From a43ec937bf4842fd0efa1c2653247ff8527b375e Mon Sep 17 00:00:00 2001 From: faister Date: Thu, 10 Mar 2022 22:46:50 +1100 Subject: [PATCH 01/13] first commit --- docs/wiki/CustomerUsage.md | 1 + .../bicep/modules/vnetPeeringVwan/README.md | 134 ++++++++++++++++++ .../modules/vnetPeeringVwan/bicepconfig.json | 64 +++++++++ .../vnetPeeringVwan/vnetPeeringVwan.bicep | 76 ++++++++++ .../vnetPeeringVwan.parameters.example.json | 21 +++ 5 files changed, 296 insertions(+) create mode 100644 infra-as-code/bicep/modules/vnetPeeringVwan/README.md create mode 100644 infra-as-code/bicep/modules/vnetPeeringVwan/bicepconfig.json create mode 100644 infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep create mode 100644 infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json diff --git a/docs/wiki/CustomerUsage.md b/docs/wiki/CustomerUsage.md index b7950eb71..fa96e47b5 100644 --- a/docs/wiki/CustomerUsage.md +++ b/docs/wiki/CustomerUsage.md @@ -44,4 +44,5 @@ The following are the unique ID's (also known as PIDs) used in each of the modul | subscriptionPlacement | 3dfa9e81-f0cf-4b25-858e-167937fd380b | | virtualNetworkPeer | ab8e3b12-b0fa-40aa-8630-e3f7699e2142 | | vwanConnectivity | 7f94f23b-7a59-4a5c-9a8d-2a253a566f61 | +| vnetPeeringVwan | 7b5e6db2-1e8c-4b01-8eee-e1830073a63d | | hubSpoke - Orchestration | 50ad3b1a-f72c-4de4-8293-8a6399991beb | diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md new file mode 100644 index 000000000..bc0014c72 --- /dev/null +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -0,0 +1,134 @@ +# Module: VNet Peering with vWAN + +This module is used to deploy virtual network peering with the Virtual WAN virtual hub based on this network topology according to the Azure Landing Zone conceptual architecture which can be found [here](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology) and the hub-spoke network topology with Virtual WAN [here](https://docs.microsoft.com/en-us/azure/architecture/networking/hub-spoke-vwan-architecture). Once peered, virtual networks exchange traffic by using the Azure backbone. Virtual WAN enables transitivity among hubs which is not possible solely by using peering. This module draws parity with the Enterprise Scale implementation in the ARM template [here](https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vnetPeeringVwan.json). + +Module deploys the following resources which can be configured by parameters: + +- Spoke virtual network +- Virtual network peering with Virtual WAN + +## Parameters + +The module requires the following inputs: + + | Parameter | Type | Default | Description | Requirement | Example | + | ---------------------------- | ------ | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | ---------------------------- | + | parVirtualHubEnabled | bool | true | Switch to enable deployment of Virtual Hub | None | true | + | parVPNGatewayEnabled | bool | true | Switch to enable deployment of VPN Gateway service | Virtual Hub | true | + | parERGatewayEnabled | bool | true | Switch to enable deployment of ExpressRoute Gateway | Virtual Hub | true | + | parAzureFirewallEnabled | bool | true | Switch to enable deployment of Azure Firewall | Virtual Hub | true | + | parNetworkDNSEnableProxy | bool | true | Switch to enable DNS proxy for Azure Firewall policies | Azure Firewall | true | + | parCompanyPrefix | string | alz | Prefix value which will be pre-appended to all resource names | 1-10 char | alz | + | parPublicIPSku | string | Standard | SKU or Tier of Public IP to deploy | Standard or Basic | Standard | + | parTags | object | Empty Array [] | List of tags (Key Value Pairs) to be applied to resources | None | environment: 'POC' | + | parVhubAddressPrefix | string | 10.100.0.0/23 | CIDR range for the Virtual WAN's Virtual Hub Network | CIDR Notation | 10.100.0.0/23 | + | parAzureFirewallTier | string | Standard | Tier associated with the Firewall to be deployed. | Standard or Premium | Standard | + | parVWanName | string | ${parCompanyPrefix}-vwan-${resourceGroup().location} | Name prefix for Virtual WAN. Prefix will be appended with the region. | 2-50 char | alz-vwan-eastus | + | parVHubName | string | ${parCompanyPrefix}-vhub-${resourceGroup().location} | Name prefix for Virtual Hub. Prefix will be appended with the region. | 2-50 char | alz-vhub-eastus | + | parVPNGwName | string | ${parCompanyPrefix}-vpngw-${resourceGroup().location} | Name prefix for VPN Gateway. Prefix will be appended with the region. | 2-50 char | alz-vpngw-eastus | + | parERGwName | string | ${parCompanyPrefix}-ergw-${resourceGroup().location} | Name prefix for ExpressRoute Gateway. Prefix will be appended with the region. | 2-50 char | alz-ergw-eastus | + | parAzureFirewallName | string | ${parCompanyPrefix}-fw-${resourceGroup().location} | Name associated with Azure Firewall | 1-80 char | alz-fw-eastus | + | parFirewallPoliciesName | string | ${parCompanyPrefix}-azfwpolicy-${resourceGroup().location} | Name associated with Azure Firewall | 1-80 char | alz-azfwpolicy-eastus | + | parLocation | string | `resourceGroup().location` | The Azure Region to deploy the resources into | None | `eastus` | + | parVPNGwScaleUnit | int | 1 | The scale unit for the VPN Gateway | None | 1 | + | parERGwScaleUnit | int | 1 | The scale unit for the ExpressRoute Gateway | None | 1 | + | parTelemetryOptOut | bool | false | Set Parameter to true to Opt-out of deployment telemetry | None | false | + +## Outputs + +The module will generate the following outputs: + +| Output | Type | Example | +| ------------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| outVirtualWANName | string | alz-vwan-eastus | +| outVirtualWANID | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualWans/alz-vwan-eastus | +| outVirtualHubName | string | alz-vhub-eastus | +| outVirtualHubID | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | +## Deployment + +In this example, the resources required for Virtual WAN connectivity will be deployed to the resource group specified. According to the Azure Landing Zone Conceptual Architecture, the Virtual WAN resources should be deployed into the Platform connectivity subscription. During the deployment step, we will take parameters provided in the example parameters file. + + | Azure Cloud | Bicep template | Input parameters file | + | -------------- | ------------------- | ---------------------------------------- | + | All regions | vwanConnectivity.bicep | vwanConnectivity.bicep.parameters.example.json | + +> For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. + +### Azure CLI +```bash +# For Azure global regions +# Set Platform connectivity subscription ID as the the current subscription +ConnectivitySubscriptionId="[your platform management subscription ID]" +az account set --subscription $ConnectivitySubscriptionId + +az group create --location eastus \ + --name alz-vwan-eastus + +az deployment group create \ + --resource-group alz-vwan-eastus \ + --template-file infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep \ + --parameters @infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json +``` +OR +```bash +# For Azure China regions +# Set Platform connectivity subscription ID as the the current subscription +ConnectivitySubscriptionId="[your platform management subscription ID]" +az account set --subscription $ConnectivitySubscriptionId + +az group create --location chinaeast2 \ + --name alz-vwan-chinaeast2 + +az deployment group create \ + --resource-group alz-vwan-chinaeast2 \ + --template-file infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep \ + --parameters @infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json +``` + +### PowerShell + +```powershell +# For Azure global regions +# Set Platform connectivity subscription ID as the the current subscription +$ConnectivitySubscriptionId = "[your platform management subscription ID]" + +Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId + +New-AzResourceGroup -Name 'alz-vwan-eastus' ` + -Location 'EastUs' + +New-AzResourceGroupDeployment ` + -TemplateFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep ` + -TemplateParameterFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json ` + -ResourceGroupName 'alz-vwan-eastus' +``` +OR +```powershell +# For Azure China regions +# Set Platform connectivity subscription ID as the the current subscription +$ConnectivitySubscriptionId = "[your platform management subscription ID]" + +Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId + +New-AzResourceGroup -Name 'alz-vwan-chinaeast2' ` + -Location 'chinaeast2' + +New-AzResourceGroupDeployment ` + -TemplateFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep ` + -TemplateParameterFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json ` + -ResourceGroupName 'alz-vwan-chinaeast2' +``` +## Example Output in Azure global regions + +![Example Deployment Output](media/vwanConnectivityExampleDeploymentOutput.png "Example Deployment Output in Azure global regions") + +![Example Virtual WAN Deployment Output](media/vwanExampleDeploymentOutput.png "Example Virtual WAN Deployment Output in Azure global regions") + +## Example Output in Azure China regions +![Example Deployment Output](media/mc-vwanConnectivityExampleDeploymentOutput.png "Example Deployment Output in Azure China") + +![Example Virtual WAN Deployment Output](media/mc-vwanExampleDeploymentOutput.png "Example Virtual WAN Deployment Output in Azure China") + +## Bicep Visualizer + +![Bicep Visualizer](media/vwanConnectivityBicepVisualizer.png "Bicep Visualizer") diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/bicepconfig.json b/infra-as-code/bicep/modules/vnetPeeringVwan/bicepconfig.json new file mode 100644 index 000000000..2c0ef2c34 --- /dev/null +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/bicepconfig.json @@ -0,0 +1,64 @@ +{ + "analyzers": { + "core": { + "enabled": true, + "verbose": true, + "rules": { + "adminusername-should-not-be-literal": { + "level": "error" + }, + "no-hardcoded-env-urls": { + "level": "error" + }, + "no-unnecessary-dependson": { + "level": "error" + }, + "no-unused-params": { + "level": "error" + }, + "no-unused-vars": { + "level": "error" + }, + "outputs-should-not-contain-secrets": { + "level": "error" + }, + "prefer-interpolation": { + "level": "error" + }, + "secure-parameter-default": { + "level": "error" + }, + "simplify-interpolation": { + "level": "error" + }, + "protect-commandtoexecute-secrets": { + "level": "error" + }, + "use-stable-vm-image": { + "level": "error" + }, + "explicit-values-for-loc-params": { + "level": "error" + }, + "no-hardcoded-location": { + "level": "error" + }, + "no-loc-expr-outside-params": { + "level": "error" + }, + "max-outputs": { + "level": "error" + }, + "max-params": { + "level": "error" + }, + "max-resources": { + "level": "error" + }, + "max-variables": { + "level": "error" + } + } + } + } +} \ No newline at end of file diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep new file mode 100644 index 000000000..5cf0a850c --- /dev/null +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep @@ -0,0 +1,76 @@ +/* +SUMMARY: Module to deploy spoke network peered with the Virtual WAN virtual hub as per the Azure Landing Zone conceptual architecture - https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology. This module draws parity with the Enterprise Scale implementation defined in https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vwan-connectivity.json +DESCRIPTION: The following Azure resources will be deployed in a single resource group, all of which can be configured using the parameters file: + Spoke virtual network + Virtual network peering with Virtual WAN +AUTHOR/S: Fai Lai @faister +VERSION: 1.0.0 +*/ + +@description('Prefix value which will be prepended to all resource names. Default: alz') +param parCompanyPrefix string = 'alz' + +@description('Tags you would like to be applied to all resources in this module. Default: empty array') +param parTags object = {} + +@description('Region in which the resource group was created. Default: {resourceGroup().location}') +param parLocation string = resourceGroup().location + +@description('Prefix Used for Spoke virtual network. Default: {parCompanyPrefix}-vnet-{parLocation}') +param parSpokeNetworkName string = '${parCompanyPrefix}-vnet-${parLocation}' + +@description('The IP address range in CIDR notation for the spoke VNET to use. Default: 10.110.0.0/24') +param parSpokeNetworkAddressPrefix string = '10.110.0.0/24' + +@description('Array of DNS Server IP addresses for VNet. Default: Empty Array') +param parDNSServerIPArray array = [] + +@description('Virtual WAN Azure resource ID. Default: Empty String') +param parVwanResourceId string = '' + +@description('Set Parameter to true to Opt-out of deployment telemetry') +param parTelemetryOptOut bool = false + +// Customer Usage Attribution Id +var varCuaid = '7b5e6db2-1e8c-4b01-8eee-e1830073a63d' + +var varVwanHubName = split(parVwanResourceId, '/')[8] + +var varVnetPeeringVwanName = '${varVwanHubName}/${parSpokeNetworkName}/' + +//If Ddos parameter is true Ddos will be Enabled on the Virtual Network +//If Azure Firewall is enabled and Network Dns Proxy is enabled dns will be configured to point to AzureFirewall +resource resSpokeVirtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = if (!empty(parVwanResourceId)) { + name: parSpokeNetworkName + location: parLocation + tags: parTags + properties: { + addressSpace: { + addressPrefixes: [ + parSpokeNetworkAddressPrefix + ] + } + dhcpOptions: (!empty(parDNSServerIPArray) ? true : false) ? { + dnsServers: parDNSServerIPArray + } : null + } +} + +resource resVnetPeeringVwan 'Microsoft.Network/virtualHubs/hubVirtualNetworkConnections@2021-05-01' = if (!empty(parVwanResourceId)) { + name: varVnetPeeringVwanName + properties: { + remoteVirtualNetwork: { + id: resSpokeVirtualNetwork.id + } + } +} + +// Optional Deployment for Customer Usage