHty81FHi$>wi$p2}Nowa1u
zV1UVsWl#jXHWo4J)xL_gCd&Q4#g`Q}$u{<eR|M0JEF+1(L%F^7VPIv0-l>KQnRj(*
zawcvH^#h|?ew%v6Si~fg?cWnxz8_B7GwjeZ4i<Syv>KD@4-7EEIPo~2T<JATeH;gH
zZ0G5W`MeeF_dF63soTn!f#Sl6ziFh8D|H+sXKsgiQr7ll*3dT+t+!2=UUt^x+Ih14
za8xCZ8jUkIOESURpMLg?Fy}wB01!#w$4@WmxnX2aqE0FHh9<^&qVb&nF8zEiBA<Rl
zIclDtN}KQ8r-P8!v#u$TVb5YAZKD5J+TE-uL1b5<VNEAJpY5BQ<O*mujyu$6qpvTq
zt=OU*9$5a7oy_w;W2U9zfxmv<P&l~AaakK(+l(l_Q4s3aLvj9s`~`%VwM%1UI~-%g
zy5LpUF^%eJ9g*Rk)_39tP(<<X?*?bmt56qM9Q!}didQIw+<!!w#<gFm6SuFp8*mXW
z*n6N>`;}m)K9_~&Zc$Jn-lOn!(IA4G8?pJ7mbBn^$uE~RwPCpq7;Ke<@T|Bmvgp3f
zvz)-0(jV2VA*R7>_fYv{WRB4Jp4g7ER}e$^Toh;#pjmrWF>%9hu{P~SD|Vbp+r>Yi
zS(&-r<F_vT75hd;8bmBv{vgDhjbRRNcWvKfZs;{ZX8vQzptp7E(308Hg**P}kWNg<
z@79d8{&?(7!o-H}D`Yb=Ku=~&<k_S8Pf*01xWieTZ3Wy`4JbG9sfA7tpfLi0Gk*0(
z^ZRoU7CT&2?I-d53YY2d;YG#0F$1hEe~|7=xn$BuvRUUhC8Wj7Dt>{>xi>Ag81cth
zyQt0?IvC$9w%1y+h3QWaW^kM&5RFcGQ$6f%3l`263t{d$rslW3OT9%5$R^!JVLQm6
zhl1j&rHvO&+bb8mCRyht=}u#ty(<s*yzZ|~rK&wTnB89ax3LHPEgHd_<eU?G9`{0^
zX=DEUoI;GP<nD+s>)ktVu;=)MEck6VtXHA27WMql5;vTA9~U<o0JqFFfwkOC5UxGt
zXYfOF?O>Z`G9P-=;^@#U`;e3G>Kso$cc(^#cwdOW-aCDJ^8*sCzSf6eYrHt4=vr43
zSD#IGyimq|pU}WnBeQ1Tt6AJp@msG}JbY8(I+A>TN7(J@J;(<@RZpH3H}lw<a%?HI
z9ssu=-c%fA563g-uGRh31M9_P1Z$2kH}Pylk4HWEp~-5J9ksoL^)hAZ0HEd=WfD1y
zCGrP$N5*4ye$~`IKq2`KGE5sL(j~_CF?C!`_w$5h2#-$&p(JAuAH~;Qd#q7raDPa)
z$H}GlPr>KQnBjlh=7b?-YzORzrcS$|izA+~3j=Rof*=6nBs92HMdrKWNQaqeb3`J4
zlZQ-nI*LB_f2dZ-T;A2KAO(r4&b)|97{2v#$CeRq&ODfqyI6r#EN`*aN5v}-MhR6I
z9$_ZXWOQd6qGYpF-Z;lttqNrV!eAiV&F&974-?v`?^E}Aw7T=foM*cCw~q#~7E4ba
zN$S;uMOLO(Fid2wxMi)o%ww@m%z(f}+W<g`WYhOmMWLXYY70T#@BpLg+gGGaZviGY
zV9g_d9>wPQ7g@cA@b?*aq(sgfZ<KleSmdpe?m+|}QN5&{$QeJ*<d?|9Co0-qba#3t
zlp~(EGO)zxJCa&l#(PjwD=+7||9Qcf;QZ!A0H>2`-DSZEOIxM^P|j!OyB3d3HuCp@