Attribution +module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdResourceGroup.bicep' = if (!parTelemetryOptOut) { + name: 'pid-${varCuaid}-${uniqueString(parLocation)}' + params: {} +} + +// Output VNET peering name and Resource ID +output outVnetPeeringVwanName string = resVnetPeeringVwan.name +output outVnetPeeringVwanResourceId string = resVnetPeeringVwan.id diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json new file mode 100644 index 000000000..edd71c5d2 --- /dev/null +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json @@ -0,0 +1,21 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "parCompanyPrefix":{ + "value": "alz" + }, + "parSpokeNetworkAddressPrefix" : { + "value": "10.110.0.0/24" + }, + "parVwanResourceId": { + "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualWans/alz-vwan-eastus" + }, + "parDNSServerIPArray": { + "value": [] + }, + "parTelemetryOptOut": { + "value": false + } + } + } \ No newline at end of file From 14f5ea0ed468bee8e6ff067fa1107f5f8f7bdee5 Mon Sep 17 00:00:00 2001 From: faister Date: Fri, 11 Mar 2022 23:19:47 +1100 Subject: [PATCH 02/13] fully implemented and tested --- .../bicep/modules/vnetPeeringVwan/README.md | 114 ++++++++---------- .../hubVirtualNetworkConnection.bicep | 30 +++++ .../media/vnetPeeringVwanBicepVisualizer.png | Bin 0 -> 41276 bytes ...vnetPeeringVwanExampleDeploymentOutput.png | Bin 0 -> 94947 bytes .../vnetPeeringVwan/vnetPeeringVwan.bicep | 34 +++--- .../vnetPeeringVwan.parameters.example.json | 6 +- .../vwanConnectivity.parameters.example.json | 4 +- 7 files changed, 98 insertions(+), 90 deletions(-) create mode 100644 infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep create mode 100755 infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanBicepVisualizer.png create mode 100755 infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanExampleDeploymentOutput.png diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index bc0014c72..a0d03017b 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -1,11 +1,11 @@ # Module: VNet Peering with vWAN -This module is used to deploy virtual network peering with the Virtual WAN virtual hub based on this network topology according to the Azure Landing Zone conceptual architecture which can be found [here](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology) and the hub-spoke network topology with Virtual WAN [here](https://docs.microsoft.com/en-us/azure/architecture/networking/hub-spoke-vwan-architecture). Once peered, virtual networks exchange traffic by using the Azure backbone. Virtual WAN enables transitivity among hubs which is not possible solely by using peering. This module draws parity with the Enterprise Scale implementation in the ARM template [here](https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vnetPeeringVwan.json). +This module is used to deploy virtual network peering with the Virtual WAN virtual hub. This network topology is based on the Azure Landing Zone conceptual architecture which can be found [here](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology) and the hub-spoke network topology with Virtual WAN [here](https://docs.microsoft.com/en-us/azure/architecture/networking/hub-spoke-vwan-architecture). Once peered, virtual networks exchange traffic by using the Azure backbone network. Virtual WAN enables transitivity among hubs which is not possible solely by using peering. This module draws parity with the Enterprise Scale implementation in the ARM template [here](https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vnetPeeringVwan.json). Module deploys the following resources which can be configured by parameters: - Spoke virtual network -- Virtual network peering with Virtual WAN +- Virtual network peering with Virtual WAN virtual hub ## Parameters @@ -13,25 +13,13 @@ The module requires the following inputs: | Parameter | Type | Default | Description | Requirement | Example | | ---------------------------- | ------ | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | ---------------------------- | - | parVirtualHubEnabled | bool | true | Switch to enable deployment of Virtual Hub | None | true | - | parVPNGatewayEnabled | bool | true | Switch to enable deployment of VPN Gateway service | Virtual Hub | true | - | parERGatewayEnabled | bool | true | Switch to enable deployment of ExpressRoute Gateway | Virtual Hub | true | - | parAzureFirewallEnabled | bool | true | Switch to enable deployment of Azure Firewall | Virtual Hub | true | - | parNetworkDNSEnableProxy | bool | true | Switch to enable DNS proxy for Azure Firewall policies | Azure Firewall | true | | parCompanyPrefix | string | alz | Prefix value which will be pre-appended to all resource names | 1-10 char | alz | - | parPublicIPSku | string | Standard | SKU or Tier of Public IP to deploy | Standard or Basic | Standard | - | parTags | object | Empty Array [] | List of tags (Key Value Pairs) to be applied to resources | None | environment: 'POC' | - | parVhubAddressPrefix | string | 10.100.0.0/23 | CIDR range for the Virtual WAN's Virtual Hub Network | CIDR Notation | 10.100.0.0/23 | - | parAzureFirewallTier | string | Standard | Tier associated with the Firewall to be deployed. | Standard or Premium | Standard | - | parVWanName | string | ${parCompanyPrefix}-vwan-${resourceGroup().location} | Name prefix for Virtual WAN. Prefix will be appended with the region. | 2-50 char | alz-vwan-eastus | - | parVHubName | string | ${parCompanyPrefix}-vhub-${resourceGroup().location} | Name prefix for Virtual Hub. Prefix will be appended with the region. | 2-50 char | alz-vhub-eastus | - | parVPNGwName | string | ${parCompanyPrefix}-vpngw-${resourceGroup().location} | Name prefix for VPN Gateway. Prefix will be appended with the region. | 2-50 char | alz-vpngw-eastus | - | parERGwName | string | ${parCompanyPrefix}-ergw-${resourceGroup().location} | Name prefix for ExpressRoute Gateway. Prefix will be appended with the region. | 2-50 char | alz-ergw-eastus | - | parAzureFirewallName | string | ${parCompanyPrefix}-fw-${resourceGroup().location} | Name associated with Azure Firewall | 1-80 char | alz-fw-eastus | - | parFirewallPoliciesName | string | ${parCompanyPrefix}-azfwpolicy-${resourceGroup().location} | Name associated with Azure Firewall | 1-80 char | alz-azfwpolicy-eastus | - | parLocation | string | `resourceGroup().location` | The Azure Region to deploy the resources into | None | `eastus` | - | parVPNGwScaleUnit | int | 1 | The scale unit for the VPN Gateway | None | 1 | - | parERGwScaleUnit | int | 1 | The scale unit for the ExpressRoute Gateway | None | 1 | + | parTags | object | Empty Array [] | List of tags (Key Value Pairs) to be applied to resources | None | environment: 'POC' | + | parLocation | string | resourceGroup().location | Location where spoke virtual network will be deployed | Valid Azure Region | `westus` | + | parSpokeNetworkName | string | ${parCompanyPrefix}-spokevnet-${resourceGroup().location} | Name prefix for spoke virtual network. Prefix will be appended with the region. | 2-50 char | alz-spokevnet-westus | + | parSpokeNetworkAddressPrefix | string | 10.110.0.0/24 | CIDR range for the spoke virtual network | CIDR Notation | 10.110.0.0/24 | + | parVirtualHubResourceId | string | Empty string | Name prefix for spoke virtual network. Prefix will be appended with the region. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | + | parDNSServerIPArray | array | Empty array `[]` | Array IP DNS Servers to use for VNet DNS Resolution | None | `['10.10.1.4', '10.20.1.5']` | | parTelemetryOptOut | bool | false | Set Parameter to true to Opt-out of deployment telemetry | None | false | ## Outputs @@ -40,95 +28,87 @@ The module will generate the following outputs: | Output | Type | Example | | ------------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| outVirtualWANName | string | alz-vwan-eastus | -| outVirtualWANID | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualWans/alz-vwan-eastus | -| outVirtualHubName | string | alz-vhub-eastus | -| outVirtualHubID | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | +| outSpokeVnetName | string | alz-vnet-westus | +| outSpokeVnetResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-spokevnet-westus/providers/Microsoft.Network/virtualNetworks/alz-vnet-westus | +| outHubVirtualNetworkConnectionResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/alz-vnet-westus | ## Deployment -In this example, the resources required for Virtual WAN connectivity will be deployed to the resource group specified. According to the Azure Landing Zone Conceptual Architecture, the Virtual WAN resources should be deployed into the Platform connectivity subscription. During the deployment step, we will take parameters provided in the example parameters file. +In this example, the resources required for spoke Vnet and its peering with the Vwan Virtual Hub will be deployed to the resource group specified. According to the Azure Landing Zone Conceptual Architecture, the spoke Vnet resources should be deployed into the Corp Connected Landing Zone subscription. During the deployment step, we will take parameters provided in the example parameters file. | Azure Cloud | Bicep template | Input parameters file | | -------------- | ------------------- | ---------------------------------------- | - | All regions | vwanConnectivity.bicep | vwanConnectivity.bicep.parameters.example.json | + | All regions | vnetPeeringVwan.bicep | vnetPeeringVwan.parameters.example.json | > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI ```bash # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription -ConnectivitySubscriptionId="[your platform management subscription ID]" -az account set --subscription $ConnectivitySubscriptionId +# Set your Corp Connected Landing Zone subscription ID as the the current subscription +CorpConnectedLZSubscriptionId="[your corp connected landing zone subscription ID]" +az account set --subscription $CorpConnectedLZSubscriptionId -az group create --location eastus \ - --name alz-vwan-eastus +az group create --location westus \ + --name alz-spokevnet-westus az deployment group create \ - --resource-group alz-vwan-eastus \ - --template-file infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep \ - --parameters @infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json + --resource-group alz-spokevnet-westus \ + --template-file infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep \ + --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json ``` OR ```bash # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription -ConnectivitySubscriptionId="[your platform management subscription ID]" -az account set --subscription $ConnectivitySubscriptionId +# Set your Corp Connected Landing Zone subscription ID as the the current subscription +CorpConnectedLZSubscriptionId="[your corp connected landing zone subscription ID]" +az account set --subscription $CorpConnectedLZSubscriptionId -az group create --location chinaeast2 \ - --name alz-vwan-chinaeast2 +az group create --location chinanorth2 \ + --name alz-spokevnet-chinanorth2 az deployment group create \ - --resource-group alz-vwan-chinaeast2 \ - --template-file infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep \ - --parameters @infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json + --resource-group alz-spokevnet-chinanorth2 \ + --template-file infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep \ + --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json ``` ### PowerShell ```powershell # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription -$ConnectivitySubscriptionId = "[your platform management subscription ID]" +# Set your Corp Connected Landing Zone subscription ID as the the current subscription +$CorpConnectedLZSubscriptionId = "[your corp connected landing zone subscription ID]" -Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId +Select-AzSubscription -SubscriptionId $CorpConnectedLZSubscriptionId -New-AzResourceGroup -Name 'alz-vwan-eastus' ` - -Location 'EastUs' +New-AzResourceGroup -Name 'alz-spokevnet-westus' ` + -Location 'WestUs' New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json ` - -ResourceGroupName 'alz-vwan-eastus' + -TemplateFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep ` + -TemplateParameterFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json ` + -ResourceGroupName 'alz-spokevnet-westus' ``` OR ```powershell # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription -$ConnectivitySubscriptionId = "[your platform management subscription ID]" +# Set your Corp Connected Landing Zone subscription ID as the the current subscription +$CorpConnectedLZSubscriptionId = "[your corp connected landing zone subscription ID]" -Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId +Select-AzSubscription -SubscriptionId $CorpConnectedLZSubscriptionId -New-AzResourceGroup -Name 'alz-vwan-chinaeast2' ` - -Location 'chinaeast2' +New-AzResourceGroup -Name 'alz-spokevnet-chinanorth2' ` + -Location 'chinanorth2' New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json ` - -ResourceGroupName 'alz-vwan-chinaeast2' + -TemplateFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep ` + -TemplateParameterFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json ` + -ResourceGroupName 'alz-spokevnet-chinanorth2' ``` ## Example Output in Azure global regions -![Example Deployment Output](media/vwanConnectivityExampleDeploymentOutput.png "Example Deployment Output in Azure global regions") - -![Example Virtual WAN Deployment Output](media/vwanExampleDeploymentOutput.png "Example Virtual WAN Deployment Output in Azure global regions") - -## Example Output in Azure China regions -![Example Deployment Output](media/mc-vwanConnectivityExampleDeploymentOutput.png "Example Deployment Output in Azure China") - -![Example Virtual WAN Deployment Output](media/mc-vwanExampleDeploymentOutput.png "Example Virtual WAN Deployment Output in Azure China") +![Example Deployment Output](media/vnetPeeringVwanExampleDeploymentOutput.png "Example Deployment Output in Azure global regions") ## Bicep Visualizer -![Bicep Visualizer](media/vwanConnectivityBicepVisualizer.png "Bicep Visualizer") +![Bicep Visualizer](media/vnetPeeringVwanBicepVisualizer.png "Bicep Visualizer") diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep new file mode 100644 index 000000000..39755792f --- /dev/null +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep @@ -0,0 +1,30 @@ +/* +SUMMARY: Module to connect your spoke virtual network to your Virtual WAN virtual hub/ +DESCRIPTION: The following components will be options in this deployment + Virtual Hub network connection +AUTHOR/S: faister +VERSION: 1.0.1 +*/ + +@description('Virtual WAN Azure resource ID. Default: Empty String') +param parVirtualHubResourceId string = '' + +@description('Prefix Used for Spoke virtual network. Default: Empty String') +param parRemoteVirtualNetworkResourceId string = '' + +var varVwanHubName = split(parVirtualHubResourceId, '/')[8] + +var varSpokeVnetName = split(parRemoteVirtualNetworkResourceId, '/')[8] + +var varVnetPeeringVwanName = '${varVwanHubName}/${varSpokeVnetName}/' + +resource resVnetPeeringVwan 'Microsoft.Network/virtualHubs/hubVirtualNetworkConnections@2021-05-01' = if (!empty(parVirtualHubResourceId) && !empty(parRemoteVirtualNetworkResourceId)) { + name: varVnetPeeringVwanName + properties: { + remoteVirtualNetwork: { + id: parRemoteVirtualNetworkResourceId + } + } +} + +output outHubVirtualNetworkConnectionResourceId string = resVnetPeeringVwan.id diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanBicepVisualizer.png b/infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanBicepVisualizer.png new file mode 100755 index 0000000000000000000000000000000000000000..671a8d0a3e329094a311e0d653cbd6e83cf9ffe0 GIT binary patch literal 41276 zcmce-by!q?^fiitlu9WA(gGqiq;v=<-3-mpAzeempaO!lNGLTZjdTn!Gzcg)gmi;2 z4BZ{~%=h=cH=g^){qH`{QHH~unG>JA_u6Z%{Ygth@geb3VjLWthssK?b#QQSb8&F) ztP$b^du%G?zW_h(c}Azuad0Z*?_XKo1AZrRS2FU#!J&`9{<{;u zx^IhvlRd2bS{CeQwmnDij?VVHXCLk9kP5@FLMa^An@>TLFQO>BKHPhK&E-?U>_dLv z=k*)%`%LsjQAbY$c$u3|eNGp4(=#ikwjjO94b7J@Xv5Uh+?21Ku@DKa_jJ--EG#NV<<(gx$|Ug|CC%uLF9J``-bk z)JkmF9SwX5D%c&KmjAzfz<(DIJ(|esK!3C~B}g2iXnnS~RJrt#wmVxk^ha44DByTQ zFX$tyGCgV}Pt|&6GZD0-)jv;)H1LjOX*zp5Ln~;f=HVD_4-ZC&>d`xgwEVB_cEi!p z(W;N9E=Hb2j1}p<`Giz*@71gqN~%lI#2~M=l}9=viL%fRA!Gi3ZkwYwJ9CXaaS}V! z5sWaurlS#6k15;Kt~uX@xiU+k6*T+*_1@As7)hD*@n7BjnS~o+2H4rsH-6q$9G2kB`mCr;xMnETFoPt zS(S}(<0y7(C(MeTr5R8`fH&Q@X3=_|r!%b&@fE}_>v4;fSdqAg!jnw&Y*}Jnb{=J{ z%9)P{%+Av%8hv+#eB?|7fJOfIfdZY4QV_nS#lLn$OGY%XyzZoiEHQDfun*}LmSW?< z5nnMP;sFf>O7c+cC&?C*vW{Z+ok=S5ApTfBRBhc%6cALocJAPM^H!K%;2m$^t0%&U z9{oTdgz-t}3^PVAu+jB06x1jccoHM#we}dTl=$~$f4Yd<>Owoh3J9?xnk(jf6>(ra zFViU}B0t`{{{;KZy^lg^JiPc=lywZgTyL`^AtZIUX()NN80s+r@ufu9fNp!06aQ);sK>}yHfgO6 zx8q_U8Vw>o!4uX$XAx3I5|!-5PgyNFm2Y|1HDBzhXwr*sCiw zVs75Le`x*lVX9&|bKqmwMyfR}w&1ygE?w)JzEnjakmjjVqvBCf{8!PRCfue~8(!&$ zXNPmkF}vfGyUK|*H`7Qt$Nz4W3%SyS!f6({yn^E2W3E9%Mch+btqdS-Tu<2=B<5=T zKq$U0mv(9)my2*UJex{2pybNI?0M*pzG1LRVb!DgpF4QgO-}3F@^R(~Ig4=YI)pHv z!%N_wv~2YhX1NrKjB;t(@80i`x#4d)sV(mU^3RB^@1Xc*N&Whd=qS|N23-v?Hoaz% z>9;w{8Dq!WGa`r?*TzZ5pQR(UZ@FmrEM9F@bdpp8fuD!isb7h6Kn9-fblLy2|DrCe zyy-Wh%$|2y(kVRS{77QEMmOf^OU?l<#dsVBMqy_|4-M}NjAqDF`0W)sr_6N#GSQH6 z58kj{w;=5^?~ksz**Ya>QOHG^*^jk`+#dPQ1sx7Z{6gzNQnAa>C$VLwjDtHxdOp#i zcCzg~?utC)g;vnTC|u)xUZT|Ltl%KPkDC3(O(`<=z9h(fD!t z!j)bBH^Bl?1ILj6&QN!J453#LU8jbr8K;#!47t5DCw7OraFeo!5|C=l(VGWg^8B_c zdqxgZL6E0?sl1w_1I$}Cbtl4JYyDp({XLtO9=b&WwTBXoc(5ruG2tj1SVTR-b4t~E z_J%lHw?ISv((O+on?tKE|7!MYdo4^g0t7cG;u#ws8_U$qNMTjBT@UzkZUcUF_G6l2 zR|4h`W8ogya%n4)q-n2GFfm*QoA@bOyCce*xIvHpOWrYmlrPf796^^js2sEuPNid; z@Hrx0`eGftv@-iE)g0Dvwn4ehph7jc5+?y7k=$zoi{(7)qPlt${e%);+aZ0q^~eo& zn7*&IE|#cUfCUm$fNM|Y19$%(1BKXJ-Mo0pz%6iQ zW+Z5B04^iL14lQZrFND3@-y#Kfz&pI?fSpgGy!E$ruOh1E{W0|uZ}PxjM!J{;D9aU zW*L9L(KpNV!Hg2aN5oTTkFZX}5#Q)k`>RiEPJbOi4%-eEi6`+AIO;Mis9ZDkp z!uyf!%-$E_QIcu-nK;qq$QsDhpwZ>jJXnxa>S)MsrvYu%{^6bj?J(%%;h_V8i+yu7 zVstLa<)U8@mD{FfV2pfnct-C#`*|?f)_l|l!N2a)?|I%NbN=s(1A`&^iCD7md~_MS zy!ph~_{rr-*dq-?+h9?uFPwavhrL|oB_-6=pn^;v<6=>no3j<*5Sf%t$rHA1D~X|d zUs0NfTYuEn0yCUFrR!$32{PTLi6Gxq9gEkN70Yh3PbCIzTbWnLXiA^|t3Mo+SV4u{ z96rT0a&d8)Ua0xv(knda*~eo&USfnv`CjVGF3oU}YpbGep2P-AWswfU>_D!JqY-iyWiNA@z8Q%ANzzY~}-eFAsFwAxVw41P?( z+IG^+v1E#`m>!cA8~T)+HCs*BIQ+!ZDK-ikwhP%4HE$!*49hHl!^F3_I&k{x(OH2y z+4tVBX6^>r2V4WNCo>CvPiHX4I{3_LV5Nj*Q_W%}`26l56?8u0MDlX0+Toi8?LKuV z&;Du_UwbO_E=#JCMQ{}->r7-@SHKA9F7eE_RWBAM$&2+Ijx+mRcrBc)hYFS={|?A9 zJ{z8aCsXzX-mAfc_Dyl#KQ{SX+&B|-C|SbxMK@JnJj2P+VPbRF;<0J1a3kU?A)VQ2 zy}foLeqR&2YP;EKAG-Z!GL7H5yO&Ra&kBAhhCE+O*ER72r6wk{Zp~rI8^341?vCK&VnL8qa177KAD4y_;oj5m7` zDgMxA2qUV$+`lMZoPQu`391IwWWJlED~_)Da_R>Zo2N2YOQb7knOlG3=k4!g zKZ?e?srPZb(c775z40!-sGK8&hVk5$X?J$H+AwHUAs{DgEb(Fs!Y?GIuo{%Py%M6P zSc)4CB>IF$#o0q;=4W|9r`FiCo zp;cJbOXlAr&q+L+Zm)OE&yCJc>RL0U3!2@cA*4{}`|%+e5v`S7hk(8hA)K&3Gn?;4=L*H~7lLa={}(&e-IC zs=k;9#O)#Fn(ZOiJYiWly!74SgQ5(r<`q@xISwM6)A>NR;-+`5`QV7Eb{#_VAdft& z-c-Yut57mIYKw0{?dU#UJ?WOeKsl=ALXG7V9{{L{J=h={CP=IR zvKb`|@#vx~DxC^Ox{oMKD_G!AO1Er1a;)N=4zu9Y2eVXrJNE+3oX*!?$TSt2Wtp+^i)J@9rfVn0>oTPe8)?P~q2&O#|M;d0rEP@$_rim$e+wxqn`AT`^Jg zV;aRXL2>J@D#=grbP(j0DP-NUr1`f%aODNxolk93r*gbYtGDvta<`k-O|9=m7lNr` zw7d0s+sy+gpXF8MhCYa^d@@iG2}P1y{nE!|xKxV#%hT@>3@Y&ZocS~iIZ=ILMT>$L zSBIzqld0Z;c2xMJ!MeWl`G z0B@iZxYWm|*Pom`QiXxG+K302i+%P-cR%yyy_RvO=h?5nifn0>N=<@%lke38YgFF4Ox6NU-NlSmbThL zaqowCe=ySFAUtE}wdfD2Da2di_V_~~lSj<)#MH7$pf6!RRA!vjMeAS95Wa-o=OI1W zVi`{-K9jlGkAGa!piRzZL&22Z5ukhgPf#`xb9WF{FvGqSz0(fnBx(vXSR?NsOb5I6 zO+>7ExW8LWx~GGXVlKJD!QYgvUtavpQ#YH~;et6R>4Rv8Fk@%j0di8`)mHdpb z6z}(g+vh4MuGPa|=qPmZN0>A^Y)nToo@v16M>Nl-%3iLM2V%RSn^R9Ir3bNEjcQdM z9D|J7SBe?cnUQ29@kV%~rOxUyAMSJoRLQ8+am{>kfrslmxcpZ`HG@zqeP+Z7Y@lrvO}y}!^vq(;OX&_ zD5Wnr=G~tr((9={#8!)GkuT<7MELIU9NE=jIBI=5h(_ z;JA!GEkD|Q3#r_07Y6l6j>BExQksrD{|oVd-o3a|Yp=8spHo@0hqz7HA&+XOpc54`22qhlG$mvD4^&A$y(!Rs_X0orCZ}WpANTfwFRez_@UE6_E@#~`GkPdiD zG$M`|B3wvT7&hXPDr-(%|B)9BHDEQYOR){-y{LiPR+kEZ_f>YQA3Cs)LGb0C)l>{R zA0D>{Xur44e#%+O%`3l}xWRH6?OMJnf)o{r02PM$e2_$o3*eB!$&ukBcASHBx!Edx zmj~an5BgyoqzYS9#eP9B71Sda;$2m?)K#xIw#}69m;3}Y)UTs9+;t}z!4~J-)w_Me zwdn~1K8`NVzT;m|oyQaAt<#7CRY|xuf}Qd@C96)^ub?VD77B?1)q@p_I_#RC=Z^o! z3N+g+dDupBrw_WmfTzxBNkfpc&f@HNLW5&0qVBFN5WZ@r-fZ?T+`+D#4F$vRRY16c zQGN__A~e7AbY42D1GR{&CF7BRpBqw;A>?Y`!Ay)(<$>Aj7t75={!_2`@o=WUeiwLc zpxeQGCk?0L75`>5lPr}IGT^`#ep;}h=&M`|fp*%alZU;Pap@y_N63k%w01~`{421C zx?m!ta4mdV#Z%Ruk)S6eW{|8MPIOw6yw~|o1lo9Sd#OP(tCY0QGIM=LEfpgD$XSpx zpr6I>Aizv@!mNT6W2Jh0x^J$O zL-q)9mO-&GS^hxs7mjpI`pMxuIJy;R%kxg{g)HQ#;jtw%{HT>g!CAEFzyYYU^u7C_ zSTUX@P;qc~2VnMOd-A#pa(Alvpzq~yJnS*h z@sjE!CzgH0)7F~1>}0%2XaRc_5h=jg=(Ii?FMty8l#!_iwwb3_-6AcYTY?_JdWYve zd%Ym)HKHx*zX58urffDHrMBGNWC=M!W{coq27I??39$1%bB(142Tot^bk}@nPoBDS zk24tunO%eP{X3x(`*h=VZ0I5iJQ|A#pJe?WLgQ43j}b8^-HYty-!Lm1z2YHg^*tA> znMZ$Hj`DcB{Lz_po))wS{>!gun^dVKY33wiF?hs?%O4zZD9iImh*@#Z%NsTjdNTQkvuWF{58RINUA`0<+mEC7Vz zLN6YNdR9u8##Z!8TUI`|MSRipR2Qr$Z)`PA!Fvrt}ytU*PCdsogD^z-Rj_lm#cu}rr~ zBAG|#5`e1?8fL%Zk5^$w4Is}(6y)r6^_Vyl@no}fZ~QH!xG z+y!97f6mlZO8X8Pwgu#<0= z5(jkBaOa*aF9K;*?r7JVJOVvKsuQklOBkYL1jRGi9R!>5;bz>5-|~7b;Ri!#3ihLe z&qdN|<4>2ozUo~#$dBv3I|oZn@doLymzf|T=XL2W@gu>RQV}SYnJ?#g+lz-^2Y43> zip?^r2k&HTiPw}4VBv$H@yi4=EyCP%st+U~{!SwyBUj5YlwX{rAZ>HYHs?oe))O)S z5u4<&`N}c%KO*=2=MGvud|19oo&!vnf57SfZAh?@x|(Vt_#T!?t^LwtzWzjT?R9^K zu5Nv@#zcw0+?I>aqq;=2&M~WfsRc7X-b7p7T%A`!F(b=4#R_r2 z$8Ypb2PDmrkSpDHi7c&~7gva*`<4$JN)J%JLJ2Cx;zmpmfcPfP5wz=%G%yc-ndQIs z&9K5kcHgM@IZzID491IaIg*FyeI}Vtrk%>MR6M{wv6}_$cVXF)i)TGl;>yL(k4_e| zpEgS=#6G1=cSSm+$pDOc{q@O=uBe_jKX4b3RS1&Y|HauavLsb3_v>NFBglOr#y+OQ4NCCZdxhW)NkQDWqb}0DD zXDNpS9zkbA4p_M;&b6}Z3C7c4j5=!k_%uXOcYB-n`k79wxyt|jb2zWBT|B~}5M&0x zSGi)EiVV#B*)k2-lp*A)A^rz{*sa^%-QlnG1@y0XCw20OPl=SW1#uZM_+-_B) z%A93J$GZQw76XVfKSvf8d>TnGcIhrpdg#2=ii!8$s3juB@kN$X4=4>xKZ7W9;{I&@ z&jM*7acGRKQVp-MM`d9y0uys7Cs^`kT6R45y@$+{8|M$fM;PwhOUKB9V0Yo$qYk{wU{1b)JH^GXrxppqq1HzbS z8uQtmro%zM{Vpoq31Q_8=QAl0kL6$BhZ(>k-dJq_Xs{=YdjE4s)Ovm+CO^GfmVo|o zwLK~hp!`r?#jM^$83q8U6`v1kY}^G%{i;4t7T1EpY%%ccpAG(8&d^4#c-|zS#Z@;{ z3R9#H`voz7@#HZ0w9Z;VuS@@6rDV=&Ky}a!Px5*rrU_0&J`D($yxQyJcVBFq1c=*_ z!evJY7US1EMdoXhe-*G**(l>uhERToUY+d&(Pi>_p(QxlYs?s%kR4vKD8xj{hT`YF z+IX|f=I#9e`r13G&%DT+29Ur;9M_BcvKgxF1~>;l=axltVlu?MbdtfPec1ERAH`}Q zUI4+1DPZ-seXxUgJNyF*Dl*23A*`hz4|59>KoDe&sA3`#q%gaBbPvVs60Ap~ba`UT zFcXtS73d-+c;dP;0&yMU?YAWW?H=h&1tt^!WBzTM@}y94B`s)Yzs64lb5fWp=S zNgM~r21?*rhg<>r1J|HY2*ANMOj@g5W{wIt!Q$)JzAt(7oiX!Q^YJK`S^}(QC7@Mw zzoCNsJEoVY_%0vO{fRw`8c+{C`ZFc!MC%SEfJbjVSz+mMeLO*hje~AmbK!ZvmHNdG z_oKX!ALE0!tTD!a0Rhy&Lu0eJmly*|uif1{47~uwemM!?kq(|ctQ<~w)75~DwcM1# z-dEGj2v6-gllb?;%?nR9gMV(nEUC{O+s`tIO`}=}oLKR=a{ZFy=GMrE4No0aXt8YU zh3iEewRgY#W-x92b!xP#qj8;UtVeIlqvaLF7U~t@G}@Ohy9j_UU{&7C)x9_3I=4w& z2jfAOJ}k~_bm8ZcKK_Va`PXb7Jume%DqabDD&zVE#JPQ`{gJEp&3I;?mn^vK*DNQF z55AM`Th6_H-fcgBWg0`@%q0A@ z2c%hDc#0J$q^~=oce*?#rh*{6RN$2VTeIqz8Y(LrqC3X5sq-8&L zIpc~?Ztg3;HCE~(fdjedZ@Av-i^kNDgPY~Q#Ypd6Mk#z(NK@TT3b_hZi+W6x7zzbbytt!V+=4t|$}r zP0&97d@Sno(ENU!?=PTwE|*jfMgevJ;Q@PEdZ1tP02J(Qs+PTQAzt3C2o&t38dF69 z6g-%z_n2OnBJzpiR4GYZ)#i)FL_EbQ@1(hxj)uY_Pc&P7o86pf6`UHWT9o4A)@5>^ z2b_Ld*QJxQJOk@wRu3vu0NRfDS%A*n;^KR zQO2nFbG5GtAR8G#(8elX9Bu* zDJAr0Y#}3!cF*bNi0AsWhP|(e5TwaAYE%lDDw7QWvOLE{W%kS@WI2}b+Xu*C3Ho#P z7r`64aFt}zjwL{V%Dk%+D7KoUt5b{c-JS0eD_sFNUqw3iwmS})2PJEC9>2&v*1t#O z6RY|gtnaV%^Z4Oz6$EfTJ_=kYFUua|tu9FI9lG9fW6)ySG zm!-A*R=*;_;np~rSaG8axP8!;LTtFkwZB3>5w%ZpMFtbNmnR7Q`N+XoW+`s;P3^w1 z6Eb*c?f|fKL~@nYKbr^W-=5Q!(`GE*8-0s_R_9Lt{xrv;7#E`nJNV*ILC4StWcblV zJ@yQDxxZs$l&L339>nCchY0yoBaOHgAPsK+12&fZZ{<1D4V@$sxp&-M zfr6R5EB`wPEwS)T&c5NH$ShxNJXrvsE|hs6e*x7zsP8-o0h-eMV=mur8v9&?7s=a? zu0_!H>t2Hv3XwUet|QCl3DDq)NX6fAe)|abj4$MGp*Ch#1;KSHR^Yu0Se!sE*Od#C zGJx{v-?h_L^X1C{P1~pIzQEhvklSdP+jG=D&?EDEdkqfFV~Kr?hsN98`R2X&?|9#D zu_CGQ1orYB<_%ge#%k1%tcPX~gu9TH@vY|rZuy7MDc;+QiPn)z!9^nu{0woRAg%be zUe5KNR0a*6USow`1bHZPasVoD{>${)runTnR!|q3#F=?F0ldg`7|I58Kz>Ijr|9wo zU?C`KCBILS4J*_qnJaXksqk~^#8`&IuL-E;za}(DiwQKgB2cK3O(-q%E3%7vA!6BR z-ZQ+1$WGWIE~C=YHlX`Q16sP|%{eNhJDRtJn%1R8n>aOw$vEI<5v#451E)KB9vh~1 z7qpbzCQBv;2yVJVY&C#t{Tt8%dBf8IuShOmUu;=Dx6@{+0VCww(3=?=*;GXBOHg&k zc`=kc3uq09v%EBU=6*1YylTW_Vp74S_RiDxiC{P<;f z4T@o^_%x-C!NyN=f~pp1iqeNaoNwuM+}Q1Leh`{D2A;d`)7ejVeu}=8BTM<~?Y%kA z;uy_RqM9iFvG_r*Jh3ITEg=$yYmkAODsRd6E+8lspKCN{)*`>ECodcKe(Lfv(-L_E z}h zl({~7EQB>Nfo0kHDdGxS$UhcZ?EnrVhoSE!NEI^J!sR>_0KYW#{s0$tT|}(xzUm(q z2LKLAVO5XD$NS=(0X5fv(!??7A_4x~aD&c?mwt-XP(~5Yf&?Q+u&#z0*D&irJ=;to z71b1OWy|Qx|70K_;qZV;UEIkm0O+P^dB(zcu7rF|av2j!5T;uUG!r!5e!=ARMvN!? zW`H~3$p1T1T`$Som00!*?d5^Q!nww@D|fVy03YR;oissBDzTTCw28B|w5IcIHA-5d zIjg-`^tZNIZ1P|4ziv(bbf=~8U+r*l^l@uWV(zS-Ez`Eq^nIawl~xo^r4BV?P@lRH zp%BIi@27dAE*1bNDnfSIiW7dHEiCrHklZDiXvjq>P8c$=IE=@qo$YrkBmGZu%@WQk0mCl5K zO?74Ese^sDvP`3pLhKA%Hv`nB=`!)Bbx&Oj%f&!b(DI+q7@BXPM$jRC6pCN%Az z$+Vt6Uw0I@?v4?<26|hpdOZSt-iTneOv;v}&JO6(yvt4b*AqO*5U~Ee#(A*r-<66S z8^nz$u&GRE!lc;z5xa(IUhwa`Om`|3C7{F08E@_m>zlYFa|S>KU6m&$5N*QGGO*fQ zmsq*AjE=IM$?9-zGKzqJ`K-x9+KKJUb9EIsJs`?7&=DvD;_uCJGvy>ZG+iOjD~-)t zBN(4F7P4@2Bf5NlA&P#%Qw7Q;7SXgjv{Z=>l%`OG?ax%Me(!l*S9Q3;ro3H%#KrVp zX^#qza(Vy5AnJn752A8Lb(-b8(0F!)V&HkguVDsqifrI@QG*0d8j&niwp^I;U|$I| zQ%g=i?}Xg!tpp@uCPzTQSLegynU(BN5|vQOYe1HYU5S^0)waJo=s;Lq3WvM?+NNCW z)4sP0z?TbWcMT`DElm>XJ;6<4vnb%&gnIST*o(ZL`Nd6Jri$K}$V5xcdj&k0cK=dn zS$HK-D;3za$5R(8FB9xacR9w`_3ohpRTkPKK-tl4>^j}o7Q~hN8}Zewh(*&NzT}c^ zsj6tF29McQGTx+U4KyVe$=Q=Fj#qLA7ynni#|o!(0mXb>!y#R|oYIdOF7zZego@Jo zn4}(5b)LuYi1Ai8YsuPN8&Q#!rO)h?a$E-OO}*u8t0t{38{QrRDUZG9ME`d2jSL;U z(4h;td86IBZ`Y+bp1pTz(+N3=5eYsusO)LHf5#_B{b7FM-?-vK5s(;LAE%RGtmC(x zTtZ>60udd!LzJL`Vo+@LN_CJbce?9Pto3t6$EFIeaw2n^&OIJQ5o=BtJPS~`jssbS z3Smx7@+s>Tm{>8aPvv{s1m9OuKtaeRN!4GXn+3`?FNwrf#d7t5e8SI~hwU$VV&c?> zR_N5Uk_U_P!^RG@G*g|6(@Nh5cOk6aaVm6`h6O9ro*T`po9axAxt-y+`~Of3x-r2n zjk1$QN0%dd0d5~@jFiXU)Rspxt@|!O50Hz{&wMX*DIuT01z(HTIu{zZO*1i3&uPFo zho@zNti&75#pmt}+a?}9Isen9kU?d96aGH?m#r1Bh8_)S=jkZseNOoOq9~@#-%3!&&+-=W<`k!|0v)__l3c;s%+LdB<}YOZ{t;oSoEfVV%xv}iIxhZ90FOU$ zZ9@a)X$IQL5exMU)m~f6-r%Bl4ETD0=&sN#)Bax@t zrIa|WajdT-xH=lnG_>q+lTwNjlHpQkNndk~E{GP%|Ez9*D)B;Lezl4Rj|9}WpD)tP zaZgw7A!VhmrqoNw^N$Pxkm3+nSwrYy5o zezEHLEarD#o)xuwr0P4ecUYGWbXyhF*pV&HM6LZTkK$syuH~iAj7#0)-+m7#ezO*) zv@)iao@31b#g%wAt}*(3n}o|#ZQ?X?lzKf_FYv>mYOH~#mwzFfCAK z2b)Qvf~Ah#+n6#r6(s$7n1w%hGBQTo&bqU zN^0ZcS9jwsZA8dUljy%uw8HM4(5U#DEKBRUPb{rhnUlLmngtGx`zks!dv#81d1BU( z{Bt7*puj_(sz``}L=J$qSpxDgbnz5$If~B}1aeJu1ocSFf9CXjfDb(!5Gf#LBaFa8 zx{*yHA!zvOOVffxr!1X;5}^x_Ukq6Q;AG3smiLbJl5F_M!5oM4M=Yx#!&8MAZuHy6 zf5I%#CGEN2{wx3~FEOTCA843)oXkIJsbxRk+BbD=LRDCHE(3^KX+o9fO?bR5*#iI} z?sfy{vg>h8waN?1juIz9Jq6C%ewJ+8uXYS`-zM;Pfoh~3<1d4FxvO4i4Ck*){Dnk0KPcQ5ANQqf5N?#r~+lfI=qX^bY$5~52V8`^Y3y`?uGy;MwiO%?u!|z znTajm@zl*c&$6BA2l;G8hcu#&ouZ2|sIKp~r(=^g@z>MPuvz5$5kNXuc*<@@Un!MEOGyXf6E!Y!n5w3M|lk+tIx;B2o^*!$2bZT z86yr9#>9^5>Qt^yX&PS!B<=H_s1*oPz7)xvKXv7sll!Ba#+_Zcz@dfzs2M-0h} zm<;Ki0llK~W`7{X4?mvNH{WBSmU)3(+g8DCLNlR@DSFOCPFTdZ3>a&U9dl+5+}^L+ zp>q!0B3<4X*dl-hY@A`rn{?vI@uY)&Y-MYK+=ZoS9y+Sd#p^3qk*ms2X*bSAn;q%Y zNa5a4Lvkncx=(ne*=QH*l5&{qReY5%-YbhY-F9f?JKcS9K2{D(M&NGt+h-rO;q>KJ zsVCS;P0a)GbLkZVM6MDbWKI!em&QvTC|z)Ck+Wx1^L*0`|F*3}ofiO!y4L&}0vI?( z5ie4&v#f3_x8gpa?vI%VkR-v@es)a*WOU&;;(CjnVmvtJ34EDaf+?pn6~xy zJh(6Khxmv2Yl3`tzy1kWQW?*5)>4H*>kYr-Wu|p?FiF(8E_=@vM)${e;@bfgN17JJ zeMsc)8-K^mh1=D$!EWD|E%vn^4_aGahV#}K;hETTmpnFSO_wuJMDmWXmFMkTjulVP znDU0zCofgIn@nIxHX^HiB5AxN7v2=(gNsRJuJ-EpyJ>&!WK4RWUoViCs$OD#p!^50 zEY+9P5=XZn8jddSG!t6LIcBN7h}3^W%EH3AW>cDf=b>Bdl1Y5DYwfw2g45KG@crdE z-(M>eS1ivZw;HzSUacNck#ujiiwq9RTk|@ti=Kz9Q zds2p*SO$P+z~F$SvPIX^=_AX+LdTERmfNHYUdI9y_*vvQJ^?!inJFMuc8P75OTlha zSHO(~j6r<#uiT1MfB}qI+d8&Tf*PeKB$Z{OZ~tt5+j$|9q@k)K@n`!qgsbwJeqpZ^ zp~`}0@LNM$v*JEjrBfJg_JzcV?L~@S9WKP+O5ZfBi_{zx?nCZ1hlp;6^OnT?sdyd} z+vX(}p3__`;qobJ3fn!`XzapH8+FHurG}#;Wr<`ihU4=?m5vOG_>l8i>Vg!OTVt#UMf4=^82p+Li&ew#voA zV}4=ctqZrMIny&J^8J$QZ4YRZl=sh4^_nVKT?ZMDL&?nF+|AXJ^M4Ex<_)0M= zI+k0@N656T34m{>ZaOKh??yoYK=l^QipM_z_G;X;47khyy^%*{I5*8m@2~CN3ZIA{=kVJI4t_2!YjsH9YH_1GDDqnV%?p#j zcR9LvyAHX7yUj03WEt^^rztsQaJn4;iRwQzqL5z9FV$2RY}! ztWD0B1zkB?Wu^M`wx{(~+CJwwZ$$g^M?-nO*;Vmn-nDnqEdT24ljc)0aLB1;M!aP1-BUPcVr|) z&m{+)L`f6LXZ+RA?K8ZZ{iIN~ujsN+uf&@O#$MqMEh+d8J6BL56LiG5-!#_Gzhp_8 zckg^yl+KmYB=~|Nr{!