z%3i{CCP6FIj9|ZrUKcFd+&MS@(me_1z}RYH=yl8;#T~J!W)5Z~mfZV0%7Dt>Cck8Y
zDg&7#St?5I2WPIV{bSZbu>rh@&9P%Wt$Q0U!{|z=LEHMi#K8Yf=5)XrSz^V$-YuA5
z2w&(@0&$UQK-^|)#WN;mbB9k#drYMXNfkX9YQR1Xjh44J01Yz>0X3i^!%T>)_@MhL
z$^fkN))v23r1DWi>4Zy^PWbpP6I6Q)SKl4TUflB+lHYQydPSp09G#Mb>wZ7C&vrwK
zs#5uR-+6gtv#*_JgpQ;4q~h=OXK(374hc6-Z8C>Aps#4k<8oR{<oEuh3hh4l4Yd1M
z-VVA}38VE%WzU}2+g?B#+f{5&16BloqRM|;vki=lEmK;{=U3BpbZuJuBoiuLP0bc!
z7(nA6Zfc8C0rJp9{gG5_-2F~{3!&3q$q&6dO2sfPkFIq=ZXwO6(mmPEWF>iF@CM_)
z7|<os>`lyfO4KC7GgNCc#t+XVN%?jcc+7(O)`1!sA$##0wSi<xL+5{|x5mlQ(m~^M
zKhBT9|DEJAf7db4OZNU;;6D=zQIaCkKjM`|D4mxL|GON@Iu?SFy|7%y`0r{8)|k#<
zMe7$M&4~XlhBD)sNzJo|P`>Sd=E8R0ptgEuW^Rs8MuZZ2uPop(bQvGeTAHbzZ_wji
zY+{T1{0qzrq^3GJjNp`{u;*qMLldX<F}1UcEY$<WXl^wr(8Ks_H-3^XSB#bDy%<W{
zO2i0}*3a)4mHPd;C~^Lc^0u1X#%-Nsps@EE*1@c|Zfu3>xm+@z6(&0e$Ly;~ZHL)l
zEo;us&Q2T-iW%u{FMiWZ;WeE@i<fUmwJ$N@H?0gOf(|PoEH$KTeQQu2#<2!@(#dk8
zpa=I=IE(#!8)?-_d!FV}>dtIEITiH*VMH46xB-MA!pEMzCiOrPAD{PPON|;rF~v$z
zO4%-8|7u13F>H^`s1^^$(b&Awy(gSuV6)wtbF8%cI2?l(B=H*C)in@1<`XdnIz|q7
zNxQPTS|%Q&j*#!%U}5XMVeb3jh|B<b=8;^5ocrJUyQJyj{x6T0{W~fW5#}3%H?#G3
z@0e7KpHbM5TFc`x5z6DrHLT3%C(O1OMg5RNM?M;fKOPI~-%k^k>lyy-Zl&+)>Z-EX
zl$+kRE4o@AZpPjDcPEJ)OrgG61h1_pQtm7ld}xt-qwoXrpL5X^tZfwXn$a0<E*HN&
zTJn!*cY5sZk#MzPTLf?ODd=pm>xX5>XviA&t7XW`$mD-qA<xGzP+}OcTsw2qZL=ag
z+ZqVcaauN=YhkhZT*1WF<U2}Nn6N)x+V^M$Pkv61anYHAt>be4&okk@J{d1llu6B7
zw69}X`=_^u-U;uuF^4Iq%#;3x*BLmk4PKx>&?P+@b9!JL4ZZYVA8CD6>WkK5*FSyz
z_#nD?_eQ#^>m~j<KZZ4@k#wEXCU<4@EAUpfdFw{}^+_Vjmp9%5WeUI2u45*C7)dl|
z;WNYf_v#J?F}J$LsFS(<h1D{eBSfK59phb8vTT#)XX)aNy?-}4_BSwhe*IWnK?KUH
zui;kg?o71u%Dp-2zHRZ^a2NBrC-U__?)ughU}@)KG2=zV8bfONN6^yqvDFJyapk?)
z#L;+v#liPg<5k8&L&u2=@9NzEuKCk7?a{LTukQZQT-o?rp>GF#A3t^{i<PAb_O#>D