=ygY=K@oB0S~{zOTaHRJhY!1uiHy(#PXJLD>GVEW$L;XHK8 z7B8S<5+Fgo;@??Tkm%!GL4eka`+ZHP+kFP`rTajm-6!_vB~Ih|`1U@I@u>8B*3uFN`pVXpt&iPyyf(%bl~ z8txY(Y_j<*aC?7gX&@pnS4BI;UY5c8L9)O?;`4_CCner3dR zWqR2sD%V#2lmWL(6iMi21^^x%j=-D=ri$r{^3>Ph<+K^o+q4N! z`c3RaR&WapaKPqi^&WQusuLT|gzTM?H1n=N}86MrMbgF9F9x{1kP#-Gt?Jv$)?3w0oDWPa ztyPe9@&1Kmoqlwp8y+VN+ud>GdJRD3R_j`hOOq$e36>I9`JZtTkWLmD?d7VQa>jeF zWSD~7dOWeFoBZ9&FfC~Vx+F^}Oqz0F6^i&y>Ly^N&b>B`i$#&n#2_jdF>$@Sre#a> zpXE3<)wEDvNpq4lYcCp;!49bq9U9_4-0D=i#^+FE>yy#g)lu&J+Wh-*Q(VMeh+Q56t$rBp94SdQ2ybgH=@({?Qx$C#551F z&fm08ro)b|*$p_s3 zkeAJ=FLKJnC!q!6U-j8q77it^G-F&*@s#O&|6p3~)vAsNp2D>H;&VxJfO6!LF#tn|ir{Cz*hgA8 z6t%Ga!*m7H=P$6&UV}ifu)dm<2(fWhESOOCz^^MTrNdls6l4Df8c@=J>G+3KV|NnE zbTy2?Y&BP5l3i@mZh_LB2&PYYNJoc?nSbUQjLG{dWUsM=GCaPeH$m8VG+j;qsz11i zSV8O@S7zrUAQRCzvU*8cug0P`o+Jx(kd5_V2V1;b|Fd3oJWqao_vxG%92iFeXZGD? zLKRHEakr%T51L0_{$rQsq@+H=vE{6fcf%Fe#QW_+pi|>xIBqMqV zos7ETUj3HDw>AbwR6UAZLfUNnToQgvp)?Hpw)5yuClx>zqln9wa>p0vD-j53hOS`Fvo#BP6et zC!l64_S5uGl5+|xSOjf5nXAINNX*FEh`vG}<|7T`7K4DsB`=f}4`{2g%2JKw{NaEb z%xnMKMt`xdR?e0^X7?;Vzpr$_2_O#O>gx6~)ebe?LNclaY|6zthYBuqq{2SY1or(g zMWY3jXni=x7xu1JbI#f4s3?QLHQ!i8P?ruY>hY2lJorSpJ)TTQx|fF%QF3YTvvjc~ zsW$jB_rNF$2MoJmk&SOttmkMxlX{=%h3`+wnUbvKy?R}}r(xI#%tMSG5Kc~=7lD_t zJ`-pe7eri@K=Fr;qSEshm06M^ZY8AXzg4ijb$zu{J7jmtN7>>cI&l4R6qkPBLv$tJ zb`L4{14-<5A}naDcfw}5>pkaR%)|$Gx1dhAMBQc2SZwTOzD{^ZZ){Cf>)uOJ;UVBW z`}6)zN)NzK&KWVSQV8Io4|Zy6KCK=a%Q=f74M#tYjOrK0jmCbPuyN5r>(AwEJ-KNw z`>Nramenl|^jUeMT=UM?`F*M1=GO&Q;^7qp~F z8-gzGX(p9=Y@nV&kK!?AxZl`1pZt;(PscTnP#W6Ex~0|ijLbvY%BK-95R5jA;6406 zhdvx0OLgRY|H+G9th`e4Yl@ZFg8;d`#f;wmb^^wXyZmD+$gLEXAc~;gpUF^;d}N9q zjqGu}mnIPe=+)*qH``)4LEE-c*zvpB#vqEJ!od_$;$OjcIW|*jKa>4I6mW50=1_1B ztLu3aMa~*B%=uKi2m@2THJWE?d`d=`R-Q8JUg;%|;@<44e*5s9rVO;oyFBC{`^eBo z&;r}$LPQEl7~Ti2xrCxPGoUi;W2XRuQ_g1fI?#C|tEz9Qw)+Ebi-NJ~_i^atv|2%< zx>|vji8KUoag_(boYbgxQ#I@@s~Q}#;5K@(oJO+ z`N<32l~~2wME_@5j?eF6)nK{&RML=e1lP*L<;FbgoI+EtvPtKSE!R&i4+dt+!UI~% zh`nD&RdPzK2_xI7+9pKr9+17Jj48_jm#H+aemKoVb~ypglT)EdGE|PSN`>>zbk6Gb zy~AEowF)&kV!aN)-D6wpo&8L)p6x4nn|R0jSd~qEBH45@<=TWOYqo(>(s*q>HdfDh z_N5fiL`G|0%d=Pd;!JHftF_S3e9k{NKj=+WKDxGnAz~9>${J_ivge!~ARnMV0o*?X zDTYdxtq|?`O8i!rg(wuIqDyJ+O|M6%bYDg0=cdE}s`lGpi9;HEQ@mMN1#WC^~J z2^Y5|#tO$1df(zpNQm1Y!aJ~N(`_R>}>bwWB$YLi7(m8C(`SFeWi zU9nV!zP_P9C}%|=atJ#y10J@9{sr_McD>GC4+f4g8T_FsKnv5Q{?W$+kx=CgYi%Jk z38O@Q5jfM%JMqeCelRb;SS0Mca{NZ`+r~55q+THc=E8)kIng$)BBV-1E~n}nu|`P} z=ENvrN<9)CEgJSh3gd6jOYBl{mP|EC^tHtD(qGQp04^pCbgw6gL!Ro8QeJU=AL#bG z%4F|okw9;$v$&K!Pkwc;A(e?E^G|pT$?Bx`EUuh1tea|T$TAxBdc1Xso@MkYeq9OD;7keor6SVtR)1{e z9Ne%@(w8j@^f-!NdfDeZF;7jRi0P75Ib8rKd!A$Q*bG^ScsvH_pnxdSkQL}$R-5>I zOLT1a$ro3Nw0TveLS0e_eOKVQwc_l~kh?!y-i%Gykm<=1dHGHNFi@{;W8L3XnfGvhRR-6*}t5=6fo) z+1&Df)z*dBPuWAg))w!gvvls*;;_ka`|h4c1M?`6$P{TuCNeN6+X>kUJ2^YJ97gc!4M=79E*Im4@&&8!s zp1c8U6RJD&mSqC6+GMbnoF?Jx>PU;0V*n2gMatgmG-B90-|nyowOs7b8m-DIjy89s(1_rPbXvVzy&gU2LQJ&ZGarW?# z$rKuDf_w9(A<{D|qmyQtT@#h~+QHKK zH|yTt$nJ|wTzh4N-@^^pUi%RhDo(dm;b40ov()tH2MN1hZ^X$??g#b;YfQ%Mk!O-W zPrRQb)m~b^y_6)T_IdD_;nL{SnUu$4T7?ugYPYdmOs3YiEWl8C0yQ~1a0-3)$UA`LLsJ);XnE4JMIH|T*B*DZysdsm6#k5HcM9e;3aW5Pvc zX7FmV>W&~Odh*S;_zNn(l=mfoB*bQ>QQI8&B#E)DoYN(9E#xi5|=TT-4N8f{!se2BX!rl~j@44{4 zX}8W}TwFjuujRsJN-QoaFLyc{nF?DcZU4TtLS$z|b!>Rj7WTg8y8{@gTTzg9%pPKX zvf#%oE@kumIwkNmqM-zbZBSE%I`16EpKfBM?H&+RcNhS15|S=!)M(wS=AYWX(LY22 zE8)ec6V|_2+?xI-99rf#puK2#;!~sHanI}=a-*gYVyvJ$_!1xyne;L z&adK7z7rX|5_49X5Usm}`lE*9Ma&vIe7V2AnQd}J)_j19)wx`_SKj>*q^IS`g+nQl z;5wGJXmfpvk?@cLPZ@`dpic0>fr$kb3_XFt;!VCnCjK>Ir@bC#s;FRJ%EnMigZMFQ zSl=YTc8m=3`T9T_HL-u3|GD-Cdhs#2TEbP0jwRxEzn&tIe;_D?xqt2iyM5?C7*|@i z66cD`BJopop?oGCRmkrmE|4?CUU=J3-6NfW?|`JMyvd$m?HQYc$7>Ej9;JDaY7vz^mA%sLeRDw%4pTctvC@^}YeJ3}a3$&c4NZNk9<0*Jp6b<~ zYVGalx-Jjdj+m|f(d}wbOyl-+`So{+(RnPlVb3nBy{kb@I10=g;l7$)bc2d<_CXx) z@KF?efj(Dx9=6Uc%VSeiwVoSL{kw1&`WV^6oFaV%7}YByIwiM$1tJrjf|uZWi4K0> zy=rbNZO?n}G%o|8fwDBR^3!1KWrrYu0gM#Bf=m7mevL-Fzy%L~iq2th2Fcel^}|&E z5c391Jhb4G4s>++CD%!_7QZVfQm34$sVx4ix#wL-ZgH;o92W?C!0*-beihmgYmvQq z+<1kbGn?Umb?OWWj~1kF{kAxQ9+kGg0jS5D+0cX!GggDDVUFm4WHnvYi9|OlfQXl0 zhWD~zMc--!Q|Q6?wF?aZsa8!rOpM_zA|FC4IeF>7;rxWJG-p1 z0m<_QVootc%`~;FUBI@Gnd*Si-qN?o<=T$Ce4wG%d6` zHcEIEQM)y-Vhh`w4ZYRt{;b7*&(rdyKHAYKm`bLxXm&o9oN7~7vsRf6s4jKzCb=-V9z&)rl`{& z<_Y{#ku(Ow%t?6iG0Q|OM6Uf(6~DUFb_#%m9nGtYrxWr6DJ2{^V| z5vita^6W6phfQ9^8upRV5&2HTQ}~gq;>b69MB=L!+F46wAfkj*KBoz|0^hcBrzZ~= zoc91DXKEQ9|AccNlbcMEvk~_WC4p>lY*X3cne}6IHLj--4~;N9tHTeTqa!{HTh`(m z`gn@;&+>wykM`WUi^AV3HL%TQZ%_ENYRhWqaWgjE?uyIx`O9<>Nu@19hjzR}RrMAp z`by%Sq+;E$$VFUklZI_bHQsBj)lY8eEWTU4J(zL@X(OZdy#-b0TSBv8_2YyS;Z}z7y>CK@_n4jJ&1CqOW9cavH2q){{6}*yfT^ zDmTH9H!VM5fuMddIReZ!Bejg!KjU(bx;|Wz;kO|F=#y30E?N(CTsqdwnhg%Nvzsjs z4K+Gt1P#lo^%tMlfqGFt3web2RFgl0(H@6M=oY77n#l8-Giz$X1i#e z+3s0$rCuuPan(n~oH2ygHo0%Kzy`b28DUa`%-#p9F_KfyJXOSRQ=r+!S0&xZv(@dv zA71Hr6*=BKz3=N)1~Cl{v33)Lx8nl>&=aL8JuMFZd}nvis(Xe5=7jjd7~R!Dc3Y63 z$}`vCVd#N!!%%Zlth2mx6k~hb1HUTAS`F5QLT6WF!NLfoG;Zb$+}?LhBzIl}VI)N5 z_cc(!e^Lm%cG&0#uF&xiS1TZID%W0|5TJ$^Y(Jp6Kkt%yo-I*Rt$f|W4)2Ur74ea& z@+YH}h2`)A4U}UYYQ?_o_Geqf;i&@AZq+bnYFhucb}CC#SFa~smJ-a)iZn4_K1-c{ zwi`VvxM>~`Blh}?uQ;%|tIK9x(>fN!Gzg_5h#wfAPfrZj)Iu;M&dDJOT%iPU%GLf1 zGM+gPb5c*1#%Dxp?i^=Z0OK|6$^ltGASEYu@K;yRGGons{PRN2FzAJbSvh!uYb08} zc_MYW;w${ONIB0AMnCNeM!^N9Q=Y8F&80Ppzy(rXw#(yw&{3BfbYBc8eM^i!AUqGd zk=i1UrC=4Rhh&rfEARGzaz|TVTiad98KJ1Uk{#HU_d;(YNZKl=G46z;lrLkJ_2Nfy zoUN8Ke-T^j@S&Xji&>ZCUmReDZ+pIs1+TC~-yaSLE;M;~-x!$25)Ux^1e3SRHF&BX zf0IE3&kV0|s61G+wpw$j^a&Mu9+A|7Ynq_y;pl>+7beI`K!erDvIIf4i>9+tl>i^uNz>*G$MheE%xL$a93wvrYaR2K*4v_i1H z53FYY4(yo!h;cz;x0ITLIx^>b{&E0egj_H?b8pz+x$;Wornl>!e^gPu>GL|bKP-Ut z9u7G%Xx6wx1&;DdFTDMXI_7F$7u!c&c*zW^3Pg^ePr|{amD;~e{Y-CDad%&SP_hLXWJ|ClvgdqiD<@K)Yk>7c?)83H%5nE8pkA&=M(b<;7NS@A$ zFK;W6b|pNX{fLfs*g3>U*Z4&Jn{jWF*`Xnt04ax^2Ns1;c8pGvUX4+k{AUktA$h_w3f&l>k2xoTh; zVC&3pcvKHac=!@?FkP|=`^8$_#c@hwGlW}tW?{3aJnJ`$8Bo1T@X^>5 zv3va*+{e~CMyeuaHW9xpIysqT?I^hZ{{6f4&=m4G-Z=I^d7$sye2iLafkNAKkwDM-STHLVx*H|#e z?P+mMG_}L+Av~c*9$#csnU$x6B9o4qeTYW!lN-a@&*w2mET}^jA*lS>yYa~JLA?OZ zDu?gGI&AKKKRyVTAp73C?TaE-lJxWCbJ;x>A*x*1V)~|=69SoU%Lkls(U3;ocCbU9 zwYmBvqW7e(ZnLa0KX#kMvy~bCS9H4ExE0>~8tt_Om6a0jV(_GM55+PoZ~`zKH1ea^ z&Y%t_Q9AtinVmOl*59!`7gl!~jt#`g8$Cqvk(k$fx!zx&0jvvw)QtFXrjS`%j2QAP z&+YOI{+&_}RgxtGchzUW5T2RyPX%Ct&`EuYQV-_Mx@#)D$tHOdW)krZGX z^Qzb^8F8`Sw=8db7H6ulm2C&1{5AyNanN7}I39O=J=)?lQMF$jW|NSPeD{eg;@zCD zSAnZiCAHJydtb!+>u{I67JND5UyB+{M8HQ0Blv>l12BG) z0~LD_ zGfhBvumFFGQ1sv52OPkNcX-Yukp@km*5_OOK_iK|NW52YE-UNNGX`vc4a0anGcANc~&zH4V>f~!*{LN}DH?YS>gg|7v6{w95TOjV3-7#pceW=CV z5vxh+sTkAJ&-?2M%rxWYddm)dz(>MVy1CuBlZim=JH737K5Fy@YQAWw09Do3Piw)Y z0_GcJ!;dU(*mUogenh38VDxKSpc>?ia!?*>ql74B8m#DoN)Ml$5a~#m#hpRZ9;LWGKH%Q23i@lK1`VD^}Rk5<<7cFmBx$u)5Ua(!LIMzlDSu;n`u70la5R~P^u z)rfw~HG2c$;+n%lwn1RE91W>$3b!&eG)x^J+Ex?tI(!F849>f%`4}w0g8kY*5yKCE zqkEE@(C}L75C*J(-I4yOWD;J-xkb6S5|UmKCNe6YiFQaBbH zqypvEeUo5`Kz6Yt*0UQrA7|mSXp$GtU^~DM&fOffwlz0CVY!_V@wRtp!)Hb#tK6GR zEY*-FY_pKvXSWXWH&{x-717JF)D9s-5Jc!2Jpwc_K>sL2wF)TBD}<|ITZ$I!0Am!= z7w8h4@_a?RqD?+f+c-D=j*}m5fw)-YKq07ezXlbF1*2JjM(i>Jrx0h0VLB>+H_4@#;~)D@mN0eC0_-P8U- ztMQ;?tE^o=z{ndIt}Fwnr$b@#Y7=8?-i2KtaTO3s9{2%$wnN=sgj~0!89&hn?0XTIqDiQUlj49 zii8PvIMO4!KwBh-u_QbqNor|C+5nxmYdGzPxLss~m7gB5lL z15{2RPUh`km^GaUUIW-Y-xBzx1BN(uK*H-sNlIWFsj-+t+EZ(T9n3PGtnwGKynkk? z+^TZ>&M>mzoSCK>J{4LW3zKY=li(<*XTOE-LDBw5gLrBcRSl1J>b1$dtI3ze0pvV+iNg2-sgK_VYQQ7`n->ZNu9cXP%<3_L$^Nn@=y5ZJId&* z-Q2lLy@;x255roDF*k_kqQ*iXQQ>N!_#%9CTwaNJ-hGzqSr=r z3*n1aFDoYRMWl_vFaF#1um_}a122Bdiv+~R$lP@`d?3@u>i+dKiYeYCIfO2db&T&0 z-eMS;p*Dtz{UZ+R{&W%m{G^|==PPd4U>yL|SWY$8F+B#~m9f^Ok9`a?3B`;vIr!&q z$P(xOh~5$lKk$|>X;P@dMvkYtXf(?4o+MN{ zAQb9yH)L+D9&}z6jj|vdM)HSID1EHt=HuO#gf}tzsak;MVc33M?c%$#A4djmqi~k0 zrU-Ny^o|XS<24`mtaY`vIKPf)-76L^^b%6h41XH`y!&$>Yt(n^<`;zX`{jUGApP-s zpjzl-IT`8*i!mlYwf8h^s$9R*C5`G>f^=)GEF(;QcqVJ0A#vn*Oc2#cxF;hIgPEok z-t`80hHgpFJsV6$8ys)*-k)PS2M@DoU|%##oVl@Q8WYCplkR(nI8N~=nl)o|2mf@# zXl9D8y#@k|_x5EC&nRR(AvJja`HJso&CMBm%eK|txa?1qNi~sqP?W;vEbi>sGycWF z^GCyFe#%h@ZcmfQH3zBHPdedYcGbn~5=+lI%{vCRA&e4}AE$N0Zol&oT4cc#`i3}C zLoP|JL=1W8Kk9pqK2kRP>gB}1uq&}H)wXMt6?X^Q7+-N{X-F@Prb>SrGwv4LIIkG8 zy%y|_rRw-2)*k+{=>)p+c}>Ukx8G%IrfRKUW&h>#=j~hzVPKnyvP?9ad-s55c)bVU z!)wF@F!Ec03}J+GZC2}yyx8@IlYnD>x+KYdy6C;!t3FR$cd=c-?z-_CXDYJJ6gjMO z@h6^rC7kO0)I6U+k}?bGx@D<8hCQan7&=2R9a;*tibM0?aa)UVxkUP6`-sPV2PB?} zZEbln>n*aAjM%wMX|BX1%!z9)yB(OD1Zo_*iO~m-bSVujiaLa@FAnJ6xJ*5mR+dZ} zg3C(~1w=mX;!77yej|4`O7&e@=es%x@S{#-95@7s-sAuz;OK=bRU`!b|I1Zbmkt|I z3T(g0mHIb-yP>|A?mTkMY~QhjwiCp%CYq#XRDF*;*CmL4@OCP*3D-1n>l8c!c<&xTXMfWdHo`@n z@WO?8^F}DN)#mL=LWqNk_oSV!K3K9pXT?V^v#0&u5o4iTOgRm#7tDR3w1Q zD)d>tqRaF?LlzX^^?R!%8WII7m&K>myqE78d{(BNR%2)=t?29P8;&FBvS-GI&~fEW zev`uuI#iyf518tsasy-R)hekg440;djb`e4Q2|G2L$Ofg=`6cA(3% zs&2V_siU0PdBz@nY;k&#Y3W<9Or-wBVJ_(S*{?kxBk7O7xu#w(Id4}fdI%j?xjxff z``jVz?Li4!Ndow>g_`Or&XX!bPiEM15=Oh2q%6_Uw3wbcY-B7_qJt#NjA z(@6%WVF*#(N`p51r%xuIxg`OfE2?MLNi&b%*m}Cf4$o1{_TEBd5Y@E=RGX?&GYRh5 z{J0uBHaqPbAXt;zu;Ukh42uTBf4vtmT4(1oO8_7;7DMYMGxa%q&sV#52quk+XV+I|-q&exIGVU|y4AL+|?#&xk@X76+# zvifoo&N};Y_8Sg$smJYWY_(o9-oSAZ?rJVmxyo*!SGooit3pchqoV`KT*lBL1#@!= zrc`0B?bA6v=M|p*C?YD~#{kRXtCHzf-9MVJD@EpR%|&)s^9C&dZ+JyH0!aIm>lLhfj#TGCgP#2aK24seiYsRex97;j+8H zyjy!9;wkPGE2;jcVFp<}fh|HA62esK3=(m@xauVrG_1ve9Vyw;j}`2sNi6RR{I07` zdaQ-hb%^{Xm@Ur<{E_?ppG8WX+wf!L5kP9UpQGNZ7pZ+??}g z8i19?EGKgNl(v&cy{v@xWPV+hvVK*Z7vRbCJq*yi%3v2dUbQzrtLu+y5V_W3$~v^$ zdjOc6_I09=yHx{&n9s$+If~W|22oUs)C=^e6Q^aC_bvCP{hgx7u6Kf*SCm`H4w9JO zcY){pSLK%HR@b|I6^F9-EE95@YV;pxfNTT=HkI%%$Hq8B6R<^hy}6BIHk>P4;V@OX zWFQM$sVTX7$m6#joZ{EtV}4o{O|&K#w?AGML<#`g5<@xC(ZpPK8W6Nd2+OJ(lppz- zG+>uW*Pl2#o}`@iuOJJfC7RfWm3lJ;1=>Q9Zd2fX`>uRru zDjGRb0KGSOqb*VyXQ0Q*%YvBmfMt+pE4#rEibFv<<4~n|1D^l@Q*dwqJXAD`Lcb;t zRrJVTMTYLPT#+2~vW5Wk?tlk&iTWGG-XKXMcc=#d8W5GQadRV{ff`b|8zNcwo*zYm zl2r(7v`6?f<3>rG!#Y;eoHG69e`X2^gbV@35CIinLTn%ax5|pweFJo@6pj0#U9|@D zEbtnQe2b6huoq3#hy;lp5Go9r5Nz5R+BI2WZVvH{0OC0}$Qhb?BSt~AMBM%P4Dh>L z8=nXm{{lF<6%){vP%=#z@+iu78M0#~WGy1yYmC&dbDUMsu#xUXh56!s`oSxzUD@2Bs&(0Vw+CJ4|-V|7`_0Oj?j3AjKInT z^q#iByA;=}(01wt#CJcgx-rq1yFBPgZ}Lc0OT%l|x4raJYhd{S;7k*DD+Sv_Z2 z9zQD3nyBZMF73L3_H^cjpWGP-*9{1}*g#a;haWVm{*&huZ@84NoF#li^U;uo0BT@2 z&C;)G55diH$C|)LFB0ds8T@$jqu>f6K|#ZM2WpkFf4}<+;E78C%@iyuVL>WMn!@Cj;6HG+v>j%dPq$Y!h1kT zDiy%GD}943dRnykI0A}vK>iwna88=CV+aUhRP=iDpo-1ykB)Wg ziJ~9_x2BAc6gZPQ{{|@8IXEZ;kaPn{UBGDy6vEG-~PBR?M`(MMu?u@D6e4Pce zs~fys)fnNwgL#U641SVW1_u%Wj2ygRTB4smQ*%Swf>`o^v_-lb_5`TTq8{ni8f-&kfG&C>DyXC8|m-cAc>ASuRVH zmh4kaGKNp6%7N<t%zzYH#4(AnkO~t?77Q8=rXAv+)Wt6)p+u|SC3LVW?>8VczFAHrH^7yF3LJVeg0v?=C>!ZtK|tn1*^*FP6*1_`!8cd4 z6v1zAJIzUh)#@?<40FE12etH>vx`26ow;6o2%b540g*sXO>~b3JQ^_$v5G+^3Pg$e zOK8Uk9m@E^O0sd(`$x~a$Mu~uu6X6+Mn8;=kLR~~9zFzki??B}GojFj;xb`-3&?hi zAeD$1fa#zn0Fic3(O-zcn1IOQ{u@ z{FIxj@qY{XA~1C2yR;bmC@u+OXsVwhDg6(JqzjNx@`WP; z`K->rA8;x8&Cm7WQ$&O+rDQ1o;}`vhe6WA~W#aVCM=9{w-iQIP@~3Vr%*9~&h4@=7 z|3`1N|GzFbHqMV{P2W=dm&eC{e3U>>le$*PfNHqdSiS0h1dRTd*9cb+Z#>CANmNmEn;kR^z)GiSVhCi zlQc^IU2=eS?aj0o;1&_Xf8J)nqc?i^yaGI1P;qk#i6XHbv+fX|+jz1WbEvyiOu4#g^I1h66?`7uN zS%DHmR_!et=;3+*XII#9DmN&cJho~k!j5S*U;N`oBc5mZa6lDMQyo8I1HinhioDBn zH?05hv+SS;?6H!l4IbqC^=X1vAglp8yw}iLP3uOSP9;}o$nYugRi^E!O=Dc~4XaX? zqWA0jM>kx#Iqz8jHeCXzfn_d!lmzO5#*HqjU>MfFGToaC>qVaIEr%b|x)J{4{dfUU zP%n?P*G-N>S9`9f*9axnftWc~=uH0e?+fEv&NfPr&y&4kM^8t=`PZgY z*9WJ#cM6QHb3lR}np#mj6pWYaHVk6&hic$yS3>~J~FWP)c2ZRrD3`1R#+G^}>&nI<*_ z`QqHT!4vy-7UtS%s;kEb($|3n7n(|&Lkl;k{p+vJHqBRmeCV<+zDX%kt6GopZo7T& zE1|x_11LR;bSq(_kk(BKRoyE9%0{A(fUptlAkuLu#|{R4siU+V>%dY)4&4)iN0a8z z1*Q)W#ZR#)_&ICm{m$W0NU)_M0x)Mf;q397JVG@|EVXKYZR<(WcO-$>7tqE55MB+t z0oc(Da8Dr^FfW)StGgT32t$`qabZh~aL5qYys*rYJFBT_zW^87sDK5Cy<`W^40y{w zF{YXThdT7U0V|N!O*6fi4P0EDg=9H<#sB1^5^K5xN}tli%0cD5I0T21=Eu!#aIcJ5 znvULVO>DW+oLW3LvilxWz8*^)9b^A8^sB*Dz0R2I*FH~jq0_NXdIBMKn7~t0XU&o66Ppfg(8CGzUXKd|ghu^V9 z1{OQ#{HMpGA7JxtMEJMr8BmuN711kcKL1x4e^bx@kDrCs$IAV{DFtn^|NcMrcCcC`W0^8D834mA*){Fnc0jg>RwLn1I z1rb0Y`v@t75_B%(kAudyTR9L?vx{$o;pP^%tAK+1KsSZzhMoedun1_KgS4h#+bWzdZ zBLm@A!(1CPp&ci9Z*udVDCT}u?VFrfO><8}UnbHTbywR`l*L}X*;wLF7DVD4l?g;x9%Ce?2piGY%1Zc+hX1kVzc_=si!c1PQz{8u1_Gkg-hys{WmtHa2&BCzAyvZY&zwNKZL{cfqdALF4S||AA?$_F~gngrt zqwAMU-eWL2-d^c%Hp1S&y4D6i}blt;9bYG3vq&@cI*?YIWDFQ9}kLlD3V zFhW)sKr(Npw#i`AB29v zt3#HO(4p*Z#~OC`Kc*ou7gxZYqMn{6f(U^)?0bpjK2M=F@&u@k2_XIQGQckSZuEZm z6evYBBhS)6D|8J6MDoyBzXEIn%DGQ)#KL+hgB}7vlLmh)5LkXDFMSP?5Gw%8StD`T zcYO7iWIrE-tD}IpP-ak6TvHD;r7vo3>Vd>aP%@XE&(Vg?TL=uX2gTZIT3&+@e5u0( zG)ngwPp$BS!YI9zlWKrc1)s{60$R0TX@E@)fxh>W>Y6Mw2DWlHJR!R2<+sX7W31G# z!u`OfC~WKR2W$b+kZ|aB;AE)aH5e{Ar^AP3k#10a)-ZpvnTQ`43o6fK-cIUOooxXt z{|H@u9&rP&cf_%&$SxlrSogKPai6s-r)u~{{f zk73Cn!!5q&-H-@_VLQKss5>kM=vl$?4`lTx@9W(Wa7y zq_|z)q~EEd7|uu?%3A3uGYdaHQ(>AmIqx;C{&@U* zPt||EYsj~~8r&$Fjjyy0(@)iyDEYZby>OZOnN@8jhTGG6_J#irHR2iBC$Z8C$KZBg zqF_E)$X84wgmfJ0V==D0#*obR7P?==$r+Sq23>pwy$j%s5kgeSF-1qv1%AnY9j_vd zXQrz$UZ39gcfvS}Wo;jdv|Q;2u@RcmB&x}6Vuhc2Woi=Nh$m}iszjS_0jD}1Q-z*663Dh&!jfa&89e#rn*r0cvbv}w7v zg4Et4OJ6aa=P?JQt5s!KI9*4&Ek2(7PRU#Cd2X2i#{hr-A=$`_9_BqBEq4lWfa`%? zari1b`}+Y>>!+nB2l>kd*Z8}-Nm*Mj?r`2tS~2$hJ7zmqRFFyfJk!Grs&F->`EIq< z=Gb#2n%v=m(d1Sdi|yui@B`>Fz6lhhrqSLC09Wd1V6-e6`1(skNg09xR#4T?&luVN zW7#KDw?}ZV;VG^4X5P4I2sCu2>)S-@`Q6$25L0?5fgv{WFq2a_boMM`oxK27^0YZ$ z@ImMHiP&L^;i>O>i-1$Ogjx6YPIxFKMb0_P?eOgkC`|1>59*VaK`Kb0CyF8#xk1_< zgo2}S7b6W)FP~K^ir#LIQV}bpseWiz@BC9C(7`q@Or?Fj40QtZ4+_|hfH#LVgzgSj zUr})Hv#n3r@-j4&YN{6?b|_(5qW&4aC3*!aFPdWZu)K;l*s2VB{Q~V|}DzrcB^&>Z=CgK+b!&3XL8G zR&Ggzr1*-t#cxnA9)bMm2rvQ3o7g9LjB1@cw>9E zhX?)iE~Hl5@*YQm)w-7Y%cFnFBP4ldqq~L!$OyMJxAXOR_F{?8<}q_-hL0K|WTJIh zdlnk~Rnc1&-R4W*pQa7@9{;xab8FW9G+X%{z2qS6J3Mss6ocZB?Zl}_mbBnI3>F%z z=q|x`8Jsofi_{+Mqd)mpY@1jA6{9`rF?i};&}d2{SwNzrKX1m&H#lG5C@Aae^oT7i z^op%7K>oNeCZp6rUPcq^V(?L-nQ)>>vH$1i?KOfi99ajnd~cKN=*EPm4JhAD-)WER zef%kA;{`$cs*38<$p@Smuk+5sKgtlqU$zGX)rgs_ncSX<$GeZXJrbGpN}erO`{j5Z zz&VU59o&7^E>>r!PN&q3sdjB9 ztn!?(e2N%UrNrmGjuP!j_AQRU@=*86@sgGdeB`{$z|p=rUzkE-=fpIA zr#1V0JAmE%SlzW*iQcrj$xD{45ApK~XaMB`DvHPqbug%Zt;_WZG8n;+g&>}MosN{$ z(^0OF;{ryOfIwGVPbYC(Pp;@SRo&8D9}4t7rnjf4WBG$M33v*R8G2rSwChz4BpI+* zhBN1T{Wu>ENp+P@6W^uz@<_PvSQQC_NpKlj@)0EjJ=D-C3ROF`I#*X+TR>UMtc)(q z-j82{0&3}h2krK5B9~_Hh5dnr(TD2G&bUUT)%@<%QghKCGAV(7$hrt-;RQPfLpuCl zkbQiEitgX8{o>Bs#26cQ`eDVr>W?tFXPvs%8~H+qU4q|y&X&2GC}vZLr-fi&S0+61 zz`mViHwUmyNVqUVK!AKDxyv_d`gG2>$14V!;<#g#`|_2X+KV}Tbhqg+KUcrEHR^1L zs?K@XZ~U}gt%wo#Mf!8uuE;?-$rM*v3}JA(yYrMBTTWLGTMQ7PCI%QYnQpnIiAUBt+(Nm?yEH)rCR!cnxd`ltK3GG zO+8!D60T1j{hoy;_!ej?cH0YYi?g7OfPia-?@aP zbRYJQ4-<#;5j**Ew)fUs^uzGv62oKK8gk*`2HIE-Uu6oSMXo&VhrwrI4ERae`V7=@ zEF~+6T$JW9=`O*f#qJuC$ff%ow1#dN?dj6rZwaiRiwkzUdKh|gMg6sYX(TmfnOgP< z%kk@3bpbR7a|>D_R~)ZW%S&>zJm=tNqamzAE6#uyULNe~KE*?h_YHAY#)u}p)OLH!LHrza47Ge-X2jln(kE^s zLVx-y-my(<@XU%6Q#dbcr?ybqD0wOQzm`0nea4U%Jbao)h4;eU+vzRw`nwHc(;$^^ zxA-8zYIt;0)WQ7$FpykomYH>FFtQyVBMPqnO!jQ#V_f%BK?dxy&Nnis_ls@Q-F1W~ zANJ)>>v_Qx#EI9qIo{xmiS7s#dm1 zu>I_Cd+kYH+)j0|a8G?gcl!FnfX}n$>+4GZF(m)>enNH2VsvT$c0#HITkd@sbc;8i z;)h?5etEU!ad;EYp2Y-x#0j9B1=s0W{FWOFYdBXzE4;k!y$|ss^ zfc9i*m<;H~-1z5X&(r;7>f~5X+i!7c=wm!jH|||gD6|@)NNV>$_eOm-cMj!U_lA)i z5F5P5d-*r%mRwrpZkJ5G#s+a>lB-IUiELsro-~<`c9Pgk{n4|nHQ~*l{A^xMTGXX* z3bjCjL_tcL+(%z|cM?q$2Q5UYrbWL1T__8jz>180gK^91rD>pGqAsG=YC?#)8OPQ( zguT;Cy(o9f01*;1aIQ{}tA{cDZ9%R2?VE2ahBl0AnGX}Dh(0q0q%7bdxT>;*QGeIj~aNzS+m$s}lhpTQz^jZ4l64Pf; z%fglmMk1rmGwUlt87}2G?_dcBOBm(snj%X-GG$%rM~xgtUZ1!2x|Xg^>r;ukcPqYc z^J2Yb_Q@x??y4a|)SQ=`?_iF}AH6V*I3V_n=rtuI#W2;FLPrsd-hD~DT*&~1NvKbn zeF!Gbl(vi|`xLqI$gc?gfPsYWeP5V`p?a05TzxL7Y**Cdmn-o-#O;ZF6&C~TWp-UTfL;Vw?-#~(&=+SoPp@U)cM3hW(ElRjX)KJZ>&?L=GLwv|T`QvL zf}^lYJOO|Dn2zi{%E_sE_xt_g%>(SviL$lLVfi$Vt+@8Iu4)uv z0{Qc3rha;L57X8)$EY)Jf3n#mW`_Ph2y}J`#5c@IpvtoM#0~D_$Vb;MhFe29Kn+^x zTV|(i*k)&Q1wC7Mf(~I)Z}R+~Mr+rMB_ekJh^<_v^cfo2|_cNwho$Dvi2@ ztefzHFt;3C4rfzSQ(8~O*u5v*rObCU%YV|z8h(J*(3*x&apH{EgV$XhssaVCv@j+} zC_rVvSAuIY>TW@e*J5iMA>=6Q;L)~3+&mvQ`Fpox;F5@oOb#O>=SYWAztv6F!EZE< zxMm=3a{Xgh1u_=Xd>u#8xbNYm)XP6d?e7fdCh+tr=JC>~S_EtPOm!Wu%Pdt}yEbyN zInK7f=(o=PS#Jb=A`YuR$3r%s$uuC*Q`*gu(KFP%w2oVP2Cw zK2;BYVXXblnSC`SZ^%DqWk~0Q${dB+cv|IKO<&G+w>&1b>!KY&pF*oDcE#Rp`5f!( zP@R^~6}yOz(%mZk@=)U1gKT2X{C!c08X=lmeipOITI``xwhSZfdM<8Gso90l$)hd# zZ1<3=Oyb`*-!epCUWc>d5^Jz8_CKZ%Ms5B~`AxJYU=$!F zObeONT9Y4kj~Z4Kr~N^hcZI){5~O<`iR{ag+4zUR2b&;HJMWV%rsu1L-8uH{Nm#aa zYo=nR_Wk0Iy66TEq_mmhPCulk-rrIE(u60hp2GBc;wM86qjBGimWMrMzqpOWo^>jV zmO?T!{V%6&wRbhZP$ZKzx!^6VaiL1_I3dz3M(QN^jD3<@({*n-oYC)@Y(H4{b!^`axNvza!4d?E# z-gPZ+oJhnKqqyDxyME6?v@g5eJzV+YzMmcl?;mM{rIU)se_gD`w_a~E&YE9+?G1nr z`wE$TztG7`W2r>i;vR>sgln_LvZOu&vUu^w%&1df|MJ^FjUhjLji>u?PbhrANHZ%a zDk@;-$_8FS6}OE`J}yu@<84moYwf6?KyN!WgOOy znH440>GgHo8#|n`**-j)a1-D&#`J-mzHG;s6(YIdRl_6ZVkF&9spDTJ-Yya@bb}9TVWPIWdQ}9PTOCr1j zD~@=mL_{>_YNyx)H#B7W(6}*Cn7TciCG<$Z$+Hd%2ppBB=xmRLtx62o&Wl8m{r{s zO3p;mvKg{U`Ro3Nk#JXSo!XE3#epmz4AUGjpSwrv4jd|I_U0X=@wFIz`zV;q)@Y#w zW6IPdJ9q|J1Qm3PW{^{WPcz48ed-GnDX0xHg zI8j5Dkt*v$p(RE36LVu3!`F<+77L}(xwC@x*URPMuC$u*i=A(KpqNo`wDe#eauZcJ zRxSBB?@9fi@AqS6+1~0-x|Kj7yoBa%#s&6G=tLA)2#4{vM-Qey`!1BjvpAn%D8pmM!e>c=bjWv9iv8qA`O5*t9>O)aAeT_sEF5#o zp*U@Of9i$#xDzWK>aINa28%5DXXeX+UVIp+rKSF(<_iq>?G5Tb;>r0F9yr-}vLCFi_55PI!jB9mBwS0P`)nSqSo`k5{I&1d_sgg^y*61v(Ml-9ZY7)Q z>5avq4X$S6PJYA(Wz9{mdK?jPddk-4=VSlOFKy!G`p;RUeMjz0u2*o?`;L){255Qb z>yaaFa^4OG=y`n0=|e5jP3#-W*9P&kaI*D$@4aaAIZb~c@O%n6e4*|y7}l@I@4&U7 zc-SW3w~GXFNc=S!`|=l8mk^=Jm|YqyLhHa68%8Y=`W19OjnhZE?d)@|B(mQ7Nw?PU z<`|eWdH>BzxhOi8>J0Sk^4uyPxGnv4;YG_Y3!d2yp3)T0p*r(9uH*t_RCetbUtC}b z#lJIE0PZ{ez1Rz%-!xRRTW8R;0h5sF9ca69&jGu4&v2gn@__%9s~~8DcUhMWg6TN^ zZzy}P9#n8kAOo9OSj`Yh6g%A6EG{Vv1KX}DUhT0rLp?lG7V-7Kk`wMaN_r!xSaCYt zPdObqFxwWn)@e9*90iLJPvnF7Q`q68gZ!Bf!CGB3*tK*<>9fC4ePmi~+W$G_G<+w& zJ(XXL_%6YF+mZad7#<-1Uiy_E38FiMfjclCZ^j7Wwn+$?O|LG`dqC)C!W|oW#HriP zoRE;UVIz|xFlIV~uHn*`^NeaL&BM3_l{hFinhMBLG6GT@3pjuW5EzIE zLQp^n9T%i2U5XBbVMU6xgx*1e2m%pF1Q81iAT_kmW(-mSQbQ3CX8&(y=FIMgJ!ik{ zht1&&AGqY4``&y1_kDiP^JJVI91J||QyUagNC_C_R0Jf6X|IkjpT-x8DP~x2CU;qM zK?iY$X*x+t-$3PR5%9+IAT$b$Q%iML1~2p83ugHIaFf3BZELUvC}esQboZD26!gZ0A7i4cn%ZN3^ci6i$O zyrd$LL0&~Jvfwq?a#V9_NfkgQ?5*RdThW!;0ayLI%l#E1gi{+9{C`0fV9J1Em{7Es`Z)sZjhk0_>X1Jp zvfWIcGI)DBC~1RVPJY0Bi`yxqNr0EA{>v503AoX3@7zJ0dN8z{b)8se>7n5zbKM$(jCHl$ylPu~=Uvb|gL5U8wrBCLU}b#aA_ z)PuF9DIt$Lj5L<$tiRskWVc+)h`Kp;S-km%1>aBaDosMZMC}EUi;DmreZEr;O(fc> zoN?>=>Zwga^$WUKTFm{m*dT>FQTz{{4eJ^+;>d!b)}kN?roTf)A1wrJue){$U{8Q`2~7+Ym_eCY~omxB9`QiVIWR&$6foB|q!UBKitc zcllW7o>kahRe0sHW82wghih|#Nb4Hix_#ecOkJ_$z*nTw-1*uE_w#`VzU5!R1Q**f zqfJTW^6U{^N_Pn#)|U9M5IYTe7vzIdW@+736MO1seV8F#lV zH_g3uyYOYJAS5lk*5OGjzKKmzFY-b~wDQ-ktj3??k#Q$V%ZB46F$BJQ?-ra|(^HB< z2d#y8I^;^LPu7q|ky}?8z#x21e(p;d`~{J4U*JJ+0gRLX(7X}SGUMJXp6Tu;sT8S?jLsFzZG#dXwyV%o8Gh+wp0eO(^k6-XS~6wg2ai5@A@{pVR-PQzJV z&P;KtA7DA`jr`W1xtcfi)Y^;y`HFDx3uV%)FRmYIpDrmHGK~F8cf7C?YQE7X5AhKk zC*@T4UG&z8o24}*Eg^x+bm{>E_NGC$YstWAiRhVX?-4gcynL+cShBaXknYq*dxS=! zRuBDG6Qvi!cWxFf-lhrBD@Y^3y#9RVRHS}a?|&B%;x()PvqKG~@PHa6(j>#79lK45 zW1-M&vtE9J`O3m?xYGcu^6hKiM}{JmiV~_*^=Tgiyvqu2p4zpIH;t(o7Qh*M53K>2 z!)Y$^ZFx`r?whSS>B=3}?d5_fMnithJNH;>xVe1z(s!-dm^Or2g}=<2*906|RQFO4CcK(q=a? z*SK&AlHSiq?(~*%6$wlE>;hR8)XB!ldIhozEtjLT;Mv zHrZImaTC+~V>P@nNhI7usbW&hr{-lxi&0*3I@VxL`Vgm|uT&ztyv5(6#9}RTr5gJ* zuS?|j<=gwrCgj6f_X_vfeXlC0KQVdXJ%2+yR^0Go*@;tvp$%_-8#>H*wUpv*L9W;N z#;!FBrmler^`OSCudjD$JS6#`CxON;Tog{yFN)+jMQ?N3KIfS!E0M6@340`#RanvLwHc1M9E6GUeqUh4 zq-DDD>#`h~#YR2qq{?R*6S=tOr$Mhq7EQ=W)!F7^|L6Z^N zd8pOv7CMDiH~`j7!o4Bv^x{x|mARVrSe0kBl-WV3(E7C>mXlpm;_>-ToMM63I9r58 s!A!qJg9dU=yXw>s-1}qGc2MPfoiOC;$Ke literal 0 HcmV?d00001 diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanExampleDeploymentOutput.png b/infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanExampleDeploymentOutput.png new file mode 100755 index 0000000000000000000000000000000000000000..5cf4f76872bfc2c6bbcb1512fa244c6964e1fc31 GIT binary patch literal 94947 zcmeFY_g7O<*EOnQLAr$w0xAMQdhZ}2(pwTBR6%Me(mN55B2|IVJ5mB9NC~~DH0hlH zp-7h!st`IiKHq)E@O{32;QnyW7>wlX!PzHguX)y9bFQ^MYHKQ!lQ586yLOFS<@HP5 zYuCtvuU)%dLVTMr(*K!aobYkoO;`EFHPispI^pD|je>^4wQCh|q~~vL5zgsn{LgLdjnU3j`oa#I)mB$6Nv$2Ik&Zm$)U#vY#PXW zV2w8dY2du3i4=W?Zyq{eFJ6+-_Sx6Y75Yl!u{eXSGkltwk<=vwqM`b7!u(^&a7;{nsJc| zuQ9@@q~n;__P%Ot=s9(Z(NaC%7`XIL#oIH|>bU1f z)aqO`@qMaDsk+oBG`1OvhJ3)1!U?wlU~4M(cJ;s0?mqqtl{Ck>QA&W1cH){M#ayX)PrV$x^Y7Iehkr3eWfxBZTtBl8$mcfO`r7J1 z{t@7fy~0CH(`{gD3%{Y^@|v!k+qWADNYxz7u@$KsH64hd`FEa2Hwo`*gm3{jsG^G( zYtc2JSE{5CKLY0;<2Bl-uJ`_Ia`cY*9hRLhIiq}1>Dsk-zDE;?@0mvdPXGI1{^H&? z>-eqJbIzfS7%7m65lY&Re_AiqRTMO3g|$jZ%zT@yrMK93^GaIfP|;7{^{Z*V4198Ak2|+alA$8bw$yE?)GyOp*=8VE=FScI^mm+l zH4Z#5r0%##zqgaGv|e19M|Z%?K?TYcu{v+Kdh+k{y{~$tKy^*t;JzE!2wq6pVpu%m zrwbQ<{A$<)$2Yuftd-Plr%!SCj`Pi{JQG=FL{HkU`I^@_DL(rG6Ina0mXQ`Q`GC_u zI@u{~stv8}mw7QVI!??XQ?=}XqaU_P9u?t4Z+Z;SdT{8z@J`rGiPKk8iq~^^-WI>J zDF9ztXX$oIJ)A95i&ZO%;9B3^THqpmbNDb@IPA zCrtLZo2ParuP8fk`f|*7|KI>QFRLdRK(&0PKa+cM)dWsZzKTNC9Ye@*VwwrB&Vh2N zb+4<+&q7W!U==dYu3h{5Ou5|I4QoZIe9mm|^6)LVr1NxDK2{2J^riRmzkWECA*x}c z1WXx{!uBcqe3@gyIh!j}k~m&`u}GCZ0m(b>j@h&1_%o}p_Pa6G&13Fl-XQx9p1HI! z-fXD0b$m4I#UetqNi7>fe`7hnj+s<57&$(wsd|hc$ZZ#IMbP|R7F)cG%W0f?C?@<;?5On=esr&9bqhx ztRA8wDFftq)mC{3eOmFKTRs4Pq%piP#`4MJUS*?h0dzl6gzFsn;GB+AENLiQV5e-p z?1-rdExR;6R(v|^0lAd7uR2mTic0^CTg>Cge?w(*8F;<1 z^XRg!aA5~#jO>Zo1RhUHvv*-fCvV`_ey9ZAyKYoA63{6z<#>eM94Q+wp%64Zu{b*` z%-H@@RKYCS)MYlYD%t4parid^;aM-Sx<0L=<2khq?wG#iDG~84;C|g85f3jOyFCu| zFW-0RG0?Tou#s)m*F$TekpbICkh zs#i{5^9_N1oboA$k&eU&NPQ|ia`6w_pYWdOh6R+M-InZEtg^PJ#S_K5W}M(96w=N( zNAR&h(*5x1{P16`^9-iF7BzWa&nE9( zc>#IGcfXhUgKMiov+1Rvq2X=BKZyPnZI9%Ct$a5qMbeS#Y2c9D=1h4j(yhTCxidel zIDdL1aU}LAMA>T;U-)u;a$d`J=9dvJ_a3LLNquP#!M~UMxJ9p;`mkt{G@p9KC>b** zqN+125XqdK=M$v{I&jKeRf1TpjUN8qbe+IjnLX(QwDE>Lv3&6rpu`K3meZncyqN3V z5wJC&qh`~Ci$8zOe)fo>L*&r<>Q0zQ*#`r&f=G7Hsc^$w;^xb@7jZ$jFF+W?7p$1s3Y2EmTY-<*g02PZonD4 zY{1-oJMJlPh<>Y4{z%6`qJ=|Iimhe(F|YG4(P@L6X#V7SlcTmFvXvGvB2DZ-n2$%t zB_tX*`^5bA>JC04$?|1zyigVBSpA@s*3;Xj!}F)UjuO)3D1zQCVFc$o`KS);BC}PA zm_uM#(7ld!wn-$l<$6w#4415_Hg%oh$ZgByC*wmvoll@q(V_3XRgb z+F)_3GXB9*;{vVyvIG{(`HtwN^1^U+ZU?BL9Qbqzt?0+KLf6zNyPR zG&RB@*?9!eDzQz?-uB&b^LsXq?X+3Tuc6KGRL4 zs*7Dcr5_Z&E7m7eqf|h$168385E8aE*2DPJSbja+n+@yt5j|K5xLsykrA?1{dh-g~ zL-#A-Rd3*%7_iNBn-p2Nu3Pllc3l6a!}0ux}u7}gjUR! zfff4pPL<=nhQEp@Lz=>iqM;Vl%-V<|E}f8g_(hlQie|+fcm8cHynVWflT6f~(;8NV z7?ev|qGfV=wRS=VvxsZ zwM`TQN;iuH^BidJuO6amuJJK;aA+}Ei!bAIQ=KvQ>eHTK^EZrwaf6|o;Oq+ih+19f zVh%se1dYsNP`z`QnEij%9gLJUv4R`(`B#xgQnW9u4jxYh)_iVrf5d zENbvF6-A{v@)-KG!nC_-JqKhG@y0=wX?}6Bv3i}Op*@>9cpJCul}n!(S7+j#rb?7i z>!45}iP?VJX0?-w5bC?mD&vlRv8&;$HuJaKKl#ezcSaTed~M%_Gry#M>~CQ6=+u$9DL;XZW}i>8jO=#IIS+n)vCZ6un{( zEygaVp|z=Nof7Hi-x!ctqtQa1wqZ%Fj$yakS_>hA)|(S{ZzeaFzXm_+54c?|?7~!C zn%n7nRS&#XMF7uxsCItCEAFE(2P8I7a`4>ID{fah+lH>oKnPF%4^-aAC50(SLWtYP z>_S)xFhMTC#3b`sdc@3N`IcRp21`mFC$TcZ@h?^S%U*AHmF*tBGo_=xk4*q+4|v;WvJu+%E5s8hvr6lv0t|B6=?yrft_6e_#gu^ zQ*%A(8NO{O6kw8snyhM$otdg(&VuO}T_mtF$e<-0gP#NU@&009WKEfU-mPHpr>5un z>n+rCA>Jz=>w7ZbJ|#v=^Az&4*pth7?CcDOX+@WK$c-J^JI1akKJaj)QkpZ*nm-Rj z=kZ$6b+(RTg95plCc}k~M=n{F6Aw8p69Yn}O^X1Q0ZF`n91c#jP(T$cq?zrHhaQFv zuF0XbqAqxPe3Zo9$h}$5BY&{0#MQEYBt{=G;rvR+Ro$d`MS^^%P>p3@PIQ0%2zLJ+ za_?#m%X6&d_d&VV7URnpN>nb zCGD3pX?-NCx7_YC5_aPZq<8-B<%+f0*n#HnSY-RmwX-cD32fEoQoIoR zB9i^1pl5HO=<7@BptC~f;L1Qfx>wwW6jse&HA(w(KFYLnzk{V>a`MCg!CQQzx;$T# zy09yyKb$`s1CGuJYr$XWaBHFl;=dt@vocmTSz*79&wdO~Yy__P1qh`Krty%ztzD3@ z0Dl@X3_xado=ojZlkA+|{0GW5<*NiJTM)Oq|3~bo=*{dQPrg#kzpXz0t+%y+MQ#T3 zXu}zwln=Q$UIU-hGM0m8hqcOFmw%3IY=o-*nTQbJK5lAO+7yEqmsvzbPDmEyepIcu zj@PxZ=4Ah!9x+?u?f(8*xc8_#Ay(zdcqncH2OrUw*B^24b$xlr{^0`b6+Xf;0JaDr z3#pKfi^D7{UvQt+WW9G>1)1e$1SO>Vp9LIkillj2eUoGu>|vTQ8p9f^WQqQ@F3>?}n@*KaQ|d@eRP z5UlqrIE|L_u)dQun!n?1Y^ZVbd>hYk+b zZy=+r@;f$s#F8vkKMsD_+(4Z z4^&qr->s1C7JYGAd?7#_?h>tk%CrO;>|*StU7k$U&FP^=xE{+ArC{cih2Vz2+%Cwe zk_~f$??hiLRZW#aPk1`3+8}3^MC5U`i^+M3uK8av$?&)2l3_7<)}7$Fv$o0DNG<(szEwMSk58M4>(SdROU5$h8KtW- z$N}%92Cu@^JB^o zCVU!t=b14bt<0SgMjKcDb~C+EENO^Twi-+0RaYL^WGnkaOqy`V{3FR%Z*K(=wJB#O z*{v&jK^1;NYb)Fd9N=OS8EGnEYNxPsr^pTIv|X)G1FwMDWBA5H@E_`8)B2$632~g3 zy3tpstq;WcF^Kj_vzY_yg{ zeWQw?^g?EY9>5<8z1+hT*r85DfzG$KWU^|n2Ab?6MzYFv+j#C3)GhNHwb=&u`uF<0 z(J`34WmgsQLH)ja@n)~%3d}rZkG?vG3=E18ce|4n4`lE zKIHr|H1^dTDx=^-=UfB}ZfNppBa`g}=M_m<;WU6coY>xA!x&%~k2nr$6A9cj}fhiVYy^J&D_wfhte1T)w(tBrkA6<)TxR zQw^TLPnPTQsWiq`4qgY2Q!Sh3%}Rc0os4Hs-BePIuUC;s7vTe}U<+MH$!r%*&la{% zo|pzKn{Fac`EGd`y$~3oVTw_wu+rGQ8$@TE9t|xpaS}>?3K(b-Wh&Ob#I=c>m`Sry zB|tA!S7w;c3Zp9^Wc4%%HP{!LpsWrw zvQf*t#07{<#T!g(FyI0PBuq=E6Byej%a<7E%jsQ;Ua+oKRB->UNGMy0yY+#r4?08H zCHBaaUz}7>B+xgur%b*uS&^&Xo*k9kslmT9nC0ge?-OlAc!IS@smqKv?qU*~!l>K( z5AE{_iVE4$*vxxBSPE7L&MgA7FWwwWos%Ohbc)TupD(`%7r9VaT`u2)pJbNxUtn2# zD1zuPjZ+DVga_B;NlTmhy?=E4iEvrfH}4j*y4w<{di{ef zS0WW3ND9N3TWOz18OVcDj5iP9KA>W%*JrNM+BtWKUa*1&=L;9~80-J@E{%1k>HWT{ zwHSlb`vS_=h>eV9pM(_x25LRxeT%?zsq z{vYn)`nyR(vK+6&EO!(`0y`0tm@iI-rW=JHvDBUp&YG2Oc*)GepvTxF;O9=Hq)o-D znV7LkRZ_{v4SPVUkXeTUVEH9^q+W@M6Xj}p@{Y!Ssq30cj=I)N0?R3~3i+161MKO> zBPMoPzF=3VwyU^#&Jd%k7FS*v8sz*G|JcxYu1@ZpXjW43LQ8snji~tv6N6|!@9o!2 zo4e&rw#6c`AAeET#r1%)%KKP4xp^9kKjOA@FUN{NI?k{^3v>*UBO`SB3yzVk0d_+t zk}TPUeInnJIYoKfc+trAJA(dmbz7jKN;8eozAG{`x(`<^&rVLk8Gc_#F%#ri#}aQr zJ^G7IByc6BF}+xRQ&;CmxWf!v;&?Yh!e-Nx(*!}%dKfkFo9m6VH(6%U%j_hIKAd(% zQ$=l6ZR~H-ez7=A$ueyMnswP|`w4bt^GC6IV7%G^27C_A;RuinQh5U+7Seu2C&Uh=g|p09jq zl9baqfNJOJ^!UlUIoc068{=in3uhOt^fzQ!!Il^lzgr8yZ$RevVi_^z68*$#K;DsR zvpc}{mMw@?|JPoPNS(gW&V=7J1!**kb8`-gRn@)~FuI@i{dp3b&dt?b-wKP-L8$TT_Z(^K}cfJ?1-L>ByO@m~n@ za^Gt{2hx4X{|j6}V%Ki={-#DisZf7;xna7 zfJ?23lAPRNYcW!R0T=O6&8~XUcH-rg*exUb+G5UK@^5MY;CRkrV0D-l@#SV9T#4Lc z$9bY<>F7@S(*7@JYt2Ut1|p@JQdiX@ym!*dt2^h)=Dt0K<7_9xqIn}618-rc@AIUM zdn;APhi{G? z{+3VCRp1uZEO&5%b%Q%PfO?hw%sVwBaIl-!R=XI?F;bcM+YhzH1=gJ8xg$!3k$83c zB*fnqrHlH5H3FO{NnL1+q}`|;cPTP;@ch=I?slMhPPG1{QO0%&EITPdPStc-ioYi*|3&8K4}yzAv{%w2(Y z#?qzK0(bruFa&pWIcY^>-E$Rrpi%|7U-60yfy|XrElikm-Fm$(N}G@>Z>hSh=Lw@? zuP2^pVnltRYQUqLt#lC?FvyrHbz{12Y31655%9(PN6lmNyq;tPNt7WFDnO2k5eRuv zomZiq@M=;?Z`Qi`oFJ^IrPkE>uZ@|-3O7#LM*_G0K)qhJIg#DtWt7yi)T(jPEiFM? z0gQ}R^y;T`C#AM5u3f#eC1jw!9SI((O*yAG_1<0}B!n(^aFomzWEMs$+@YQE@UyiW z1!k*y^z$aA@n&dE&L>|Cuj4Np1e?8KP~!{9&Px~2GM&w<6xG_FI}h!jXWV-^E5*ls zUg{I;c_Op+s`P5bQ$T)WY&h`EdWlBA0f%0$+SyhfmjSn0tlxcV%=o4G^hLv}vbns# zJEQt}-ih<14~9304ot%Bwun6IRUF;p3@Y`{aCz*{bgEdOU?4*8;F74vpY)?4MIpNL zA8(W+bU+@GVxmk*kg7pc?P51AO3KSItyc5-D@IPB6NxI3Jycs{>xr6)e;XFkAfwaj ze@cOyaw`c_w;>5>*H8i3Ti5I-J;!W_^@1*)(Dt&Z;qUa9)PY#NMQ0Kb>`qK$4S{dE zsi^^eqK&8aNkqyv*0g8(sKz&~*`e+sOc82Ux4zGf^6+@vw!<#|c%xbyRrHqADZ)gU zdA@)rE(viQ(CW1Z_>FBNnqzR9s#22h6!52D*A$6O_HzY&{i3}o%Fxy8x#W$IC=N}4 zJb4V{&{qwAo*jOAgn8OH`4Dr~@94-%7yf@_qn*#Df5QVXBn4?$4O}$1 z@`GhoEepp<8HG>Ebyg);Nnm%V#~*!-;`s`5KB$>N1q6;?DXO|3zhaDDt4vPwQQwl- zz&w8a6`V8@esZUwq^4S*uF~VgncI?4zed>B@Jpph%Na+{vCz}LV;w@27Hu_MiRFbv z+obo20L(1TnXM@QLDe-|$9eyQ7?X`UNe!x}2E=dYntV=o+bEHP9PTeKc%@L^mo8Do zEm>gsmh*izXvP55?T>#`V&!nCjYkZ{BkAH1S`y&yq;x@10jGd0xFRHvdi=?2;{0ay zZi4P##_&9-QI&fq8*%^4(sEyvrFw$r90e&=Z0@gfF8~Asfv(Z2l&6I&e^|(z4d}hJ zLcw9hlWV?q`faLjWh~%Sb<$Ng0Hk0k^w@7|B);6i9-K(#?^kD;*S6E&S_mkT@X%vY z%}6L3clHH5Vv#mLjQ2(_St*3+j>g0Je~6p%3dbgcrHqfD&Os&)FNTu%7=|HT?ZvXq zTk+)v1$QoD%uVE19M$-g&YJH@Ya4Ba3$8rpBNg{_Fv+L(Ym;7S_R${SL5=R;TFzZxa5G#Cp!iP1h~}dOD7Pnwe&~) zD0*j_5_1*Q>TFU;qKZo-^MZD@OI+-JGmHDn{#lzK_*cdHrq+2G(TyIT>zK*H#&6$@ z$4(Y%(uc?hn?A@nSwpc4V36@dY60lK2drZ?qi)o4j4AHDAKY{zYh)P^Vwn3Q^E$S- z8H4y$F~+|&wK0GHW!!ImqlJ=$&5O};-t4A2ZOT(zqa^70z*w~?MNrB!ljZrjSg2oV zyS(JjONlSj9-acvd6{M2(553b&w`h;wamh9pUC`{Ox*AKwFdjm%WsT#Tw3qb&$F=f zXQ{SdnWp+E@adc5N<4Rl9O}i-`Art*?Qsr%*#|HF;%%*=o|5{`xucczV8KdBbq!?Y zKgrgYq#8Csw5Hw)RW^e)l2uIV(3pP;Oyq5nva`$oCa}S3taC{US%If^XV_ST-c5xx zk|5z{K)PicxwF&@gr(a|op$LwQfGb9N0pwXH08Gt-4QXDp%3N!m&q_LDiAf#&{N+cXmp@rZ|gYd;M9 zTogYV@94^0dpmQPZr#jEc$d7>x}dypE|H0#rR;C0A_K)uKJH~jc6|yv#Fxv@Oia7V z)zQo&Gel6YxF?h-RkeF$d;rKP#E9mp=t`BZl=NvsMhkr0uYG;`4j~T$BoNxDpr3{# z=c1vIvOt)8!GI>Gtl}-kQc%5ht{_U~Q@-=f4>AmHi?-OUDqhc4>QEDxdPCRh4l&O0 zw%j`5M*k6M_Sjw1(U`T2eZ7U?j7SsDZYl!#{|3&tX6LL4Hxd0n=5^blJl`x7uX*w7 zs2Asz+aw<%h_lF_aTW6(uq!0h1M;_tJ#}y>UlS5J$sH~JK1W7-EF*+jA2P!&u5YlO zt=am8o~mCTEJL5mB&U5@SgJ5{DiJDQa0P_*0wK7bsujXWW z-W7k3_GJwzI=fRINoG5dDt@aDEy8j16N$3g_+Usm?KH0lHY z>-IYenjAM5sh^YW4_=)Qf?2;jiE4C4s}fRji>&jJ4s3O^u9)$XjnU2$rP`Qft9sSe zvIW5gucqP?w`qb$<+qAM>9^6+bpd#Va!$1gJe@g(NMd^|DY&yll8_zLZ#yDpsz7*l zCl)962EZmK<)F>O@dd76tddc+WtkR~onDph{#OlXDUhjhBv}!m)`Q-z0Ct2W`0&Ri z6Y=RsT8io~@}`royrjL`K}K2py|HnINtlBzCp z#3N1$ztBjhD$~Fj-rA4`#j`D44iR>(mGTvU$IIP>S(6>`Y!RqrS|>OD$73Fo6ht2u z$ImKRR*;_I+5IqolIuE8Twj_ypigHrtI9q(T2fe?ae^x!aVoBLmFW3M|Uxbm&g*2PuKFHE@@$AVrEKG z43{xhkq!KsTzKl@5&x{-ttQ;uKik6l32M3Q;1wzjq*-3n(QQCig1Q8ITm4cj#5iXjq$Gvo>RbD zJu41wPy_H!;I|gRLK*reDrrxZ%^Dp_v7o}ojZ8lU*0^M{R?jAIdNbKz#3H#f`?6gm z{t;ht2Xy`HJ2xbgr!R7vXNRIY;KwDKk>7TBe0cPHoqZb3LrKskR`MnPaD{3>9&q!K zX3ZVU}^?kvn9yq6M1Jc z_?7EKcWi(D++%=^zb)wR89V2Q0#>iuww-kv7H{MHmrgqBXtG|3;XmqcnL$lZH|F`n zT})bMu5br|JOQ|=$E~8Cgzy?;+UO7wa}Y51j`Pqp+iZGstY_3GA2zA$5j5ZS#pO!U zmKHmmWkHQQl3C1$AHPF@2k-9Bcuz=%oE5dXAjE&x&owy(y{N7tGNZ-sUojro-Z}Nl zaYYE0Gvpm3NUJMn*uB0^*!Hc}cd4Qe(4iatS~dSLk{ppxk|1x7KZIBCwgNTlT&l(D#RDmNu@UPT}lI)4Bu(YO*BUy;BKCC5m6se5^qk+9kU*+|TaU z&T}>xlpb_u%vq4jKx709d7H&PG{XsHnMFev?A$vxvA>;Ys8)wQiDyQ-9m@#;C5TEh zk_mBe_Jh$KpC^hgid%WPM;D8pB)z6NoUQH_+|_^Xp&oejoOeF~96%2NkdIfU#li0< zbf=Z>*d2bGr=O8yjy3X77&u(@&@h4JyU%Gi(hY06$@pg3&`L{MkeZ?nPtyD{_s*pQ z(^h2-pW8UL*_@>883GIvsCUI4{A1Sl%6e>6<*`h+KmKI>3DP$i-yod+Bo29NI}#D* zNFtuBHQE;(tJ^%5TgI_-SWXNrHM;t+Z8{^ccpG(w>7_SdYf{d*-y9V6Me5-i);=8Z zfBcvjK-q}lgNen%^kqbBVkUpzh99nkm^k@4LK|-O>8Wb0PL`-b<*VC3JINL`qetl8 zpb=eRN&enE2>jfllBVgQN<~~v)m3l4XSaT0Uc#0IR6PIedqHJ~n~38K6**ltLa7{x z;5DGiD^=ujTbp8mOexd`cR1z^XjQ9e*uqH~n9ZfC)8PQm(`O1_>OR&N0Tc&R#|`F} zTz0Hi2bmHqWSSp6*=H{>L zYH&{AMtK`2d5@N%(;4uR{bq%i9e~627b|EN)*ef&0`E`0t{ zc%W6qEm5lNe^vaMlZxG39M@@My+?affQY{JxPx!