znD^aFjFoCqgIfJw<x6-qdGv(48B`sgyk?Sa)o(XLt}b)&^IJCABFY~ceGW;Kh&cn)
z4h^!^B1_n5cl%mH)P8(Zy(l5peZoSzD*ug!RxD?m+Id_qJlHWO_x~DiVf<4Ce$cLU
zS|Z|Qj_R2dR$hI$rLM84KNJaFgjMG?SX+N)HO5$J^NmkX-^&s4zj69UA(V<gpF?dI
z%dCT=*lK5H7MFiH6^G4oN)ai_MQA%w@=_%yo-%AvF<}d6)VnB~V1ofj)n|CmXx6=)
znZcFskNf%eQh;Inh4bm&+smh#kcPGEUF=3Od0@jMY;>^BX$n2?)?NNW?r@Gj1tG(g
zV5Lqzy!a`9l||D4nF%;go~IDbub2;sKC83UH{Q*B%@j?IbxK#ERl};ynOWSZ?pxG7
z4PQ~j^%<I}c(2ohzT9#ywX~HH`-v%kQo6%`8#5I1{>|}bV88lUldIEo0V^>gM=g@|
zw>Auoo?!Fe<<cuEF?R}xPN~j*l1@EnvUTNH;yPD5KB`m+?5ds$!(4Axi|@Ng^QiK+
zpc}J@8y|^8;1OTE%zOxDlObO`_DD{(G8@c1)7R7I!j;>;<luJfkqjya@Q8rdsoG@Z
zH;yOnB+sV4E{DZxb>4ecc|U1R-q#UKbEL&*XBCYa%eCih5LJf>IxWLOMm}KhcFi}q
z5!Y<Vd|*+#mNk@N$X9D)G3uUd6Fc@5&;1&*k^(fUa;DguDUXV7^NaIpaDenF+8T4f
z@F*KxkNYt##}2~Y>$I{EB99WyE34{1#UOI^2$T7>%A`aKk(^WuVJ9b;TWa*~Sv-zp
zFY25-eIm#QdS#yBo5oUxkHa7{f4xu0<VfT_%B*?AZxGWa3QsHC*$uDK6l)KsqkpOd
zsv|#oj?&Br52XxiT+T4rmc2e*(+W9)c$3bR{=oPJx7RRMkE9rqSmnKadu}$QhMQmw
zbq8&@phrY?jGh<~*ihCVSuMXAXE7@=ssl^|GlC+>d8@PFHBw$b;+j0v7VcCx1ss<G
zzq&$M=NrLb+_X0k<i~tz8vL`rF|xC*cCRK&wPRzk@dxgAjqJ@>%D<#9wv&^Pq>MF|
zF~>igl)Kq1=e$CQ<{Nv=&g$|C8gF84I&a=`M5J;-VCiB_wcSw8vCyzEsTw&qVqb>N
z`XiAaVZ0<f$JqEO$pHb<8adk7TXF3!M?XHooQzuW64?@D7s`EIp2qwe-K}WnzwLH2
zU6-7FXmMd3yXA^CmLGlo{U1^<KoJ(&Akz9r#qqYbA_-JDY7q6-!2Ksii_cu#tm}!8
zxd&Ra<pc&6c&^Hnyjk7iqrI9^nuubc6vUN{bhM*ZSh>oxzYU!;R{^M=*=iCf9R||r
zIpcfhjZ57>T?a`SkS{OkYM(Uq%v==dh6k}z04S7R4o+I&zWE?DsOWPYx+GYhT+}Gb
zl-ZiWVHY_6sSc#@coK?<gdYupEG@>}k0k<PtvPY4V{U)!t%lK?*rWReUw!I{014yL
zN|-BsKaYAic+ju2!PuKF>8nN$`L%wzbhjhg15ssi%8)?k<<)wLoL_btRA|ZrMOsB*
zCM-DvU@@Y<bz=kY%2-lWJnSbTVj;=KdQZQjt_ld7x%}pR>VXVQ;2U-7t5*Q}yc2_~
zpZ1DB2`)?}ojeMq6XJI=0c=r34aw#AzK{XBJ&`dm{_DJ_N|zx^|0B5j<kzH1wJMxA