{DPd%xjWx9eeyh1;xv6!%XE})4 zZ#r@*=!T3q;*Aljq;?_4cK41vQuDcXcVp1_X#PW~IX7L7fe7d>&D3<{|` zt7J_VW2Y7=X~nyW{?LbvXFFb=dtaEYYGWBKEXqZaICLy8>~ArYWRm#r9IHHFvi~Gk zj73yF;|`D#E`xmvn7qp~dv7a3c%oHg{`H*BQCrsIl^Ib}6+CS(_0ya8MBK}yUGl-; zI1?@F@+6Vkn z@4=Y1lDlTLFh4D$gH$rnPItVz6|KJmG&ERHP+Vn251KTD_@F1QPTwu?XD10tK58X6 z+h^q2zv?04PE4K~sc&|8sc%6~`uLXV30rGcg#5;rg`$D(QvgVKB5$hH4?WKdxlOKT zuQq>~y{Zjsw4G|?*|Nz1S9zjFDr2B7@^nuFR1mIMezMAa#VarcQ*u$(G^{AU3YRU^ zS%AzwRYc?Oz5fZSdog;gAu(<`sU~%xq0u{>lM~Trrs>B7+vc{hnrsDD^^eANR@;L%e#P$t z#l;lJ%`*NnNiDs=uaTc^v?$RU7;ST%4GlWGiOKA2G^fId%LsE)A8>sx3IXl+T>QJ%K6Z{Vi`Q zQ7#PWc1~SB4W5ZR)YAo#Yf><>cHkQ3cn|?j`mz7bfSk0{D$O=?O=@nhJUA>TSf#a- zgY2E?)ImduzoMkf{ls$vY{mi7Lgi!4DNs1JUb@46kL?NXgwQwbvp|=KcW@Z=P1deL zo-Qx`BgyuZMf7-tjFRiAj8MD%NbuXn877Jq%{`cDscTp?yoT!lB8}6x3goe)qqOWX zXgYoS9*M43Ej@2@P1YFUGkW4Zau+|C8s9p5wLT%hR(hD#>kxDh@#x@*Rqe0s@^7<)O=D7+e3K-E?x{sED~|rg zo?siR+||h-(#OZ6I7#9B&&VyIEeqoA-Vyjv+vSjTJRHv=##Qr%Thjl{6@UCkl?sWIN%CW+&s3 z&bg$*wn-)qW4<^kbJ~E8ryCP@7|hz1*$)zDawOmrqmtO%CxFo%zT!3{_iMk^3lTql2pyX#cHHHV5Q0bWhkycE>E$B;Wyh7cEK>@^H1ZkMHZk5Snt0 z-fzj>W8lK=)wxqtMhnuDevqsRHrj&>eoI^W1HbeB(cK>JO7iTBXsK==M;B?i%SzF+ zX9!63qmMmjhIwYBp6K)+&UY*F-!<>-Q^GxDxSu5bv!}9tTmNfYUAixdw-k7{{X#F- zS+<8~xkA&R?il)&y6*{tgghAZ>hfZuDL7Q2&+348Co>@%orEzC7xfyN&ACO&_3ERW zBFNN@(?g{mtnSzd&@kfuPT1&BD(IYLP*bIAfN)AGW!Ayse*9tC{u$F5#aE^kv3?eY;HoQ12Bp zs=>w`-eEVF=0PYhNeBCEn;WMY0q-q03Dz8c35DRNUlfGt*bNfoid)XxV-53@ME>Zm zz!WqDzJmg9M~nN(KMAwGaQxKUSGKpuR-jB4;QF{#X%+p;{|EAL1eLczJzIm%z5h85G5P zY6#$oQ31Zv9PLW>aaOzAxacImDK@o3Mz6#4$HsyjmcTBxUmPKg~rrd0gl2yb@CZ2X}qwt=r7V#mq@AmgyqZbZBip>3z z91pt0&j&IaE;JkeEnOM_BdKrfZE(K%MDgHe>U~(;cIHvqv$#uI@{jc8xfh+A(>oVY zfxaF=fzp>Mna7PbI#@#JZZ*&=MrOeqRj)30@#cH?O7mhK6uHvuwE^vHIFAxBP3M}q zPerlI&s|OpPKKTYlNA&eKukJ=R{*nys9@o%$W}*-9@mutV!`YsUbysCLmtkGq%=Lv zdm6r*W~sAhebw_l%+w|S0&s7=PLDlKl<&4h4BYLm2LeW34zD1Rq%}BL-IO)AA zEH?MjsL)A2^+l`KjJ7Uyb$l)TJ5HEa=Ki(>dUox?8r@T>2A5fX?$3R(B;o54ewDQ! zNuOO1yl)R`0T)YWAM|bs(k$DZr0IgTQ93JWp{g-)I_|W7FU)Y&EWYHbz|KY8@hx7= zhE;u<&AF*-(?!8zVn$N#7W*c!-o^%_xA}z$f)8opqvtPuM7jFMMs%;FT>gAGRB3uf1`xh!d&n|+wTvzqFdR8%{Br>zjY_f% z)+$(OZUjCATV46jUTg|p+0a%UMvKMRwDff@3Av=+0>IpI@1IQ*siWB;V{A7Xc~`Wu z%WiF6#N9fe_v%=kpbV*d)IT;Fs6aFrP(LQlkuJH-Ko0Yqz8JlvS!pQ-%$vNG6{5rM zct{{L&XK>g7nv-L7zXv~#pu=yzS;;Gb>j{|O_)pbkGfmY)YEpd7?FE(1gW_6NB;_d zY)TUHx#S3|6y>5-SCK;=tYLl4E(m;D1Ae&eOQtdYLqtkzcJsNDg#KGV(UT8x&*Ta` zI_K*`;|j#+DctF>qF#|ZpLI%k_(aBg?*HSEe{YF8%}m;}QSmv`EyJ$xFdQ3hCu6SJ z4`!J>n1ay1G$ypyu$0c=n%u_li@fm_K(j~Z(;M!w?w7aB5LfN9JQP9Ek7OWP(t963 zo|2gpJHi>7|4$(w zwCS-`sjB|MfHb>UjY{oG=^&nVk|oVDR~1_Ikanoyr;5fo%2K5OpjZ>}3*50pBz&TC zW~oiVbM97O`AVcJ-X$P3a{ePo_1C5I+xZW$rkh?3quHVdq>bj_FGwWoo5x39s|l~$Z>WRo11zg ziQ{;0*pn#^ULyFi!_vzq_O@~D&&x6OAgsi1S$svE@g19thO058Sq__?kt>|iwOQ7* zsAR-~x>cvpgrN{xuBDT4CK1zGzpx|astS_j9w@3TRi51zggcfDooY0?bNZ&-=Xh%C zpqppW%w1RXx`RU(?wWdG=mF?`lxL?9>>qn)0&(7Q^U8zaUdH0WrCLMP|Y8i(l;o&uw?Pf7I`ov{psb-k9|K=ocByHMpdyzzq($`o-%1< zHoQij2Evx+%#Qa%R4ML1-e>Y^TrLwv@p!a!nap(KCMQK?;*YfERzqaF+z1(Ogv8SA z2j1sm9%k-+hRBidkQvM-6m&RX?dapz>|r7@*ju5}+43=F^mlIzv~;l0VSi4lqmK8v z0E#q7NT7VSQ4CsDrK)*$x)jk0c6kzgVa0TZVl%a3&yi|Nc1tuCiNUm>7FCn?{KUAd zAbb+xS`?EuJd@?QSynM;Up8?(CB?3gu4)(Bk*{|xscE4zoBrF1k2)pG170RL+vRn9 zJ!()s9_TWNo8AC826VCO!vik8@qRPnF^miIu6fvFDQMH47r2NR|8MAgQ+$ahm@J0A z2-f6Y7|U|@O7SW;eI#&LkI+VDhUu3v6JuQYV7IpZVQ)6KHLHj=@WQFF=H~sM8FOy0Bq1EWO+SP$42%h1)%RnI{bgrn;Jk-5h8igM=^%@?^bp|#A9qe{)AG8Bv|-}Rmp(S*ql6vKPW7>7o53Ei)z2`Ha9>f&D& zKB}1yOG$4)O|gWAxWm`-P@=-$z4zg+Sm~8Co)Nm%&$8njH!Z;Jf&8O&31M9hRyp6L z8(wielQmq&FGG-X%X0~+<-H=neA@Lded~ecU*t&Pw%b~dbh?Yk`4Wdi?r$aeOCxWm zV)+i!ZW6jc5G|U4eDjpngZ|BRZ01)lC8F0P&+xQwIVFIbnjG~65%$yO8w31`IWjbL zquMRtm{7yeogvI)F!~i;SWIdO7aw;(_f$3ac?cRAL8%0bk=lU?Y#~D5-Jai^b$P<#dPk#DM-t8SCKtRkYs+7uat7=EQHcD)weni2seo+)Ztyi3JzpuktNna=FehWz_~`c*`NqZOd8ul}SJr zZ+&HYEaMW{#$|xt?^K~;<#=>cGDGiM-gG{Jy!9dAEa!HYTH_UN^dC9gV9>O$ zT*kXv^VCfsNZc$zxsVGMCsTHhy><{daQY6+db28cv0nl(#n_4NEr}L4Q_)K|q_1GE zQG7WiWVY!wX=R4C@BxqBg(CcPhUGi&TWCXh;ayj={0-9bSdvv7AC~HV6Y5((EidjB!xNS$N00re?f(i5hk`vMS?+Mz6|ZQr8B# zCDQy?)Om0YgYN&t9M@zAys5sd)$)#gT$(SwDhMopd^ozc$P4CXoEPYnDL2ycvpo}9 zyU27RDqF$1>HNmLq~xFIFrLerXE3Lv~_8X1_xWfK@43PE;_c_E`)O1F-$keurQBf&3^ir zjX@5I$T-4ixY-YnEvPog{q*R1Tc$lbM?y_YjU@^$HvUq*L%)gl))|_AN66LLU#MEL zRDTt;XmkkwS!wR56e9luS!KYDb6s}ff;IRs(fABJnZJN$DR&AORIXC{$@6!*_`5ZA zYMJD~H)XmaSaw{_y$d^Gd>T;f}bCjWM6UVV9Xt15x7fH6;piU24m5*!qfH*dd2Wng)8`L$z(<$Bb0Z-&VHX!|YU523dI(HyXrG*+Qanzf}SKMy$9P2~Ea~Df4BW z&^9eO_mDD|bx#PuIKu(v#G}cRDPpQvcBcGsZ_8>X`^Eq^p)1p89%h@ic&8I;O}CJ# z*$A6Xt!M5sv%WN`0jQ z_N{xZfoiQF_xp((Hc#_R{a<cg?Pl*OI|sOdJ|>V@;JD5hLbEI|qgw;3=1pkNVOfGt z(~dvqn}77py6V6Vg9St4v47iF{Ief96bmfeQ9;?8mQM(vcf{5}kV=2{cN=0Di|PYR^WB|UOA81W{g(qeWG zXG5In+WVckTbn6SK5Vf*m@g(G|1Rx>=YQFMV8lX3>tNAx%hY^GL^>nJOCucjjbTg3 zd)W|#MNOhkRuUMxGVT9u|2aQ+a0`0Ix!%63u^yYU+mjg4?})~SEUUF2EOl-r@hk{S z6A}zL{p8TFX+zPyW$R}S=Zt5616ur9u8}A9ZHm-mVENF|E69?~6?s~5k8Os+Gt9Hj zT?joY`y=%7%k%-(2)b{g_#gqn(GY+jkktGzybA8fWx9BO-F%Nn2%NY4rh3i@< zp?9LH+yIVX2Lr7$ii&Z*h$kLq)D;|ltC&jWT&TY-$#sH2KX@=3F{4ShsmE3l zWGW{uL+5dSm;*3fgO7z3rX-FJiLCk4pk@YM8JAxERkpwVebF$!6vi6oh~!lPw#okX zkH0>?Kwk%z;B^CE%aQ%&-uU~=VXVasl;PAD|LNL*x{tO3iQE$xT9VsDfEI|pTCt-F zurY4qx3WIf^^dDx+=!ZDjrvX=etsN^Z^Ulu-RjIepJLF_F!xunX@app(AE7)`M4(yH_{tLI?WtNbWd^8eX1*vRNRhCH@Rlb+@K{*YF zSwpzRYWU(Ae8kpG#gQAf;s$VaDbk5+zbOurMTs*_cmH#`KklK~nZ)+E6obzg<1}|F zkw;R7>&Ie-z&pQ5XaI_H=WMa5gKq-o4)^H`z}Tac|JCjUOk>Tyonxg{9a@&#$l`0g zofASCQr9JLru6Q{hMeTqXt$Fz+P$oCczpI!0mD`Ai&kU=|z-gDyIg+jX zV=q9h-p3u#m zIpN>lp$;gT{4;q!2iV-6%O{iKzT2-f7|&*yM@K~9-<)W=8Ih1qmWIdzo2*J@gNo6z zux5J4UtoWKX0`Yn3UGW`ur4tGooO&KG_6(I|5kVXUYiErSB*f2Ug7-(Ta$XH z6mY0}jnsROmEHZ=&h3Ra;0qppo15^e(K1^ZLsiS+JPio40yIhCt_@ezYH>V}2O|wv;YGL6BU(yB+hK&Ris#p$U@rt3F3Q>6V=dT}9-OwBmA^O@igakKhv zN3C(UO1{Uvx*>Vr$=Zyn(6VZWLByXVC&FTXOh}|eR&zKyu|bsb`3O4L?zYlhHgpXM zvA_=&>(x`=C?(t{4kAA7yF7d%{_Vc{uE*pDuw!7B|GHfs6Q`}3T{2bYO3&}(x=ywF z&jukdQ7oYdWAqIzqkw6eRs^?o;-YXi7|Z$~TnJaETPL_>M;E(vGuId%Y=M7+^Fv+@ zEF=5q7~T+Sb<|2R*5sV25@r@y-;*wuD4$}|_+3C{$X@V_O$4zv8(O+di2lfH9t69t z-d3L00sG24vZRlw=re(ML!%(HLC&br?zam!#9ACxvgbWj^P2eR?Ogk9U^5+1fp3OY z&MOrLveKs~*AA1GLq&(^7m_hNTSbS~s1@TR`G+k3s!56W3~N-WC;pHF`@qn$xpQQ{ zGk1j4E!5Uq`KYn8rD8Zxrb-JMPu{GV{ykcy+8Dt>MTd2z7Z%oQ`aG_l#717*QH52j z4y&{BF!+E|OBtvr`h3@?Ug!^5I6J-A$Oen}v$)B-zOiBTex5b3#DoR}mvdCrZOp!c z0ErI7oTu%sz~#}EzVB9bQ+JqVwM(~bdKRM3s@E(Oum7tfj5KL55%IZTw~4VK%9+BU z82r)a&oY}UEsYfi43(A}oia_jmgiXAz=3bo*wBTy(?g1locG!9>G|f(!su^0f0fm1 zuAC9re*Pm!xpgZpr13U=K#F~0mFt_k6{(VxVv~VA2qA_2;EJjsZ{71Euz|ev^nPl* z@jVs~cKWg54J2f|rSrP;p|X-#_6^e~%J9(w83TsSY5A29al>oh0g0-ABzov35XgDr zgUcFaI7eFA504I%@rG`bHykGOt0MsM4A(5*CzD=2YC8>pje!x5>DH?1&Na;) ztbE#VY`6_KM@4C0zJGKq#hvlNl*M0%m=i2>+6pm{tWd@wVJ#bV;WP|&Sb2dKsC?Hl zLj%eKMQca?-lCNwx3;%crRyr8J*ZxZQuwTXrsK1dW%qCsOOI*A>!6y|d-{k(iy1xJ zpsnJ!GELC2Xq9VDmL~7(Sr}d;W5--%V%*-R-28_PfSKZMIa!#uG|c362shXLae;=J(BQThK)VPHH4Soqhh%`qv+!X25y}e8s4uY!Hs!y9V=%(cY#)>g6M5!G9D-02#ArruE#39Xt~!|y-ew5cke z^!17e?`1ENL)`g1zSRt`tThSP^npE`r&*`_S2&kt4P&J#!>kTsx*w9qPbPo*C_IZyDm<-iDm+@u21c!6VApz+vOuL04!$ zcu%39Nf+D8a5T_Hm+8?fg%LUQV`)-uw3jUG<9YAe#fDIV2*syLpnH6c)uuz=-^aK@ ze)fGkQR$h=#@L1G8uJO^9p5*6;L~=OXLGz6g)qbR!X2<2o6i|r>uO2@M?Lz5eR_Pw z*cuafLb0a^qpbM|v*%}WBx7)0!O(t=hT7;~Q-)9BtSaxtwVpR>@Bu7WOk)NVG2_pv z;=bLE;y?>7({zNi>$iG#94wr7J1G|K&?2A#0U*T6i)L775lUiU@o{WKcOXgqRCQw= z!lu^!ZA4sSgi*w~d^v398=J(!K{?_j#Z1TW#__FUJ~q?UjiM8^LEz12runnL#(RsF zeNu3$VVQ9IkI93+77_T{`XieX=WKheq_Q-r!o~sK$N2A=S(2Hu+w?V}e)xBs^OuH`~dJfzy?~xh5H&*@R z5t6y(SYKK2GZxn(ZB(`thW+N1w&K?f9bp`BS8z{o?|DsRkD0`@lh7ZGy|@|$HDP+S z8J8&6w!jvLoBs;Si!rP!e@LKHg$*;T-oyy5F~yb9<)b$H*I9=WhKD|_RJFbkxqP!x zrb}YQeelYWHJ;c_?q+STDjC?sm4De9F!c;y#cW;wv)`0hRPQA>@JC#3;-#-6eogw_bpk`!Kb^ zlr%?U&4_{|EYwNY<@37Zxrv`BPhS>5#I$ZY=8NSkLpdRvWdS{vWg>v12y*V@Tf zKGF7?L5nuPf=gQ@g! z!M~r_I;I!oSNV{y(~8dIi?N_TPGUja$t72Ad^v_1(NrpvEAKMqLfj0D8;9W+B|a-= z;$n>HkD1QAoKMGmhkfZpb?y#c@9k|pN^SmjfzoBlmCLYd$_o5Z8748~8f=3QHeOLm z@1OPV=ZwVJ*Gdh0VD|4#UNLaj4wpHrahTV!t3YZ{WsPz z0j@7`&d>xOZCl$!_db($Jv-sMqiWaiJDqjgkB8m3&#Kr^D=%R)dp99(-cERJbM0WJ zHjX!}h$Wo>JCBG3)fwwgSflt;x6{jV7$mz~+I6ZXR0K$`YV>oGT8ysE12fo_5Wyk( z>kWioK?NWCjKW;ECRi2!`O;4y%0NT3NiJNWTO3Ms0I($$8Oyj4Dn2(7w+(QlAcKwD*2{<79VTA<|-SOpS%avEg4~#N9x=#1FXupR)Z|+Yop^t@|IT z+5geo1svmljPSoP!qDb?>#>OMY3!T$c!TH9%P}ZK3AcI6l>7w(2MIQf>=FCi;Nr3} z4j2pu2)F*)&0fUs#FEMZ;!yyIT#JEti9XW83Z52NAr8N0_yS_8cK5hqsV3 z^)b|B1bOr6$Bc&yHU|qa|GIb=C{~O2rZuYbWcdn&ia<7Se<85#_|88r%qx^w0mN_r zm0qp?7f>WBIr%!o(#-5R3NVM}TqFTO99`qy3-imahhZJQ>`l9bN}DQ!!e@Vn*8}3j z(k4WJ1spEadiv|qc3*fpKCJ3vi)N1Jveq^srV1y5ID~WHpQ5ss zrRxll+!$~JR`_u)@`MH9Hvs1i?SJ@7=$BRdPX^R2RJV#w0#Xd{-#T_?_H$)MBSQyj zIw^+VX1bJtZqH|;yP;hZZW$Hf>0A-N*h|*yKc#0K$m>~^F}JB-uxi-Y$00-BcflBT z+_HwV8$6-M<+5*1XR8~_^K5^$_uvHZy8HO?;}&GcS#lO2!U-{OoUXA2ZRAG^daXS{ z0S(Ul=R8bCa|)ZN()wiVbhmM`Qj48^b zyA9Urrq^h_1}vxR3_et91XLo?hW5;pzxcX0WezvlXrVF{ ziQXF&oH(r9Y$<5P-XmCiD58mwZs4@)G?)DvB6wTw%_U02si0H0Q4xp)3~S@^4(eD5 z^=<+c>bqW9bHi60P#HA)m=f=kFo*dGu^2*v)WQ7AJ5ba9WXTksen6QM+Oz*7wRK@5 z_G;+aFAY`!86%b(kd34x;WH(;bc5j1(H5kttf1gaW~F7Pfde%E?5Vle?DP3|k|yD2 zK8AWX1DiJIxT7(?EEG*YtWkBOx5?KjwMLWqwgQ%IQaX&vGOKo$*nB1z- z9X&-!$f%kJB|P_P&4p`*D47Z*$_%B-gSi0Z6sM8URb+BUo0?uQeqC#MYO^$~5xp=Yr4 zZuUX5-*fG^_KU_9$5Ej*n951q{8nR8ruwiE7TJS0G9QX*=yTyJQ?9dSE8;w^_gq!4 zCT$1{@N&~B&%jKXmJjR`3O>z)Qsfo~4Nv}JBa_D^m&4L8BqAzXhc5dD9YK}RBgO3} z%P|Ic45F$L!!@aVtymLA+a9-UnCpme9^TCOs<~NOvc20l>;!W*J%Zk@&1CulL$Z`O zc=MFn9h$gESyLT}`@Oh-ej=>SG_R@M0}b*=8no{(*MeqR2X}UGUozEaP{!^0pP`eV z-ugZ*fk?6Hm`N(#9bDNy+ySju*@Y%exJo=kF+mV))WjFW!?g>QHituTwf8l$9jL^L zs*wcj+S8NWbis{IG8Fu=Hmnb|ZH~fEz@u-E>o$2_vM27gSa0dYwX>>XFnJ9f zM|G)KztV-XqbQ9j8>84A+_bW39s0HYOdXv0#!^JETT?Y!XRyJ~dqhAbHw9ZIEqWjI zCO6M2r?P@&aod_i$|B^{*4EzMxhsMKt(DNzLHO|Trs^%HqXZ-%zGpU(mwu_y39Nr{ zB$=5|$rwBA*Jg*B4fnHCjZ5$YK z%34lV(=1(4gE!U{*h<{0!BV!cVDa(Frt4yEQq;%qFXc=S)uajM;7Lx6hpR+nfjm=cxtG+&yi6G*+=+%y6&tY~+vm zpc1KhmuuIJNXys1+6b-w89W0S3$ucIxiZDA^4N~9J{eXMTFP~UZHu7=Ymwtzx=N8| zks}y(*YsuuArO*h!I!5E<1mo^a?3h7emh9M=uA?+Yh|9q50NPczD*eF?}XjO*?aZ- zAE~v>)B6VM$k^bIpc~1vnw68|R%n&MAK1aoyE_*Ke^B%?POpx0!*AG=lllcct*7Q+ zjOM%Ca(2Pn;gzgArY1R)+U989Gd2Bt0zfIqViUY2!Z&$2O3=xn>_#Prq0b;NI63&i zB=lSUDBN_UEs4EXG-GV;p2ZM z>0`K^Z_V;@3ur<_&IX1z${N$0P6_iiK(}9ppYxis+@i!A)mpH@r`~4@+nD63x4F_FqawUUilvN;G z2QI_9dclLffM3kz2HqK#BDJ(d%_=^s>u|Y=%^IuCkwl&!`<-UCy}<5B`Q6~)n-TcK zx2M#x?`B}cDT~c_lcwT>AJuhU`VsbwSt~ujDGOdDWx)x~D@MlHEb^5HmwO}|0Cfky zF0YQKsZy%EJ@o~j{G`_ev#!+d^%Ph6|Gocw$`~&VV^xm#&s^G=tjdMC#iys=3I;}F zbjgh}kS2?f57(LF7xl?kWY(`nT=L$Hx=kL1G8TudKi;jHGw>@=W1(OSj&p6^0a08b zPcut=Z#r5D-N?s|w#Nr(4rVN8n=(MlKD&Cl4_cQ8=;MWzz9WZLqN*|W+v zu5D_Ka8bD~jE`ZmWao}=u2$ONnd9D`S{Mn%0K6@D4MiX5Q5WADx1T^q*y?TAY1LD+ z@a`G$tuGUYIuwHTHAuqt^|8IzMeDrgGqVpFCtU5Hn%-6ytGv75vPz-DSPM+n<7Wwj zQ6sdvZU&DOm5Ke*NZZ z*+W;d6BirD0-jjd)INBEp>28Bv?2%LnIiq&D1o`>TCAVc_I{E*?S~*6i^8SkLqMr{ zv({L(Z6xS{K(SD+JfNI>Us}HzVbC8dNaP1d04J9{H7HUSOxzr zoEpn2z|fyP8@il=zps+FPQD+(r@>fJi`n@c>`-Oy#6xL2&u?J&{7Jp3p59Xm$$KGS zgU&T6Gas(xS9OaTBpU>=NpBJ*jc*pH>F-_~1-2?}i3}2VD@zIny3=2?}Hi zIZIB(Zra#9rf64k9^FXPS7D%+{N$AXL&YV|9%LCV3EzYypq4_MRRp$2O#)4^n^oZ3 zENRmSdtYb2020iWhymXJvz1G*O9oiDF$IdP##&qr?)xZ8ArdZ;+fm{t4eT}_XGotz zn(Ij%7O97+37A-JQ`b>Odb+9b?k?-ND84-N!ggt3lSAdgtv#?EYHypt(_|!EcmP}_-kg3S$~CB)6mJniFxjd_$JP}dB8ZKMSohXWa#s_ z44)u`q1&c{K?M^-up_Vgw8+X z^8dbi`ek{1bhdc&E$X(3a{60HmQn`QgL;l;5etDU+2ExcY0))ooV6pz$6rL;aO%-Q zp%~c==2K|hi&g&6z|429he{TVeS=RLOhnz07Nr9a{`$Jn!?;L$%8p zdJ|qdqm-)ex?Xw>z0A)vBskTFT@Hhyv#u9}HSuj$+Os*&6x#M&Z;(<1)E~S&Gr7XO z<8+tJhMy*QuMP=zNx16&pc}KjnUgtWu~5=KSQMwdJn($@=~(b|%Xf0S^pulOTG1T7 zRkbUEJCOpKuU~5Pe#bHdS(KTTWf(4$Ts@=~;2a*Ns(0CnU9oB7&pj5C=D6uN!=oz6 zHPIcb?^G;w6f1EKRf51*CC>tCnf%v%mK{EM`Ef?&cxaKvt;@R^0un@{y}h?u->WJf zYr^Wjh6Ii`F+T%@$hD_T=k_G|kB{5GPVi9+ZINJWstqC@(fvrY7#u$_wtM=W*^X~$ ziBzZD{f%?nDOP7?%PYF}Y4L8z*UZ}GN_WxDTFn|%Zo(6B@wdAZsPo1$lvymF6pS74ce{l**88G2#m5R1A`jE^y7?@#7OFWj$;@uo{ zLS)r<0Lc2&PbG4mDY`TmbmuoYPUI1|icNCwQArq?fov0`>X5{jXBt%7b?;46l#GK7 zf7GzN27NtwBF3q2GZ<&sXv`x+|4h8AKy_GM#z|}LdjNNxX^2Of%zWO}Q0M-Z>DExo z@%h{9^*V=Yl7XVnR!>=bi&g_l%usf>P1+v`){QP`1g!>~Z1X*R4|Ahh2!J7L$CO;k zfwRc?BV!GVE#3QnjI^=%SCZ-@LYdDcIfBjgeL3ahp8?~fz9aSvYiG~_BjtX3{&pOP zru)XD$hO*r`e85I=nhHa!{rKVBeSATO8Qij=8%$glbiGXmy7=H9{}bO(9%q=0Hx1oBm&@-7xnYs5e7~)4Dr>P&aK8WrMV48>6@v5{E!M#X7 z#BOW2Por}=YI%=4`m#==%+~pZ7Vje>^CW(K-7!~~d4``Oday8y%#2Y_edMXUjCs&Y zIyJF;&0~-W?IlZ>D7c`%DcR-?TYWR~T+`n0Kh)Z+BGI1Kc+2p*7o&9{j~hj%avNjO z+Zj*K0zr3C6r}NV?6q+T;mGzvrQ-oOrOAcd-F5)$8bvhQ;G(Ol8XbaySZ=18x>iSm z1kp^3Jm$tplKQFUw4J&c`Ul!AIN7H!{++-og=Vdi9dl$Ddk~ zRZTIHTy#wXAH(%8+of%{%q(RIsm50-;ZL|-0_FrhXeW_wUaYl5z7tSj{d(6jP>Sb# zl32b*l30d&2QFS=KTg+m zgjGV3S)!2tgfHOZr?Ifae8sc!3EGjXQGp#EP6i3zav`vox@m;0hFC#@>V!l8x?OV#ck5iEKJ^%lizPM|%yrTg3yh?>g88W(-o;!-^Q&SKGR}|cf7e|;iHGWku00K zkd(JTCx7PWtflPjK6Zryy`(lPbtx;M|2#5lz7&h#aXNA^pHUarZr4W&>M!lK20wG9 zIZk5|{Z5#7;R~xM)1gk!Yy29f(nB?bRbkbwmN;H30zByevCuY`;(C`22z_z2R@Wy+ z1WzuQu$kz@v{P(zO`NF@TU`UAT(J*<+(EFQxkh>Jo&0JQ4H%W|p|Sb!a|pFJsxs zwjK%Y%Obp5yb&FrMeIl%ENGWZ$0%NqgN#s#K8cDx*bX?ZPC`B=0Zxn!&r^(8<5*SI zROm9Mu96PMyxR8clRDPuegCk?9+2=yXoSveHQqx?0_3UX z`h(A3IchVB-{|%TOiQ0lte<4MZ*f4mgN9E9omCF?EA@t49@B^D7f1VM^}5zwwfliF zL;gJiy%@>|bS}eQ%LZj|g|uO|AV0U6IsvAH%TcfClFP-IaApgZ2SV=SwgwRD!S#tieIbKVO|wxt3L{3z=dee* zM}B9SR z(qm!?egbdrS8^j}Kjn<=?FbSi>Tw}y_D{)Ta6gWSsH~L`#Yt9g0Il(ZIWMNi__Ff6 z3c^1ii#@OMxWXR#7#L$eAdAYLM(dL=YNb}k4u-IWZX)%ndmnZ`@NflJ6RDGV1t|}y z)7#&_G1r5}{ZtZRF^3@+TG2(s$vb{KltLSX0emE4BlNW&7!B}2_0l{KXzgT=UhR_fCb+qCpX#G zQ*LnDnK|}8aW0%gTvl&i@m1Gsc|_Pk`pToA#rc!%HNn-?ETP+ZH>Q?&Dk?rmhjY7F zxfkzHoGrLJPdhcV7wRgjKald-CtjNn|1hH|B~PHh4FA;I{pQ+EK66}fWUY2V4Vyp5 zVk?{rdJ!@n)tjrE(O7_r4VYln#l7P znG|u>Y!BP^o#zangbwMpz)yM(R?Ej)BvxYAFE^G&d)9rr9H0I8O5G8KW>H}8_{9{S z@4ORzY4UHp4(fL2efnx6)BBjs%W4RffLH2GwLbmCO&R^UShI={ujV$>o@JNdKkgf_ z4_-=;1Q*`)OV?H6+=ow=?!A1Wr5OaAtA=fQXA^tylAkNYy~y7Gl^4qlBsdFP-Iw+x z)Wm$q*)>U6UEt>qZIW2kHD#%n<>=+UAt)kn@LjbVk~_IEIHQ2nGI?xnRqCqX*(waT zUiZD}{6vEh&6TomaHWIGOW@mJm$mD@O$u=YdsIlDj6TSfF?!sX z-tX=dU^gr{VJj=qeIFhAA)%8W!x!%37xyJO7ABCyqT z-rR3%4bkId)X7Y7@g58EM0TQbL*}vH3_?_5^)jNh!Sl;b>KSKae0oKO;60~UC92Ik zOlPvDjV3S=hMPX6BxoT_q|5{ww?JK+xX!I!7xb(7E5M;lpr<@TJK8m77(CWn=8QW2*`Gjm}*Q^07UZ2BjMOpk@8vqa zl1^k;+}tQ#@J=(%Ha1%OAQ+;*SsM$KU%yXlLC$%DsbUUGIe4-pq3hf{8OvIfuoVe5?w5G|reU*MzJVD5_gN ziKdxkaRwGMvkRp?P~}Ui(c5c4ialqZJxu0bzNmP5Zu}!k&7jBaJVEUclPI+?W$Bt0 z4IU7TxBmOsmgn_mid9AV%FA?0H*6u;7_ICwgR7Q48!ho2on-rgI}ix2Ls7Kv4e(dY zuV!7W-Z8CO2M5R%wMy4syl7rfa2@4Rhya->OP{Hjs#%OgQ*`XeF^;F|4?FIlGj&&# zeNxUoai`#{UaJl!e%lnSQLExMEtbI{xrbZ456zivnDMobbEgX%auVth@;0V95?Y3_ zlr#6ER=X`lHeVMFJLrEm2tJyoX$}@{-|RM2KAK)Qu5%nzGht~m$6+EYFk{N%4iWqV zK7x%)&>Q1=E)n5b79#@0!?${0O6Ac6N3 zp~0^TRff(3wlnP$j!Fw{g}d`WB^IG`^yBXfF1Df)fYURNrb_)b(gx_Nz8~NG?%2R+ zWk7(mTDV!%GJmhHQ{eH~4VL=e=ikVmKLMvyy_=UFqo0SGltl05mhXF^r)`8SzhfV( zws^gb=5*G#x1-sH$BS#1%=F!n+VAE>r!(jG`Y|AMic@+H$UE=J_&hI=!lE##RipC2nyW=X-D{^>(?r7ZvCP1Dfnj!8y}>xRGNu}wOFxU9>`cX{ z8owWij6PrYs2jRGDERYKa3zh2b6VSpBiHFMhMd+)gCWCMIL_*)!bvYuLHc~<`F|#} zPW8M|zfFI(1z0JzGToQv^( zws5d373Hd#&ACME{xAfJ3DXDl>XuN+UNiAzx%gz|2J=Tu*3EQvz6%@WAj)P{0O+Kb zb_m+)hKh4G?VrX^Zo6fb97iF%zaN!U@J7*HECt;*kA#TK`~%PBf2UHB`Vp&r#;{1K z_c~4Kx{7)^_y-*|nbx)fWcVBti@LVU|q* zyk+p>E;@BxaJhuX^uk;BjFrr>^s&rND_rVn)+^b+_dbF;g>GWGpK!lPi@-SQZ^l1X zMDXva=FA26SW1lKB5URUT6GoAr^-ft_->|r3{{Or-esBrj?%C0RW8P?n~I)7QbCgAe; zFY2=bu(|=`;pT3@$ZBDeywB7NX;G6uhY0u>O(5@|D4YrrXYb*z8O$<&%5H5WA=#DV z+jZkjuSv^sYsA47(l2Vmrwe))5g|njcPj<@q;~S-1PEDkk^br|?P#P@^Uy!Ym0a=w zbJE>lMVg4ffn9)n)a#pq4-2o36edBOj+`%?1$EW{p!Q#X|;^HQT<~}Ju z0hK^?^RVd^FQ3mfY5Vy2{ELp6w;~Q8DwF6)-o(Y}cZOieUI75l*K`DYrWZ@g%I*NX z=U>u`DCq4l)?a@5^NYhwv+uuohXhQF{}-0|3)%Q<-v18_{(q5ew^)1NF|LOjn4Kvk zm$FaJ-utyQFTOPtpXj%ai~flg{q=u-5@gOrYE{`<-t;cg7u|t zr-tgQOWJoG4Tmio?}0_KgKMtCaW z@2)~U{If_~Rjz#yty{8W1Bo^rwrPIn0Uw+fV>c>#yIVco zp?;wsj`yJPRwGknsP8!|Er`l4HJFWu$lro3qx#P{TWQs!kbX{YfAf84*noQpqa zyTNVtq482a)Pi_)jAAy1=$A+q^*Xv)4nwaKyNS!F~_5!fPNMNNiucqcIJ3IR>0kx%o{ZRM2 zdur~}wrNWv`SL27nrRpA0-o~UM5s_u>7<5$ztSCzV}@5r_Ct%^jxJhNO#2o=!%-}q zFD$S;T5x7F0|>3m`4Sbh(anz?4LEQ#7m3=o#VHuphsMa z`aN>P@dQ2Yc6IZi(sqyqe>;@OBIi;Ez(4fwT22fD`Im zX8s5?YjD$ zi~|;t2%_x)YH4Z+q}*^E&s-SYn*+2eEi$~$cWZ7;*HFtxnIuttl#$3 z%doJEDKmAwETN3UQpee5Y;xs=QzX_oUt2m4`Z&{ht-`V!0uJr6B?ELwA_u@yrp3)s ztBM41tf@JCHW7?|G_zjc5^sA-=;`bK@6D497nPLq%|`FGcb(u;JKFcU7d!kHK?1vP z7@|$r%wKWdPvcC-~=}!29PTYeIzO#9r0zKmC!H@6h!2W;cm^{(5^g+96=co-nd1?eJXpQ}1j16t@YrY@4-)@DYM1spIX^Y+5s4iIYVHG^xDT;=dwvlpNDhL)Mf zS6ZWbC)#*sspuH)7P3i8xM-Bp5rK8J(KF2lh=~f_QuVXx;gE=*`&1#h8#Jq}aBQVn zFAycKtEE1CJG)#4sr=G@yui7BQwkI%xPRPoQQ52;etQB@*WmUQF6^_VC#1**Y=wU& z_LRUPEb%&}|4p!;*DWCpV?3+7$ToCxG_!OlZL8%rM=}pP$uI}Xw%X-gOLm1+@2zD$RLw9FQRrndjTPmi(~$ifJtWanHsAXDlQzTB*N;2# zQa^cIbndr7*Y|yJr|bP-v3E&H)gY8p%H<#H>-~$#KsUzh<2%Sl$=AdT3$#PAx4aSH?k;y8Xo9e0o=fh7+A2-Bps1)k605;XA^wxk zmV1hi9$i$5qrVrp$&2>94Z6ga@#F+RCAM7@GgEM5y0h_!NGX;5=`Nx0vg$lZHL#`SM0S&{mU)jiTK*YUzHX2PF<2m^pvibgRG#`X zc^Fx;KeGMU{bxK1;tNDS&)|--;O*uwh`a(djqC^XlJ8h5QZWH@gpkOeGEPHxQ;+Y3 z@%Zk{6fFdtt;^uwgp*SBEt2n_azmleTYT29w%ZkstVgfLe7zH{&)xLD=z7brHru9K z_-;!TC{UodyF0-tPLbm7Ry0T{ZY}Ooyg+ab?oM$hP+U_qKnNCGcX~hX_r3eav-z3h zAaKddTC--&oPVCSqoz>&=T87#*D)C3I1-$dztaA$3Uf?E{X+|6p47%+SQN2-w-@Ua zk5^#_uVu=!ckyM?_<_Xit-I7MYZSi6-<4?od%oVEKp_>{MAZpm84KRwRMwSq87s z1W#69682b!QF0;QME~@qDq8h@U9|f3wV2`g^G;EBh4JSY#J>r8Z@cdW88EY1I_1!^ zzXp$I05(zJ#f`l+XW*n&%7)vGNBwR6c)j%P?qqF(26>hmS4uD1{(8!G# zbFO*8$kKNd&tkc}&vrkD2_H5~jgtw~h*9fWp=f0qk991DJWe+uwKD3YK#s1vcOI*5 zsZcjp%tU(S9s{QiIvBxseiS85?x+a=2WuTQ@Rb5J($b=XIxW?I>?9b)B<6jkW9(Ik zAy8UU5(aPbaoIStJri|NSDr;I9Mgryk(8|M zg~pP8+pD2DhTv0dc69kgE&;&0{jf-g_|b=$%rzWoEV7qaCjEu|}j^jR|%!A>a5LJGQ{Sfg1yM_&w zuR>Z}VXe>1AI_@+hWE^G`FMGU+!W;HKgi369~Aa`2>-WY67`vzjuAb!^zQjKJBH_d zz*N;S!PUfE)8wVE3I|1x*e#CX*S+g~GUuxtT$2N#Xq86)kgB(&y^UBG`MYt#>mu%N z?!z*}sC=4o=LfoSpyC9h5d3Utf_9a03~Hit)R@ApJaWwP+8gyGFWMIV6VF}&))q!e#; zIMLfQd@~2v{sGEiqtJ^d8U=EY`r^ zva(ohGev!eLd29!YE{Xzcc)v4D&FUBxlseJ<%TWq0`4{`ta64>BhlN)BzmNDHhfSgr(DnE%FB1Wlaf0dJn-7&x~wS`@ZN~mKRtLS@e&on1Z)1cK%$br z^}!}V*VS{eyJIO{)C((t=Fm4VFtWzE4~JXj$h*5Y-UJV<1w8r@IiF-5`O3WzY!2k| zjrj2TM9{?V96uD3B=j$l^|?Ik2Z{PvR#E54#r#bn7wo^aH;&3GDw4CQIxPlc$ru?K zRW+W`JQz>;gk2d(SC63xxC+rP>bW{pVG9v|Y(Kc}%VslZ{DZ1YzO+TIN%TQ2X^W!B zH9}FKgZhHuUnp7Tzy0Ka@xej^rzpMGUgrXRKZ=3(2>fQtVqE>S&Iptv*^A^Tt)#USd6qEW@i z`b+VvC&u1;bbS5dI5uh;8Z^%sq(2P3r0~rt;=MQ><)ERWdO}A>_ZNn&stBq76qt1R zU!gufL1o|d?=Q(!U7J8x%cz901*Hi^#Y!2|cie23Wnk0rH|)06Se_*@5&`ENQt9Kd z3&irtjD`voYP^|koyz+k!LRaIr#Kx!;eQBdP;e9e>h=QB+x2kHA^7RP@ehRU7%`sgb$e>`LWXU2Hi_2%daH0GS}9rr);s}5?ep5;FG z7I(#-0AmincRpRegJezg`C)dt5HX!Rp%BUrEUXCCGGW|NFWV~MT zLT0aAa-v~M-kOd;EwLPuN)zD7sI;N%_xk-Or4OLY-?*0f?Nm6q<}+qeHwyw=Ltlk_ znz6!{Adv@HrwIZdcVacN-b_E6baNOv|oLWOo5ibu__9FxR3{M3Z_TPFNt|rzz zq`Q$x<9!1ey;PAldX3DOL-+Q1W1;7wLmoPz%a|B(w^wM~R-WZ{wE0-!kLQ*h5b*%J zlsH($t?BTkxR@i?cHI?QT>Ex<>23~`VGsI%y0~3dc?mP%Gh*UC)u^6p<`$;Bcy`!q z=#nJRmO3wmGkZ@nkzO8AM{L(;zRB{Sk!LyvKT1dNg0vZHKpb|doi2Otl(j2aC#RA7t0P= ztx^^9r-b#Z#@q?d78J3vT#i-USK@GW?O}*gb)69P)zlUevJecuR5dcMl19DkciY)m=EF2q)bMUTLXUpc_OoSWMwYVvrFpyf^HDy}hvE77w*AzrU1UIM z;s210rQMdU9_^|)ArCyNunsmgtYoBFGVyeDcI=FcT{{yNG`#w|-JK;q|IX63&BQ77 z3~6$H3CBH4%6@*u=LiMqrBlfyrz)9q0}NaH#ACt&v8*Zp-p#j|oKp0kS>Jouwi$h? zUvnkAPkZT2y!w$IcZ^2LOu3n?hB@NtCxnt-lpy6c20HhBss+)sdDJ42hgw2<316%{*^&n~Swxw7{NtwpnK_mDl<$ecG9 zr7VMbZ6iOkLVho)TZ$7#g-?BU5%9ttocClYPuTCU{O;yR{6!}@zqPS-`{ii80t4{n z=@0K>Ef#zdrJ6>=R8*M`J{(pAR7mapKDYK0*)IBhS=XvfNeds-uQEspY6GVPSPRoq z95|Ed@!N_g3ZmuegMOYn@|_ZVEj$jY>{t~-LuS;4Ut_ANOtU?e2&Ngt`ZN23_wHeq z_HMrhPg9d%eX-o3K)mG@$Acf0vC(Bo=KqNPC9Cc*O2-XV3^E}+no6VacgadK(+d<# zQpq+4)FI|KLF3Q^`3|u$Bwh}gm2SO3OqE{vklKwP&xxGiWUrL|QA!wh{7+MvU3ng* z4lU}22~i?>#n>s5H|J`$(ni5n5@Ka0pT4`*d$91s)LtG4+o{$KJ}K6qQ-`BDAEvT~ z_l0A#RlQ9QZ?*!CmkR62W2l?#@XVH4jX4Ra#zCAiOZ0TU1^NPYt)!CO+h@Q7Sb?^N ztlST2b8H}0V$|cH@fR2R2bunM=JmA_GCMUm`YZmyCQ0;^+CX8Bv);R&mDO3h!8r+G zyS^H_m%^m}aa9J#qYUae6!?+xIaLk}4lhp=B1wv`9Pd=6*&54E$l2xHRE%3~$rR>G z#ldnRj69{e1%@mDqEmWg60N0MAsjH5-jD-J3Ti9<$KP6*`hOk@8LaZ1hd*7MOGW$P z=Qk2#d4>gU>3@PM>sEzcATuWVQQ=a&hf?|3p`g1L7aV}xgD#fsYWr+VxlEI?|6lFE zYyO(#aI%t%iK%E?^ksG7&##C`zCF9laK?Y?>JlE|gu%^6-2$q0-c0Y;IPqv?V`Q!x z62dcu-qXlp$eab@R}(o6yd%=xu{7IuI1e47*a6J257r!YSkgk~L)$j7E66x-vl zK-L|vU|h0CYM<@g`F(*QZqYziiT?Eq_g4Q@$;uvtN103BL}S}O$ThAly&XkPi5PW{ zzAv2T4q9WtHiW>C`<)o;R|E8MCfX;h#EvLv{>Y6)w zA?cWQtFlTK*kPT%geV+Rc3-8X%ya#eI&NL7R+-{d!WO(6M)|O)ehJg=0u}5`>p3d+ zDx7qY5ab!& z9tia|VrQFl_|yG%L_Tg&LK?N9g2MPL;w9(4vVLTC;zKg(&0^weVLqSP$_!T>FJJeb zSw0Rr>MIc%0<%anpabfB?Bg8L6>!qyVQY2m*)j{`ZI1QQA!r`zP|z=ywjV2z)HEZk zsW@Y5M2FiV*|q`zl92`v|N3}X2%R<6ul;#xYfSP*Ng@2VU9x~}4gRlI(2VrR&!@6GfUX>4Z@cIrR+ zY{`oXvJT4-$R^%adrvD0PR3f<{)Y{#q(a*4v+t%zj_7FXbANW9=@Ho|oxHDYxtWxq zLcm3~kfHFm$16I+F%tmsiJJ>xh}82@Q{j@e=qS0lQ~uyUo6$nH`3sqRU>QuS)Zd%f zHdEy~DFkk>)-s|>4&*gjHX%7pm@?#`H}5cJl5wkma8ak&Q$H5ab9R~e;|AXiRIR$B z?6>J5Yx`Q8J~7rUZ0Ln;nm@I7PCILXM(M*hFa?N+vT+7Ib=MM7uTTY^J$2`AW0!3Y z&ozo8?keuRu=eQpEgIe7kq|doS!Tfj@x77B`>6s#RuSY++#9!r+HL65o}An9#g!Z> zXqGQ$?wFm1*pR-Jytk5(jJ43O|-i2QKS4AjQ41t@H8PkKgbZtH6 zgaOMYKwJ$OYaJRnQ6uRS#C2ztWXCh1BySQ{)w5hQZtr<2GVfE|mB5R{Ftas%4e0dG zyMg`=Ow53M0e-~{@VpC9vDcjdo(LVNRrqsm&5l?B0MD;c?iK=V1OI2sKL;}#?pHOQ zgGmoKoLqqOI=_E54^B7x^RWu*kWU{%CM$=*^8i2b!g06mjU{7Nn9qY4&Sn{yxO@)#tLc_WB*x&R+4>T@t0xn0wo|VGp z#AtY+xB7+$u+PgM!-0t6G5lX&W;*`U^Dbd%k#76r$AW&cPQ`htW=o75;_MSQDmVI5 zpPP$;lb|NI!;{WZa{%JJg#A>iq=$VNn=WL$cV#y3zx4jmkUsV*D?M=Kyl}{FrkVZ4 zA_X1|3)RyUv(S(k?kb1y@9Wo*6+8yZZyT08CK{+UZygfN48kE;uj6F)vm4y}TSE{o zANfa2K1m(W*1>pg(o8{kapm*qi)rZ-KMFm4>R^s?3w+e9qdLUpiH0yWQT|R)eq5tI z_30xhG;M0Xu70z#OU&I}#H2DS^<#KM{V$Qpv~-)|!)jICqp1mm*2BZYMVqCbps^k) z3lam6KtX3|mfUqjni_bA&?hfCB?2VKm54OmI8_+VcR8GisIl}t1*?!-v;YIwk*sOe zx-raidrR&bn|xXe6QWnaVN|LUnc`;(9b5>Y!JI zIofz`_Qm-(Xhx3vr>A&+DjRog-$ks^q|{1;Nc6Ilx7S|0D<9@ z{JS?%t_eSL5K*$rnh@}BV|J$po^ky}gi&^_GX)Q;8k6qDr9+?1ZN;%0bZ_Z_m?8-8 zWU({m04*V`a()h;!Wm2mXt!_qcB=Bl%)j@Jp7A=yB#7%*Gw@TXj)@<4^=UtCFs8;) z190~NcUkpwEgREG5_AmL?EJFtQrN;pE1Xzd|9hUCzR;mX{JFm^?yaFg+()wt&o3U; z7uJ{EzD4jI9x~U?`ahz*LHO8_dssJZl8Vv}X>dh&jhhyT*hzn)%U(p(Beai_rUVOP zYJ>+~7tgD)eCdChH(5e!iSHqqrKw>>9WzWCI9cu5rt$5FZWn)wJJU?JH3|^2SXE=sC|OSK8ne79xGx@gv4( zOu|v?zhj-cZvAq!C*Ed1&2~Dgl7jpAHs-E7;SGM)mBhV1cer1YKmi?d#CZhH^}zxE zywb~}tlJ{davh)jxIYVFS$3N9v!ic;D^OAW+tKcghflzo>~0K^vNk+pVIFM#a^LN?zOr?#;>#U?nybb98KEH^wFC6Kkt3C!CZyY zb8y4{yMd5v<(K=xNTEG8wU@Y9;H!+708nd6tWh}vo>B>Y)Q+}7TC`X7_xry`(5{_# zWiQWl2L3IO|MqFl3GZEI4H1DJInVg4WEh7yK6ID8Sy=UmR(hp8bPPQX4rin!ONU?# zAey|qNjTr(OKz0@s4YVjT&#jq&8O}xX|1<%&EsyqxDx&V4PA&(eM&slW`DPeIsask zog}hP2$q^tw)T43lcfja+~WyJYG9AmlDjh-yj*Tp=%mHmXF+w-QN<}mCFGe8hW_R4<{-`d9OwBhejvo+#aY|jZm{w4l9?FcUVc3UZ|!`IK#=@%TYG!rkUpZTl-n%Yk?v+IeGBi45mf`t zjMTDhb;`@`u;5Qdh6*8ga0#sWI+?(_=8k}*)kqO5wHVtwgzm**e)U_|yiWB;Ocv%# z2jP=Nz(Y0!+3t6$Iv7jM>L*>ULw`Dgu+w9EY!911{r)$l$ST|0-Zn~%oq9?)kM!oT zYL>|QVZ?TknSsXlrslX4wf&cyrDAB%bXHeNQ~tHPOp!GcO^`j~X+P zHgL6ss*!&EwK{X7WCj(C50e+xO{nCe2;=D%GjUJ)gL%EGuO~rgt7r?0*3Z5JsMcCA zJ>2A4+u5XL4;T&nNnGXMLi-|muSCDLu)aoh^GqtTU&F61;oWvsL9H541ED`nmbM`s z!;(D}n)fC7;EU##lvmk7?nVAj+Wms}A{8TSPk=9zS3bYDWV_f(nCMvY4{%IqG+t`8 zDxZX)>%>C@nQ)lqn=gDs9jeM`F4LQ8x*Min$Wroa#E`6}hdi&7()7hoWDl@7Kl%d3(zIsZ@o?L4)_Wt(BjO{V9nkM0Ng zb|2mfm*rMW8;O_Q^C!2AU=zEUH%7MCF zD?;ySJN&a@SMGL$!>*x}>!0+h_>=bjQkgL)Z##br^}#UK%dLGY^u-CYs-4r{vU5pWWV_0H_H~?q&+;UE$uGCXShgtJRuPzw5(1-!;_i+}<~bmfkD7HguIrcTVeVC31+a z?%HQ(@xON&oi*5Oy>@`~&4Uv}HCDUDOO!LVZ_lm?ff*eeUXu5RPy3V=LzM$y9isiy z@S|8>Uc*L8AW%@fxYR0R!9=>-S|s&b*|ro;R#6UTC^Z zhw+BADKEnY(o!U-`yIc_i!jQ#Lj5)QfESt79-;7H6AZ_qGdD|IssSk%OTwE96HSOp zHfay{YUzZM1tlAt;t1;p!0rM3Srohw;W$@2IJb@gfyXCacFg{x;#MaILZtENbYY3o z+r-V7lxf0Zi{&@L0RcEGf)?mro#)#McoS2ua!0`O3W&A2AE`4bZ!asTsG<0kiw0^9 z(J0@la7Txix#^(XreC$U1eHRz>R@I{m=3GrK>1*dK}74@BkmX{K^n@E;%4dYx_kuw}fyC5Z>Z&U*`^L zZO!&rQcHRt=EXrYD(;V_y2b-?GQQ2_X>zKI9*i{;tg0>6xE+t2@voa{;%g)O5r1F% zyfOMK-qjhYrJiB*X&BAffS4Rh_178J=A|hwn8wmWGYu(n#R_l)Rq5_zmbk?{aS*TC z?l{#t5~-hZN8N|{DueI{aYsehP1n~*lJD2b*hmuPg#+5YwZuS^u`^!Xua2V&nXr`azZJ>zWI|t)(x>R0@ z{SrWDZ9^P(RiVnTraoWU-QU+r@el$d^!eNYp^`)`T^ynqnNZ}i=Y!66D2>n`V|nxV zlSA$T>9Y3T@z*}rBtst!!ts-thb#8(#%P|kR4trrtl-;xwJJB_*a5?3pkEZDmL)7! zVmGere3hXyH$>C$hSND|DKACqsZ;v46hKyDG_2CykYgs+UZ->te%asT|A8}8WnzRh zx|zx-*2l){L4XaCI#_N-AqSLSe9JJ)9|H{e861hut>5G zJm9#|#B)E0tnMk!JnU~K^F@a8&tBT-k2pnpHFkAP39LFl_`v)gQl?|C%@JuHqQmW4 z=gMr^_K0Nw8`sYByps}TGFSTG;L!ClCJ;j)pc364>SVf%BrFWN@VJ~i<46A_xN!Tk zMQu?ETctNZPq=6%bpbjvF@0+YD?Ra?wz1mUqG0ebn)adKSvtD)MO=!SblPgHO+Fx- zHvO$LMp64$!d6nnE`PUoE?Z}5Kr5v53znWdRBHKNsA+8TJn9Q@@F7~Y?Y_ITh5u@y z)`9Hyvc5t`mnvbonS$`!L%kdBJbVxk*+I2`Mm>bboX~avqJXXw()^e%;l1nR>Lk(7 zuNJp&y5VBE+J|1UESIba8ts?g2h>0jf&jMjrFpK=24GfBV}myT@N1W3C~6(drr(z6 z>g`fmE5pUVR_B?ZnN;?3$4s_^iSB!_{R{~u?U}3_Ph5D(xe#}@OOj~FamxTD_V}Hr zlFm8T!o`cj%d!IOQ`6-=?+uw(l2y}Pi(d@VtjXL7%n~4&biZOVUqU}Dn9?HB6Xi@}L}Lv2neP|EnajT1|8{1eI7{7a%L5F(MUk;Lflh36hd z+H&#St$RLu_P~#)P^x9%419Lnd!{!9QI|RJAdkP&a=5Fyk|+Dj%s?aGuWUl3dw)24 zM~+fclb@nOLM`N{#Tgpp%#zPY<54Z)HdLDv+4n6j&V|WyJ+<_!^LNj+P@8q!EsePKVs7kaYk{Jvn;oE2 zLk;JE(HOer(oqNKhlpC(5pdEKh}(0h7ZF_qO4+e`{(fy$;FWYW$KswI?E7a7o%|RF zmTn8`dJhu};%gV|QQvCp3VW*A<(!_4g`IS}{htqvW8F~4PI^8Bgw6C?>V zpR>7D&fg-GukHy-z*D_xVl5yh&JPcLs$%Q)G0|WoS2>#>!t$zM)vBnTTC*8sNAv~X zQAKrAlEj;MAz()11!fEV^V0SGm?)}O1%eW**)Z%Kp6{ea2<$B+9c5uUql>6QrwU;a z14%$lN5Bzar*Y?qL*hmm7w0~FJ)+{r>y#mB%MOExyXQbAvI3e#6$`Fh%lwXrFN$)@ zSjD$07~kFenGNMKM+HgH@;=67>IF)`5MO9$W3e! zZnYAVw6+9(KzkY6wy&U!yQR@WGLBfo8t|1+G(i{)GA$(VSckweNeLrMEcrn3Pr>#^ zDsz8g!t`G~wf*>V_L2~Ja8pY_@)*-b;N@+Mu#ngtH}4C);)J9i+kkz1;~8XHfVm03 zX=bW$`Ea>*Qgbs*9SO>f(&_6cPW#ZyBN-hI;d)@eB`uliTmCiZ)Cf7pO^RqRA9{^V z48tsUOX<&E?<5h}Dx(3mXxMv%x>KKMo{iMR?0!2HAY9vU z^#5`lcmGZM{%1(ym)~Et@zl6h5zkNjgOumnSDYbx>=Aw?&6wWxlz%>UZiHUL5R2Ca zl@#_n|6{htLyKMID_NWxt6p|>nRm&o*0~7~D!I@11EF`AQB~Nn%1awbK_J!#)uJ%3 z(1_(N#T9@M7v1aRGWAITPms`44D!+dBwN1d_~pL++)aS`pri2HmbP%r88pL_hS;`Z*lgd$Bg5fh-m6->~`_(wJ8ut3&EYNhA@n0h=v zRhac85op3QGZRk1iskGRNefw-k5YS(5G=EYtLnhAQqi({V`Kau4y6X~vJg$C_29tw zRN;Da0#JKSvGfrzwdgg^UAL8IEbhND^KlEZ=SXwc^+s4&*X1{kl#1Sy%x-&p)iv3Nf4 zE;+m&rjzIFCpgkHlXu92@W@%KMxC?@?P#4+-UbO$hi!uwl6H50vWGBKd{d*jA8KE2a|MoR{t^&=aW4FhyvNm~2F zBCay3eye}wqxj6qJZ(FItF?KDu@aOHHH!?Hk*}i)mPQTn$V=^Rh9$^YI2xhr;WatNsCVbCLsd=u? zk~Wg;%y2ukPUdBn5=HAVf_=5R%Hfr<$>#BBMZ*g0s=8)~+yUcjbtAQ7xKFf~`_Pz! zxL5Yc-qsS7fv4wJW6Y}mkVZDSCQ5OYQ0-#E+C!26lo0z?VU36*R|(;f?txq3HUR%3 zJbHY=)XNeVYw(L^?+ze*IyUQ8#5xg9o*-v`8u}-zE9+Xg?I>}eP$WrcrK@i3X`A-& z@=@34{QE$It`)ma!gHUYN5$XW8LH+5qpo8(b^zTo!?1G!mUq*2HD9z!-F-Flv}Zor z4~EqgXV4=WEE=G$)GvKjTzEojKawo#s9ye0d&S+=6mCL|;|1jDHNjB%2f;b$Ql4KK z5nhs*_3V0V%6sOjWj)or`T938F8isbF{#k5Yf!!DPF$!@Oe}ei7~fJ_%|;TG(`l~}Ig5v3h5Ru_J1MFT=|3%%DRs}n zB5qg4!l^0i5&pC{(Vz8Ihfezd4Zl(sTvemtsjl&NVj@OsNt@t@t^O<3+1=h6e7Z{Z zil9t}7hiqTdQIKjM*V8Z8?|CctTc4;5dj{X@9sa^R{+cSyPef}Z`&L(lz=0pn?Ui; z`V9^wknODx5b&Qp?&T(}gQ2_Ys6&Q@pGEgiTcR3hMvwb8We56c?ETo7QGI#0N>65s>|J@sYH{^6$n0h>Cmo5GdK-oF(v(b|`r=n78u2J#My|0wo zsaisclZDkxHW{*CNv7NGf%%*1^?Hs%*2VzjO(qrkv6~U-iGyY$1MO zKStAweQV0E0B2Ual8#mY8mnIZs}yJnQDx%MC_e|w(otJz(f#d* z{Sfx-OXDEzdGO`i53A`eQ2bp8`cb{9dg~e%TXw{?v-lm|clm4d1tMdvRAOy1mr#h8 z)FlqqGWwn>fyvWKir-fe>IvhjX35v_~Vp}lMRprz9n>jFGwYUj6x9gJ*3znc(J zY0S%<{g=J04`L&Xu1wb;-pVx zJZfz>ik@(9N^PFsQ@`2!w5}xa?N=Q^vWix~^4tafj33v(V|BZRoSy&OfYqi3z2yv7 z-c1Qsc3h7QTO1Qu)OuGj%o=@M9^-V6eZU~RRJMpIRk6>o;>~Yfs{{GHFs&vAvi2X- z6678BgtjZF6ap9A@>Jq^b&ZVpUgp*)We`uk7(GbVZ4r3!{u&m}pqQLP3BVmj!l)dV zR0~qwl6P!{*ITfhh34nJ%s`GD$COHZDM$I6t9)g3G_W&5W@WbH@f z?YO8_+YNT3%~todfS(=~1D^}3VC-HwFR1=m((#kT&Pb0taIKe6^-x!}7!n?UhL;P^ zdVY(J(fH|i+IaF&C#y0B_9Z6wGW_%3@Bl6A)ESKSKK}8(X?%?{%t2{oqM=f{&DENoct4skLrnOP*jX`Z7y7b zQUGI@80b9OIR)yWfRX$)Tj$z z#y^{R#apWdi48*ReV0BvBcyp4_||8-J!%_HR8f^$*ZGF-nkBw;+YPxBY+>`W0{2-{ zy#+kiCK@whpa&MI+A!~28Qn;2rI#!GYiGqwV*kA20F!EqdF3#JLyKLeX9nk0c4BOM zEwKtj+;0q}Fn@U9ws5^?X1#Y2kd+>wy2mH6d)pevo5s*jvw2iGa6jPNjpoWTnA0_I z&i59A_4)A$VvJ0vx^pnidKuZ^+UEp<5m6I_3tslFABHRiKUm*41EHO^B*G4(@2S1# z)K#hBFH!hF5#;hh%9Lpo-Jzc{=RwWqX-lXXgfV} zz^$ivuJQ@`T4)nwU`5W|fUKAvxQnwN+=P6dTmzWGq zi_=^+4IWAE%W6lh2>?!vxv<&hs$HsaNM)vfF(t{1xaU)(j6wLkQ&#AVeNh$LU#hMYro_4>#SEik@t$cRI|s^sxZ<8Ki(8G+M~F z220-E&I@vbAi#AT9|t0V%;KB|CzI_(jXLkli^_iQ4>OlHQ@wNX;E?