z&StxN=7U|2)YS=na1gja*E@yB(rk`@*KmAa@v8(rYAzs@HCcwtE@@;u45aWiUihM2
zqL26G5x>tfUfHnXFc22f!@TDsZX#K$>|t12A3331wse}+JHm49iIrqGu>B~898g9?
zM!YEoGMNgg_EfWDb*~r5K7s42`k5CVPHB1LT?;3}y54i73qK#GoZ+t*UpsU`Cqt7!
zc*88W{kHhY#480|Jv4LqL7&EHG8U>+1Yn~LrFuO~KbO34E%)o0FCP+3T0btNvQ8=6
z(Gb<rvtB{^-K#}p!71XV==AY<%%i3!zX#YgiX4YaREnRtvq^6+4h9F4%BPd@Cx1Hp
zF*P-fItf(}pqVqQ>A2E*=JRlWdcSFRu;`JjTE0C>7Q({_;a=L>ro{xijLl<DNiAoj
z&uvJID8ygRyC9wSyXa(fFOhnXx%_mC+;;#?*ptT{J3V?V2uQPnvis1LmA<sa^<vey
z(Q#}3efAO;Z!AN+l3WjzPJG3;Yp8ForgVpLqvj(;?IVMT8h2{$E;&e47d)&37RCJW
z_5}_t?0~84q=1C!VG6U=(6H<sc6}s;h&$_xwTds;l~&yXAedj89yPT-HpG1nR0Hr|
zUffwdm9WBbKc1(t27*kF-c#&I`HEdIk)l<b!Ny;I{v0SWHTRJm<)~LIeU?cG8zby~
zbzuc@0w4&h5;=90G+*J<HW)Qd3o`xZXYjl`dT~E(7<!-U5d-K-DqHUPho;ISar2T(
zhh&!)iwpqJAeG5$*~&e7V0zFh^0e0Gtdl<SoVVh#-XnX7g7F_iL?1g}YUq!Eq|!2W
z!dM8|m-zx|W#n*t+JHRvIf`DI0ePx{@Nr>}U5bTiNt(=^9kPfF9%vc8V7W1+vbKYX
zSH!;}TiuHua_maC8L2HJ`iz^~VNog(zhF~_rZYYk5B(R+fG>&BOdIQMAM`8OKC6YM
z7Pu=BapZsZF|4tY+PLLsya3`me41C60p@-zz<fzT#Eq}`7jQqMn5VlP27>d;c9gh6
z##VuuAMg*C?s%c(jMYByH~GCDsb!(qU(G0UWveeMsFUls#JeEyA2e90Q$#GrI?M=J
zEh@2;!o1+i-tBCYhzv0(esZ$S+pm`vbm6&vh;pnNZM|5rhwYXFK_PN2?z8&1=#J4d
zBLadu+^n9=z<%eA%MTcDVC4n^#nCIxZYIF5)c_eC!q$-5dbXpV__33hes`}hs!xpc
z`?GC0&-^sVQ)fTD!}ruocoD2Hqe>}3<-gL{4Y$1RFxpv=t_0nqp;bB0=^uzYM;K20
zx*mNwF)MO%5X4rsRdE>pypW$508LJ=xbC*2a5dD-9pHIMqj_Ctn=7uK(V76;>y>dB
zO5u^K5?CtOHVK}Y5Z#_ljkJNq>_gbeS#El6ZALZLgut2(S)p<4(k!iZ4wgarwN44t
zx8k%Cbblc6UF}7PKXT<P;4ooPVID03MnZ=|pQknY>LwxP)GzrK%`J|o0RuqH{4rzD
zvx$!$)9j~5<oLMyt~mq7BL{N?rFCRzoMRkvYa=KmR}POi?U02tU}N4#9LyOKssIN>
z0PF);gfm<+!UF+x4SGlEb9G*#ziGn3HC0ssb|j>&>e#Vy>a;^~c^+RD1hHT{6T+F$
r|0=S42DCxsN6O!xO62H|xH)Ve%DvM4(NX{6d8R0<CR6^=B;fx6H(f(s

literal 0
HcmV?d00001

diff --git a/ec2-s3-express-one-zone-sam/template.yaml b/ec2-s3-express-one-zone-sam/template.yaml
new file mode 100644
index 000000000..7dd78e517
--- /dev/null
+++ b/ec2-s3-express-one-zone-sam/template.yaml
@@ -0,0 +1,194 @@
+AWSTemplateFormatVersion: '2010-09-09' 
+Transform: AWS::Serverless-2016-10-31
+Description: SAM Template that creates an EC2 Instance, an Amazon S3 Express One Zone directory bucket and required IAM Role to access the bucket from the instance
+
+# Get the required input parameters
+Parameters:
+  AvailabilityZoneName:
+    Type: String
+    Description: Please provide availability Zone Name (e.g. us-east-1a)
+  AvailabilityZoneId:
+    Type: String
+    Description: Please enter the corresponding availability Zone Id (e.g. use1-az6) for your account
+  ImageId:
+    Type: String
+    Description: Please enter the AMI Id for your account
+
+ 
+Resources:
+  # Create VPC and related resources 
+  VPC: 
+    Type: AWS::EC2::VPC
+    Properties:
+      CidrBlock: 10.0.0.0/16
+      EnableDnsHostnames: true
+      EnableDnsSupport: true
+      InstanceTenancy: default
+
+  Subnet:
+    Type: AWS::EC2::Subnet
+    Properties:
+      VpcId: !Ref VPC
+      CidrBlock: 10.0.0.0/24
+      AvailabilityZone: !Sub "${AvailabilityZoneName}"
+
+  InternetGateway:
+    Type: AWS::EC2::InternetGateway
+
+  VPCGatewayAttachment:
+    Type: AWS::EC2::VPCGatewayAttachment
+    Properties:
+      InternetGatewayId: !Ref InternetGateway
+      VpcId: !Ref VPC
+
+  RouteTable:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref VPC
+
+  Route:
+    Type: AWS::EC2::Route
+    DependsOn: VPCGatewayAttachment
+    Properties:
+      RouteTableId: !Ref RouteTable
+      DestinationCidrBlock: 0.0.0.0/0
+      GatewayId: !Ref InternetGateway
+
+  SubnetRouteTableAssociation:
+    Type: AWS::EC2::SubnetRouteTableAssociation  
+    Properties:
+      SubnetId: !Ref Subnet
+      RouteTableId: !Ref RouteTable
+
+  SecurityGroup:
+    Type: AWS::EC2::SecurityGroup
+    Properties:
+      GroupDescription: Allow HTTP traffic
+      VpcId: !Ref VPC
+      SecurityGroupIngress:
+        - IpProtocol: tcp
+          FromPort: 80
+          ToPort: 80
+          CidrIp: 0.0.0.0/0
+        - CidrIp: 0.0.0.0/0 
+          IpProtocol: tcp
+          FromPort: 22
+          ToPort: 22        
+
+  # Create EC2 Instance Profile, Role  
+  EC2InstanceProfile: 
+    Type: AWS::IAM::InstanceProfile
+    Properties: 
+      Path: /
+      Roles: 
+        - !Ref EC2InstanceRole
+
+  EC2InstanceRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: '2012-10-17'
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service:
+                - ec2.amazonaws.com
+            Action:
+              - sts:AssumeRole
+      Path: /
+      Policies:
+        - PolicyName: logs
+          PolicyDocument:
+            Version: '2012-10-17'
+            Statement:
+              - Effect: Allow
+                Action:
+                  - 'logs:CreateLogGroup'
+                  - 'logs:CreateLogStream'
+                  - 'logs:PutLogEvents'
+                Resource:
+                  - 'arn:aws:logs:*:*:*'
+        - PolicyName: AllowAccessRegionalEndpointAPIs
+          PolicyDocument: 
+            Version: '2012-10-17'
+            Statement:
+              - Effect: Allow
+                Action:
+                  - "s3express:DeleteBucket"
+                  - "s3express:DeleteBucketPolicy"
+                  - "s3express:CreateBucket"
+                  - "s3express:PutBucketPolicy"
+                  - "s3express:GetBucketPolicy"
+                  - "s3express:ListAllMyDirectoryBuckets"
+                Resource:
+                  - !GetAtt BucketExpressOneZone.Arn
+        - PolicyName: AllowCreateSession
+          PolicyDocument: 
+            Version: '2012-10-17'
+            Statement:
+              - Effect: Allow
+                Action:
+                  - "s3express:CreateSession"
+                Resource:
+                  - !GetAtt BucketExpressOneZone.Arn
+                  # - "*"
+                  # - !Ref EC2Instance
+
+# create key-pair
+  EC2KeyPair:
+    Type: AWS::EC2::KeyPair
+    Properties:
+      KeyName: ec2-keypair
+      KeyType: rsa
+      Tags:
+        - Key: Name
+          Value: ec2-keypair
+  # Create EC2 Instance
+  EC2Instance:
+    Type: AWS::EC2::Instance
+    Properties:
+      ImageId: !Sub "${ImageId}"
+      InstanceType: t2.micro
+      KeyName: !Ref EC2KeyPair
+      IamInstanceProfile: !Ref EC2InstanceProfile
+      NetworkInterfaces:
+        - DeviceIndex: "0"
+          AssociatePublicIpAddress: true
+          DeleteOnTermination: true
+          SubnetId: !Ref Subnet
+          GroupSet:
+            - !Ref SecurityGroup
+      # UserData:
+      #   Fn::Base64: |
+      #     #!/bin/bash
+      #     yum update -y
+      #     yum install -y httpd
+      #     systemctl start httpd
+      #     systemctl enable httpd
+      #     echo "Hello World from $(hostname -f)" > /var/www/html/index.html
+      Tags:
+        - Key: Name
+          Value: !Sub "EC2-Instance-${AvailabilityZoneName}"
+
+
+  # Create an Amazon S3 Express One Zone storage class bucket
+  BucketExpressOneZone:
+    Type: AWS::S3Express::DirectoryBucket
+    Properties:
+      # BucketName: input-bucket-express-one-zone
+      DataRedundancy: SingleAvailabilityZone
+      LocationName: !Sub "${AvailabilityZoneId}"
+
+  # OutputBucketExpressOneZone:
+  #   Type: AWS::S3Express::DirectoryBucket
+  #   Properties:
+  #     # BucketName: input-bucket-express-one-zone
+  #     DataRedundancy: SingleAvailabilityZone
+  #     LocationName: !Sub "${AvailabilityZoneId}"
+
+# Output EC2 ARN, Bucket names
+Outputs:
+  EC2InstanceId:
+    Value: !Ref EC2Instance
+  BucketExpressOneZoneName:
+    Value: !Ref BucketExpressOneZone

From 36246794bbe3b221d30f76f8cdcf1a3e2c928115 Mon Sep 17 00:00:00 2001
From: Biswanath Mukherjee <awsbiswa@amazon.com>
Date: Sat, 3 Feb 2024 20:57:48 +0530
Subject: [PATCH 2/4] Fixed review comment

---
 ec2-s3-express-one-zone-sam/template.yaml | 21 ++++++---------------
 1 file changed, 6 insertions(+), 15 deletions(-)

diff --git a/ec2-s3-express-one-zone-sam/template.yaml b/ec2-s3-express-one-zone-sam/template.yaml
index 7dd78e517..199d17994 100644
--- a/ec2-s3-express-one-zone-sam/template.yaml
+++ b/ec2-s3-express-one-zone-sam/template.yaml
@@ -73,7 +73,12 @@ Resources:
         - CidrIp: 0.0.0.0/0 
           IpProtocol: tcp
           FromPort: 22
-          ToPort: 22        
+          ToPort: 22
+      SecurityGroupEgress:
+        - IpProtocol: all
+          CidrIp: 0.0.0.0/0
+          
+
 
   # Create EC2 Instance Profile, Role  
   EC2InstanceProfile: 
@@ -158,14 +163,6 @@ Resources:
           SubnetId: !Ref Subnet
           GroupSet:
             - !Ref SecurityGroup
-      # UserData:
-      #   Fn::Base64: |
-      #     #!/bin/bash
-      #     yum update -y
-      #     yum install -y httpd
-      #     systemctl start httpd
-      #     systemctl enable httpd
-      #     echo "Hello World from $(hostname -f)" > /var/www/html/index.html
       Tags:
         - Key: Name
           Value: !Sub "EC2-Instance-${AvailabilityZoneName}"
@@ -179,12 +176,6 @@ Resources:
       DataRedundancy: SingleAvailabilityZone
       LocationName: !Sub "${AvailabilityZoneId}"
 
-  # OutputBucketExpressOneZone:
-  #   Type: AWS::S3Express::DirectoryBucket
-  #   Properties:
-  #     # BucketName: input-bucket-express-one-zone
-  #     DataRedundancy: SingleAvailabilityZone
-  #     LocationName: !Sub "${AvailabilityZoneId}"
 
 # Output EC2 ARN, Bucket names
 Outputs:

From 39fecead5adae1b4b1c75373897943e9a96f3e8f Mon Sep 17 00:00:00 2001
From: Biswanath Mukherjee <awsbiswa@amazon.com>
Date: Sat, 10 Feb 2024 18:46:23 +0530
Subject: [PATCH 3/4] Fixed review comment

---
 ec2-s3-express-one-zone-sam/.gitignore | 8 --------
 1 file changed, 8 deletions(-)
 delete mode 100644 ec2-s3-express-one-zone-sam/.gitignore

diff --git a/ec2-s3-express-one-zone-sam/.gitignore b/ec2-s3-express-one-zone-sam/.gitignore
deleted file mode 100644
index dbb0539c9..000000000
--- a/ec2-s3-express-one-zone-sam/.gitignore
+++ /dev/null
@@ -1,8 +0,0 @@
-# SAM default build folder
-.aws-sam/
-
-# macOS
-*.DS_Store
-
-#VS Code
-.vscode/

From 17f5bb35d25d609ff0f44a1ca9840aaf1cf42366 Mon Sep 17 00:00:00 2001
From: Udit Parikh <parikh.udit3011@hotmail.com>
Date: Thu, 15 Feb 2024 18:01:45 +0530
Subject: [PATCH 4/4] Added ec2-s3-express-one-zone-sam.json

---
 .../ec2-s3-express-one-zone-sam.json          | 78 +++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 ec2-s3-express-one-zone-sam/ec2-s3-express-one-zone-sam.json

diff --git a/ec2-s3-express-one-zone-sam/ec2-s3-express-one-zone-sam.json b/ec2-s3-express-one-zone-sam/ec2-s3-express-one-zone-sam.json
new file mode 100644
index 000000000..ceb2a8801
--- /dev/null
+++ b/ec2-s3-express-one-zone-sam/ec2-s3-express-one-zone-sam.json
@@ -0,0 +1,78 @@
+{
+    "title": "Amazon EC2 to Amazon S3 Express One Zone directory bucket",
+    "description": "SAM Template that creates an EC2 Instance, an Amazon S3 Express One Zone directory bucket and required IAM Role to access the bucket from the instance",
+    "language": "YAML",
+    "level": "200",
+    "framework": "SAM",
+    "introBox": {
+        "headline": "How it works",
+        "text": [
+            "S3 Express One Zone is the first S3 storage class that gives you the option to co-locate high-performance object storage and AWS compute resources, such as Amazon Elastic Compute Cloud, Amazon Elastic Kubernetes Service, and Amazon Elastic Container Service, within a single Availability Zone.",
+            "Here, we provisioned both the Amazon EC2 instance and the S3 Express One Zone Directory bucket within same availability zone. We will perform both read and write opertation from the directory bucket from within the EC2 instance and outside.",
+            "Both Amazon EC2 Instance and Amazon S3 Express One Zone directory bucket are provisioned within same availability zone.",
+            "Access to the directory bucket from the EC2 instance is provided through IAM Role associated with the instance profile."
+        ]
+    },
+    "gitHub": {
+        "template": {
+            "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/ec2-s3-express-one-zone-sam",
+            "templateURL": "serverless-patterns/ec2-s3-express-one-zone-sam",
+            "projectFolder": "ec2-s3-express-one-zone-sam",
+            "templateFile": "template.yaml"
+        }
+    },
+    "resources": {
+        "bullets": [
+            {
+                "text": "Amazon S3 Express One Zone User Guide",
+                "link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html"
+            },
+            {
+                "text": "AWS CLI Command Refernece",
+                "link": "https://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html"
+            }
+        ]
+    },
+    "deploy": {
+        "text": [
+            "sam deploy --guided"
+        ]
+    },
+    "testing": {
+        "text": [
+            "See the GitHub repo for detailed testing instructions."
+        ]
+    },
+    "cleanup": {
+        "text": [
+            "Delete the Amazon S3 bucket content: <code>aws s3 rm s3://{BucketExpressOneZoneName} --recursive</code> --region {my-region}",
+            "Delete the stack: <code>sam delete</code>."
+        ]
+    },
+    "authors": [
+        {
+            "name": "Biswanath Mukherjee",
+            "image": "https://d1rwvjey2iif32.cloudfront.net",
+            "bio": "I am a Sr. Solutions Architect working at AWS India.",
+            "linkedin": "biswanathmukherjee"
+        }
+    ],
+    "patternArch": {
+        "icon1": {
+            "x": 20,
+            "y": 50,
+            "service": "ec2",
+            "label": "Amazon EC2"
+        },
+        "icon2": {
+            "x": 80,
+            "y": 50,
+            "service": "s3",
+            "label": "Amazon S3 Express One Zone"
+        },
+        "line1": {
+            "from": "icon1",
+            "to": "icon2"
+        }
+    }
+}