|8_~gx;=9A5v zw$WPa7%nV6mEeYC%!px>y#nRIE67PoKaEG`f^&a7H*3D^VU zrEV{j+dQAc?dc**Q2h+5=K7AV@7==|Kj#|nmB+c(pg1sZ4LT+G?0d*{wROg07-bqq zH(Hlhh&!vYGaDkxX4Coa^7WR}8$?NstethH*hSK9~30EywgP#*63hzem_W3x{ zd2mQ3coY68vFN;iEu|uhFy=rEd6@8=g>|ux3avV?XtezcDtVtqoPK5rNPL7d)sia=<5A={F9z50_C=c5z=`G0 zA(2?3Ds6*F%N>pad*<=?eKBP?AM7p7E5J2WeTl{Qd}4EAw;nZz=U)#Qd*ASVn%PDe zzggzzTN?~Ca75R_Px_=;{xQ{pY}m7RR%BrV=3CX%8DyuKAw;uSeDlSfeZvUT&kqCe zHO%jz1pYRTn;o;scvZ`>Z9(-cp%}VXy=-iw)ysY0=6NcPJf>&%f1RcHSfkP9*p`x8T25xMrJMDYNdbg)h-4YvOrY*AX&&=fZu@F7s zAr`EcDZ6ZKd!(JmIsJI#y^y8HxS}5IaK6@9+p}8ocGEmz`@By-%SwXEA7@Vp01okcEZn+mEbFnX+3;udarsA`ZEjUNAe**!PPy0JA3cQCH#xJe?GXbXTkKZAPnwB>*u>&Dw0!g`Lg2elM&nrL!arz*rXNHd1-j|G&Hb#9=6$Qb=rPM4B%FwLkgw{gg zaHSXm6J~3&yxyzOScZZ9*GoO#i*9a#Pw4Ddu}XgZdPRHBl|MdzhA2C-MR{XqVr-sC9HH6jD1sDzbYkg>!4TxoweB+~X%iR?)LWcVn}B8tM+}BD)h_ z=6a*Ltp%8Bj-9Rj^PD!+r_mZ-ugd@WcZ2$JlIa=`-63*~_rcw=8CiHyIsfLs#hQ^m zczohm%zd!%PwG_Xa!*MiLN~i#6TIGS5SG3KIV!&~?ON_HQ<^?aeC6nfNXk0}8V4NNC>;60s zou7WiBX;b71+fMzFk54;>Hauu>6V${ z&_Fq;Gr(?+BxUbfX)Z{=lVR@KOZ2g#lFbdk=ql`qarjatRQF`Jjimum_pTqV({rUX ziLX`JX~Oy{gVva=gq??%bF?W}-_Z`2KDtesKDV(V=4bhGzUsXz&&O;kQ%J1In`tQ5 zCU54UXvhOI!lpkgo#MWBro|Sn|M=W`>bByzYba3Ro3MUfhZF@(w3QJbB zVtTIa$fIrm>k8R0Ifs*+tO3lCWV$1E`W8#U4ogE=> zsa;7(0!3}GZOgk=)R{bS2s?-Y8Oti0$tPHm)KsBVA`K?)KJVL#sJ7=E?O+O$#l4T* zCO@pGfE}Wk-TP)7I{C0*X_bEx2aMB;5vxUu#(cch^CN9Fm9R6Bw5lu%b8$;5t?lbC z0pj+aA0|M=D0p1q{umHKOq zV;`~**!(~WFYi+vxAN{`d4Wu;g7PQL_ViNVlT`l3s>wO}ZKvcCT&qOyigsi@mu7Lr^sd8y z*21V2k9HsF5P=Mx-bgGcb^H*e7eQM{4$IT$tI&J9psn@GOjnGb8Sk^srh^>5wg@*? z8Q=r8Q1RCzU;3li=f;?Szti)Xfhzo0-I|IBT*+y`}L0KhAky4v!G;;#g@<@ zq=tItKzba^Qr)deg(fwBI?ikq9$ZhoV3ZA9AiuE&e=R1Hv3;%EEZf1bPk#`Xlsf_| zDs^4f_b7A^8(}|LVGJe8Jza^E*yT(v81||hdTbHp!JsOUSR;mDzRwR_X#j2C*uW|r zOj(E}rGI^Ce?ymnf!QLIVKZ~L{BGuUizn}$xK26JQ1lV=L_}eTrs*G&)e6jd1TGO6 zn5`?_9O#XAn}OQS=#UVHYPy8XC%U+*=7Qv{)K%(h12iX_f4A`<`}meT9_Nbgh4#kO zY<0JfKAOzPB$-ZK!celuss=p{%KJx76gl~EX>#{+g$5=!JjCQdvEuFZfz*15a)hU{ ze}B|9UWB1|6<`yXR{^UPXpDg+H^!`ZW%2jPhIDg}SxY_lJOmUPIGQ~3S+el72%AsX zrXh2>TTX;z4CtNT=Ooiv(4WiQ+hr6>Of8<-J$=8W-GbywlQPRn44*0P=gNboMWGyo z4xY7?&jYV9ks0iaj8^m+?uKC59sSN6Cl+C5W1x}BGxM%=*-)whH=_zn+hP55gNh(m zr`IXA^V8pL<{#P@BRS8ril(@l;g4r7r4`c?#5+7jg4t8g;l4Q9IXOLbT}m`GTMv== zT~o~C{SWdu%!Y2twVh)Tk+V@tomer0Nu>2hybkPg+iz$e8Ra^r+1U8dhU~1O2x}^= zLwi`gU4|gt`cmmkw1#Mbdrw4h^5gRDltYRQf6M=~Y<4MmH@iAyKr_m3ZZg#u=2&b4V%}ku>kvmS)(WKg;~{>zjygs_-|a9E&DiT&uR3X8MCxR!GAM zXAOn4g|sLn_133AC|=s{@Lez0(qQytiLRTYeUMGb`@NA=(h_eb+^CiB${SBG1)VA0 z+v(lk#Y*Ug-^3=Km*}QMH(RY)qjYt&f-3H<{AZY5F&k;GFU8g}eplXr-XlqHW{&X` zE?PT3Y@1PkkaZlDzW4AgAi9qcoeTf+0DgdPTKV0S5^rrg+U)q+OGKSpqdL2YqWjMx zDNYX2x7fz2n2O8iBnu!B+1-+RQI;3ea$r6{*!r9ghF?s*n?9Dg&#zlUK#0w@Y6E2Z zI_Ho>(1U>Lz8F2Dvumq5H)kw2`LQ0F-SScX_Xs&xqDWU?ERdyo*Aem?I6*QuHtp}E z@A3e`>rz*cdz^5`o=Svh6oQT}G7a|IMQnOCLPG0mTE4M}|76Q}mE{XzJBqb3?sjb| zw(eyfSZ*=Ccph->TRD&gwH?(Td%Li9He-J~z2Od@o7W%<`uk>8ra=q3J`2qEOVL`k zNOsNbnV6tuzGpG(&tPT>Q2 zlseJaYL`Aqrn1k)9fxfsg zyXEq7i*NauXL~R9^K|hQ_?>>yxfzbp#PuF5%18fXCCW~cYVlyR|+rf z`ArdK(TBOQP#I{%qQZM)G#{J(v-T-#2geh1t=dYoJ%FKlhr=OF>0w zMelPcdz6C!(had{Z9ZAj?!@8qudE>Ru{ZUx!uf2JJ{h@&zEmR)t;to`9-a`TyMj~v zC(AJJ@W>jW9Bj`weO+*3Z2E3Ubf9|+aW^l{2Y`RwaJgn09hd_LjB*bCognj;pS2>aKlyO#$S+ef7Hc*Rou$``vyOy)M|$=>O1GT6%9?)sALiaF zDy}YT+m7Ha!5tC^ZowT23BldnU4lymcMBdIf(3VX4Fm}8?yiN)w|T6)$J>4KAN`zE z6(gZ`?OJQvn)A9%s*75wzTBI*pkS1yZeH2Oxz%1j{L&3I%}_L#{OK$4%e}iU@)J)U zZ4IQ68UryxdAtNm;z7OX65zuSONhrb@#+Uc5=)n~=dK85YI%E~yF~2a*^lJ+9m^4H z+l=4}*kl~54K$+GxThbqt_B=i5JX4bQaH@<7Mo=uH98FwT0e0-BGam;hwmKU-BZ?5 z*qTk=%$N85_H*b13%8*jl{luD7=qpnX ze2Wyy#mM4qEnh-X=`%5dMx5R3w#T!*UNv{1*o_?nD2k! zCKx7QG3v)-d!7;2?*3z(x6W#oTz90lP%(dCn%S_oU-g-7XRgIS!_iZezdlK7YxZ5X z3+eB<>g@J+tvV40$?mEskbP`}wWwLBK!7i2T`9j59W2MZS5D?-rIqL^;cM*njs{by z?Gw)#)5Tmm*p%8>nVu#4LVS})5=Z|aig#!<#2sdfLmT>>AbZL%iuBK+<1R>9{(qfMC#hAvWvl z1xsLznMU->Hfb3RI?(5@zdAvY+pG}UDWw`kvP4(6NlvT7KP~#Bj7Hc8pX%=qW-oH zwLmZeCzMe;_AC;;DiH{tvU@`c(vp^44ZTGsRQ>|=0q>H{um)hq;>$E^tzybd=K)s8 z=6({h;RY?xx#+TS#C@rUZ1q$s{9qqrAuKV2^egF2b_8{H*fPOdbd_eyzb;cAL#4EZ z=-PJa=Tro9Z2e8|C{X5&sN*Fp z=Od1&H(qQ@#s;o!dv76dcF5jJ(`VzDQFz2G+iGT5+9BI}NHNJtT-GdDW&`!_x7f+m z`Rgya$4!p#hXJPs6FjMQ=}IA;AE^kR4dXi^dk!YJfAD>Co$&ddR%K!n9EUVQ!(M+b zkye%UtF{q8YjHk8aczOK&~cwzBK8eF;-DSk@%Nf)J~$b)!ac-6`C2)EqtRmoYPrx= zOfeCaA->_ywwWNi_Roc>jpp&+5tHB`FQTQIkxZj-3iVf5pY|l zul{?N@87rR-ya(T8F1hn_BubELc(=dehe}O+}yX))OZ2Hnj{bW%fUX%V8v&!fi}T^ zzvcZI3|MgF?yt~=NGqnr*GN!x$`s~pjc2JOG%7K0;@S!nfOl(T|L<(l7y)e>G^3rg zSte~3V$}N)BP9N|3`y%IAFq)v=|o5@pYJcJp+5+iP6Ypp57?+g+OI4dznYD{EPw2~ z9zpUA@43lu5#@hfug+f0Cr;TGz!Ln|A9+LVAL7yFNCbfq*O5qY=(Jej)4n9g{M#N- zZa15W&-68YfW%P`D4Lx9q{=9uE@3tMP1<}pX9<`p7(l(v9w1#6QKzi~d?(n}r-$S9 zhpXj2RPeP(yd-FXwOl-U#o>YP|E_5e$W*g@-p{#^SO|2|Ykt_KhmvN!^(%R%!I26d zAHUpwT};b)*4ScTmJI(y$89ryXTFZHH-aF@d_1p^xNdZDiOMTs9TwJ^J#8L5@1 zum$}47yWO~hXWZVDf+Qwo1@4QwJdf<*Le>iQcX)`jb0M@mvEJzcNKo6aG-I!2?4~G zHOedWNJ1{)ETI7!AZXg>kfLSfLP-DKMgRGjeYvaQLz+LbGO;_(>9+Sl#=NU%J0nO} zn-wjL9Cl50u3UnEqZMbp_ll~xWOgs~e(ZZAse;ha+AKNl76+gRiukoL2!P zV;8_TX11DPT5w&Dut53GYyRg|cDvJ0VjJS<&OZYHg7T!2eV=c67pg#a zqtpJ$X&*_BYMD+FzZW+QGXD3i3t1^ySy^#o<9B;|d%u7GCVl;p|7HX89>6E{7$<5| z3aEakqNE%!20*8z%VGK>>3k9r64AS}v$HJHzZio@80hKa&9n2r=1pz3-W_#qXMh>n zo;qMj;>@3}`vf)|)+TdvA+Er}-!wg#uR{&PVN5u`K2L1B7iFjdmgLP<%`~d_$?Jyn z4DZ{*1?RP@{e57DZC}O6#Du*GRcmnW(7B-)*ZFuU;u+BS4C35aHeTrcZ|fiUov8?L zbGaPFAX`~&>0>&t^R{fy&xD*GAk*vFVGNy#y51qczLU)h(L>80r}iWKhDiEM;wpDO z)Zjg7fBg&(Is_m>oZk1GFsQ`gMP;q{i8}7otv6c)E{%3)8y|0UkN~O0c%k=?!Mn!B z#tz=6Ty;zCMc>xw0X7xz;raRR4p^HXF6U`#DiWqdpqzt8o~5qu=kMWBQTtrl?zB@! zFO%UW&|Wego?fp^zWtjtsxI(W&XaRVEb^vsIP!+GBRe#v1fu zXvF)HHA#xH;lZ};!TA|l8M9AOyBUf_Ya}>~rK&|%R}-`Ia}!uW?|``!UjR5haCoTU z49udawRyKJFc^^h56hfptxbytLYf1+ml3yb2g$B3J5xQj^f7%n*I_VK(?LoTx+rG` z1eo!x%JsWo;t{Oos^RDBY!lbXlLVnOuO+3V;#!n~jYZM=DWZ7EJu2LNAZw;k9^N$KABFTJ}K{d5Gq+Lm2AR3`75QlE?j>KchGEuWB#`_YslVYrAq>U zHPeOJtOqbguK|Z3tgIZrOsotd{Rw_NC%L)#U)xwS@p&6>h39ji&Q^)vEoWF~C!&rH z`jfgZTm$H^jrvdK=G1_}G7|K+Jqg&sqImljq-BCX>JrDbBjo@Jd&}3C^R~?1_pY<&fr9|h(+dfY1q5Rf7aw0ZQCp!#S7{mp zQ04~PWAlP_WV(5?#p9lHwht8#J?_DWZ2)9Bc`ItsrVkJynBe)x`u@k0?5cc#DV@rl z<9@-J>wW>(xj&1IiRlOM%?4li&D%5qtO#Ts5mC_qq)IfSJ3sKYV=O1h6bOi*{ait2)l>de&YO{96$5?@xzoOM!sG ze3C)}O?QM6eS*n+>@A+!2>|gj-1(g)jY8smorOdR{0~7_*LtnT=XDIAIgLnv#!)L8 zX^7LlfB$9CM*QjV0r;YjT=aUML2}$M^B%`7K@{SVdKWvRNqio)2VNkk?q?XVlX)4y zP*k|wv0n|q8Sol?Q#48A!H0e~fOT*Nnbuu@hM(O<0c_K}8&>-@5MYcTk^g?V|9ZZ2 zuxkK>C-Qu5P{$A}2WYn7C3*n8EeVmm2q*JJd8VfA?3g7}zQUlPrQLK!6T)*@_NtRY zodB?u3qtQoH(F^J857M7=EIyYpE0(-Qn?f(2|`Ai zRs#u)%Kl2y|Ib1&ecov3J_PwPA?dtGB0S3(^v~-J$pWp#^I)z9u}GyvLGj*WJI$rs zc9|cqTn~w}e`G{lTRRP@_ZkQho_zuU;addmG~n$Y$vmp<&^wUGlh&TSEnvKqEmlB` zMA=lx757)ISA3p8XscFdllBe2UT{j}0*1Wx7)a93Y@a!(3n&I2P=0WEZU9hx^)vT# z3<@}WaJ$pAc7EO~0Ol^NqJoWqiMe^Vwr0=_0QMcU)T&I7pIx(-!_Rm90R8$okYIy8 zbL`%ZAmULe75HDCajNH)&=#>1?ld7oWG$OsiKDVFsr? zIS@Zn^ohRceFlyLBw!>0b|ipLT7R%=00ct7;$}2L6EQO@NS)q%4$^_y{s6$KIs zIV=IRcycl_p`lUUQIDUs*7HWP#N7_kogwZx1L9W{ zAc|~Uz{xhnK#x1W+0Gb*pbK$-{P^)XP@gK(jS>yRF3kN5z8%llxF^qi=7O>?iCdvE z2frXh*CKx<4bZUj68=Zn$?XBqrTTYS=SbbpI03T+1kzQaz!%_t#rb&$jsJS(b^Kg2 z7$7kN=*fbE2Y~s}2LwN%Jjcz7FmHp~5l$Pjsls$x+<)o?0znjB3Wu$V<9-LlA9Q;4 z9GBxIT!5i>P$BH;oC%WihqFQB`)0M+sC-#Gs^L=_M0*0VgP>tpWm91>E2*dq5c7kg z!)5|ahf{@|fRgWd%JK@8z)i@#w=MvAujBx*d<@$-;Gh{;@`BCPAQCZk_2h4{|Jrr` z{%q%f+ZJF5n^r7`Z>2qjP3{P6U_fN3RE~JPCdv}>!1pVh&25GPCV5*czGpbfG)}dE zCr0L2a;5n3cKecd&3|IQC=MjbjoDbSZeM)1uiymArH8>{Dd)N`@YILwo8K2Ii% zMz=2_oC#!)pWm)bl=uzu>Q-Qy2w0u(~dFU`%o|0`+SIpF-`dzx^~=NaJ@CJ_7Ka_G`q zp-Qkf!LvsP@b>}wBrjmcm;g$4vPspf9YAVd1w!#NFI50@|HU-j4F<3QUpr`k;HhhO zJpUQh4;W^ykt~s*jpf+1H2P&sbSHmVfd{2lo7qay)^uyde3|$%!`|?ivj1cEfL~0o z0rvrIFZtP6-UF#yFYspe7d!H^nEi%Pe1Sk*`Gczwr6MwW`s>q8##6_$+|b4GvTj}m zuN%fQbrT>;o&YwlVh~~^4B|um-{pe%f-X-$JGLI+%0I)^!|~Y=fL*Q40tZ6dhX6T% z;qApP%X?696)wn@5|dIYdViP{z)D#}#VOZ3cVis>coRPc`8>eQK%2NcTkgYW0~j`W zOLZnDXAW`}6axjRX?nw&z}>CIq^t)%)rAGt$MmCB=Q%K*HEpJx=>MF3f1in8 z;}mF39@q%HK3KCP6XthqD4T=d?yRdx`KxdzAvNz)%f2ER zB*f>)@C0^uDbmqINDy*NLI1E>W3^AkJ0q0msAwS!7*t5wPJLZGvhN0347B=?HqMms zmt;)#%3mK|-ZV_6V*sEtHt~^o9&tFqhRE(C|B%d3g-;`g!8-<;t9C(ZQ~~V=^Jnu$ zzHS%FNh}{*sItHOku3pHHPM6~+Nt^)Ymez2cWo|0Uw41cIP--<@`UdPq_pCU6IhPz zl{i8V%piV;m1=h9`X5j-$y3~3Wpv#;PxBF@ipsB`^S}s!!?WQZpRVv<+xdRKs;1N8 zAN8joU_ITwGui#-hkw@9Tpr*T>Q{UbpA#1VH>d>gyPqNVBC@@I9Ipc0 zGZf8Zq9`EtM?V`HVqxI`CbcmhZ=&;%J2(LR-aY%I}CW3>$QjV6?P@?NJFq-A_G+-2rpvnUpt)L4Hr~yJB?6a1+s7 zqj-SAp)UDZhOCf(vr>6iLKB+(IMOr#;2>qKgJOd;D{z{EOerY%-{j?Bsh#RYsyKYW zH5E0um5j3~6WPpA)FWC{XbC6UjcW7x7E9^BScQSNuEdfSONV$S|4_+oBf~AHm=N@f zCmY!bQv}_s?-`vE;0}A9+Abv|^%;t;OKOqs_d@8w#XP!&LpJ%9_r`(B&sXPof4Y=x zXTWfx61#1n&m2161DQ_`5RQaB*Z&G1Lp&w`;SKVsQf*pT=B2Tg<3YwY!m^f2d;mdQ z0kEU#beh$qcjx{QBU+TgKMKX5Z~AgO>4?s6ihec_KIHa8?reeltrkIu|0YdH@T*Ge zd3Jzf4D$}R8yAY4U(wUqkjt##N1~x$X?V{IuBkVOFw*dT!9qOB+JRj|b-q-4&M?0k ziMsAy!w$08|GK(H@xag*2=DCasy?+nn0a_YuoKJ}t7be3dZ5UhKEVx#TOaoi*&(dB zW>DMA73K>)LJ?m8j+pTXHdGSyb}8V4Q)4pYg?F@~8znvr!yH($#F+D9`>VHsdi?+v zR3XPknL9Nsd(gM3xUm4&3MJaMZ=H5`;~_LL!(4yS7lYX!AnZoN_+kBAh!vlu0VQ6{**eM&(J z9?H4k>7F1Y=p9QyurC#E2dNLV&yI|eRlva;BRO1{sQ8bM5Xp|;gOJf%>#z%SfXA$g z&49xCa#=+`qp6O-HXmhbWgJW=-1D`_KJ&6((mIkzd@6pWoSohCwoDye3bY*bG!wa%wpY_Al+ALCfmW{r^)ILYa7sQ&{FlYGNC9HxWm>pyV?Z0C z5*8Hi6AK^9qax8?tVA`q*@@u>)@v=@TA&w&mH*Lds}0r2Un|x$~P3DI6;6O z#os}Va~5$7vcgH&})Rp(ntR#Wo zH**V0A;sd0r4AdWy*Z<-0ovfcz`SWz50Mx9-@P0>P51|D4)<<{0~WS;PJp(=7j|{-T8T4!s@Gte$sI1K#G$jn?cl&}ol5e>WJqBWUbTcT7 zl}pmo%>&fmCYAKt4b97i3A2%G;bg0PpTy2Cq~Cs|1J8rCcv*C=)WH=Dng}uIC0kj< zZ;?WFY2}+md3yIJ9(rhgevQf*1SjWNDh<4TcpTNrJF?q zw0UX-k=TnXOq&xO71NH)jJ@&v$KT8RvR%1h+8McDwQd)~5N#jPVzG}!{r7n?X2NKn zjzzS1XO~^zm*(@Xx`nkKX}xBHpTiJ-#c>$EkWVCbL%MLW_5_!qeSnSz^Q!*HEr_=j zC-y5MbHQ#90-Li_9B*sd{Pb#Y+ma2twx9HfuHQq-Q#Qt{&w6aFyqP6=J)vZN%J}H= zvd)q%->3|3t=Ncz^(M^CrkBjig1O^*Aun#iAVoBcC8^5}n)oWE)1|ZFPI65H^4Ff{ zPI4tBuVa+>e5WBkMaEKbRr14HlLVV-ms?Y}-=XFFbI1D$7<6Zc z$RIW1ppYC&a(5d_gnMb*fg?hzg{&5oa6zlQbkKG*kD^^pF^+xqTJBxU_&3A8FzC}i zh?ZA3)cXcY){T$7%CH67qS=q5cg-=7c-iYB+K)n6#p}vWk*gp3AKFhA$)9GUqr$h& zWL#P|Z}=-(H;XD$%IYRtKTVWOd2eZQsD~f$)a;fvjszm9K_nH_SSLN_Rv4H0?%Xsn zdviN!7!sp^u5I*;B|)ey*1uwFYj(5fX3X8`cAvA|tOz9Hg$v}0yu9S0O5tqu(G&^Q zzCSyv*asdB*%fR&#H$o9o6UJ64k%T{h`FdX8THLn!-7+12!(^w$pkJX1=Tga8e@3UIH`jbc;J7X!RK<(oA z#>k?PN9-LBeK>{|t|I#rNwf=m z0^JiCR0h9{O)mHgrxXW|VZ-6NHm{5f?~&6Xyk1(g`N6vyQ;ZyGml>XnK_Z-93iJ7s z?&_aUj4QlpNROSajtubg6UAGQ(tU-tEz6cCR!(r-zkaAiiyfv06g9(+3C0i5-xJ)QtOK88eQ!}<;-!XO#>;z1h8>iH7^Gf$ zSUE=$a zsfz7>1cCU}o#B6M$hyKABw|tIG_?DXRxVUw#Lv~Z?9uC29<_UweBXPSC+?n@qrn57 z=?ZwSlO8%_cWlWn�f45}yILtImC!?AhTD z3=U2v)jgMWbpP(r zJGl#q4}p=tr_Fbelgo+TC`!Xcc)Y(}91H4R$(p4+@H8gN7MXCyWqvan^`?WNHh}s~ zh^$f361>L9^BgLMu)c!@`25Vszo_lgQQan%of%lQ-^#izglZIzbKg?#>mT9%9rs)O zWaDi4v|4(MvFNN3nw}?eeFd_#Qr{TrT1Rxl_Xy z5muzX7MEs|5w9nYaL>??Hnc?KXRq2?#{3?#hxmvY%y2!-Jq;NyIRJO@i-&i+6!(vz zN6x4~^@^6gL6=8WC-94K;FT_hLqu|Du73G*(NBwzzx7LWmZze;1&?6Yu^l@$n-r zjpo@zj<;c?ltsKZIxZU#=gF{PfvYDj`*+kX@Nxru1|wbw{oF~#z%8EtLT@mXjehxb@ye~32Sf ztqLDjMXKPK?VHS`%kJ#Eson98cY~x-Czb3X;BkgRJKfmk&XQFJ*Y&!_I3YaS;$1XoX0gqC+t4lE!6^D0=uER`yg*FFk1zvxgo6Nm!S{M|gq%e)W6i*gLi~XAG6(;Y| zTE#`3lZ%ymJ1XsYpTi76T)<=t5WnFX2W4Mc}vw< z+4KTY8!5;^U($m0QeXu31`L#$bft51k!vDaQ1<7`^V+RktwP3{<5=Dse5t<+ z4?9{^?&rUL{_FsBag;)dq5i0?TTYiMQ!nv9-8@2k>RiZx z={XKdbOh%eaIE=fD2xmSQKHwv!M+U9deN6qJ`(xhD8?elXf(C@ZLrX>Wxj}WX*rk{ zAEp2M6rS-*N$)_}LC1>~zp9;+l-Luun`8T1&3MvTdkaJ2*60`vvU)*CBs!r+-lIK= zb91cuwPw%N0~8y{?s1^(O)fwAyS23x3MN5X3a`gGtAnQk!Cb^S2a=)Qqah8vLRC01 z?dedeQDU0*#5>@~Gz+)bUBnR&4Lh&InD5dCJ6Cc!orVtgbHh^75B)>{e55h=3m56= zoiD>#`TAtWPaPTF3&_H$SUj=Td5Z^gbsK+A3bcrO$yB0%&3(@~6%5YsP`m4)_}N7V zf@d{3N?&s;E3}{3{$_FDp+Fb)y1i2)((sT#hyLjm?Ateah&72K9(KhPkt2+k>%o^} z`v!=&dq9I6-#0IH!fX;6!H8xhrVfnc;9`gq5jNV_MhWl>KUdst#X5lAAYE2O^X9wx zKI`%LBeK$) z2)|M;nIu8-vu{G@aoA4Z6UV-Ohbl^bGfBB;Ba%na8q%m4n*)Wan-b0|(qcTxI_K6T z!$9p3#|A^JmM$Yw3|Bm-=x=1*fYo~|Q_+fw^|P(x!zMQGE{awK`IQcBxB1RO{In~V zz4u5|cQNe5{Fl$dOH;n^?qaV!;-__xQ2t3sW~$9G$HvA^&NH3}0kySyKzTDJEv+Q) zmdcm^S#PudriZlm0Xhix;rWyiIIFC%TNQrpTZ@T_VG;aZWcX(&@_SP+%6kNM(0> zq>0ttrRSkbygKd&A`jHbs;lL$=Mo^mJsmQ2$19kQUfrSZ`;gd60f0>G%_v&$yTN$7GgLgA&K%m@Jylv^2zK99MpA+z zIbfpiG5kdLr(bKzx0&Z7$>BOQRBSjg!bFYfRC_r~K$m7tGun@Wm=&T%mKxf24fQ;H zh_%KCeGxbBBZy}1)n4?;A;CPJ$R^n(!{@gZb_`=x*(((nBu*YZa9j)sWVv`)s592+ zWx77hk-b*;J-R0AAO3h-$&wU2Omvy}6`f0km#DRyhxB_rcJ2twc_Y>93i4~A50b+X zA~InwVM|iMS~SI#Gs=FINKeLi^V}t=6k=i;)w)c%5l*Cq^6rZ3x0P5DS4}p~8_iY9 zV7Z{EI1<^Q`+*@_it*#hPZjccmUjlB+jVU~>|T76!>rZJO=$LMx7s*J=~$QYV!MW_ z#&=(%6=G#P1E0cPjtr;WtzDlIxN9=-dM9fZR1Rxl!{jh-;4HLxQUL zv;$RyTRB-qH7UgXfwzR(1IgPld#t7)1}_F0TU9I$VE6HI9K64s6n+}4QK8zf9&&_+ zA@Vg0l7eITXB%`rH}wG0XzM@&j7=pKn(lLR{CSvAIIJ*~_r~UCRzZP8?q{#&EAi(u zG2&Hb3CWROU^MytQzqeLjZ;C9C7|%d)&c$;rEia$=R=s~e1udvYEStb#+u!KWK*dULi{9+(QMU+^ab zy-xZyFVOYX8!`?v1CayaPJSl#Q~mC+5)Eu~>tWL6(;PAyBS6Ge%QlF){mgK-3`lS| z0obPTOD8Xw;xmz!O*%&5hWq3>os+)6T7C)V;-b{#K z3S&9|bwU#M1`HpB{6n)Dt-So2sh2#F>6__-%@<*#-eJ1!@{vC8{LG@`DL6oH1(u0(_Zg?O;cUCYsEd9Yt_6A`~Seu_uB zV2Z$$Jyd3>F(|kU5a*}v3Sp$NlbGLb5ewMeC)Hvn61g+q*Jwfy(!R6uhkh+ezs2E9 zXkIIhD`Gd4`{--AcM9o~W~+5%)?XO{cWx97?Km~V@FZ&cbwvQkNFJ0j#x8VgqB|Yz zsG@Nf!-XM6vy=j&&0<^BEJKuWd`?tLMjVu@16cBGM_*TNPhS^72@=-Mqo1Oun$#We zFz9@Ap(K3(-S8BTuTZ@t4V-{rBKRJIDJ1h#PkHw*#;rfueEC!4)2D)a1zl^+13nMObj~o>G}Wq3jbMV z1~s2Xp)P)3tKwLvWK%)93S2FVDrJ_<5uCSgquudZdUBClZ+WI$-F^o*GECLb+gEd; zCDVUNefMg?#;kwRW8rsw+c|ewI>+R+o^_#=d7DiC{Ht|;3N>&J&OiHRg7?ps^O_K7 zYH$%q+n&FYSPEpNgey!HK>odrefRrol$(hfcHC#+enlm-ua`2*+C4v(jlktWfsiz2 zS2_$^O7$Ddx{xN|AV>Sy4Wr6Q$NwH>JCB_1?CwpqjKiL56^Gyz(HMcN$86R3v2%2n zj6jC-82t7qHcSwE!E6s^R@KyWw!@_4_ji31lq^c~)7VL(T@g8RttuQUEyaK=7cfhx z7gXEoB?b4a`%$Sdp`1w0adQCUKa);`oYiu3|BXh|4iMrgJvVJ8{Ua~B*F*154%ixQH2o7Y(6i(@u2Hxn&X zv{lZ?nrn|)r2LWXJ3JI~zdC1cs!{cIH@S#e79tg|YUxyQ4LEs?rSx`x6pZ$p!%#jK z$Ahb70w<5pVoPFw6-p_XVtGkzl;-X1J(C||8Q zG(&^^o%af@xa-AsDeoa`${thO3q;#c&_>N;pt@R8nTcXTtA*cA^702Z7(AAD#MINl zf##6%mPVz#&p4%2TU=52Hh%o9BO}goU0MR*<#cjTB*tA~vcAPDm4aDCKxu_q>rN-1 z2&>G9{3g<@g$kyktdBpeL>l@*sZ{W+#*p~};M6rXB0yxUN&NlE9(R@B%Lp_fzZPA; zt}moOdoC~-v$44L@bbe@Gh&lp$*^HUkVa?wWuttINmpj%{d1#!i7b3LbVVMGI;<#4 zL8!q%&Z+jaQsP`A9`TdD_(Aq6$Rtm1R3vzoT$X& zUheFg?t2*~SH>lq{#*q^U+{ai@D9=r#8;z4^VRZ~q@$KfP%wkIwYml;AilT7-t*)) zb7>dfF7fj~nm|UtIu(CUteGAHQ0esx`f)?(KlSR%s#?q%GmcGtELLUhA_4niT3ogp zWoK!8XhZ0Trp>9IcGcn}gSyUx32KXGUFnacNgb1%^rH%0;3oF#4LwUILQc8AcpNJO zhs7u7b?nXdP|f4BDfwwX$sX?-{=T4MHdjGxBM&0(dc>lTkGa8hj+^dJH-*u`_M=sN z^vTMmN}1Zpg|&gveJ@4+ZI3{l_KE~JT~PGBAQ+b?XTZ`)PISG^32*2bDK1G$wGB(WBBI8f!Zj#ulq76S2maIwm8YYT0?k zfg^7)!orT++n@e|Mk|+=AVXnTE7?H9sn?(6%kv~N-V_Y*8VyJEc3Z~Emwzhu!9#a3 zsabfjL~{NvDO1b~nfSLumym}#3ifbF_l!DF(3`-J!tSQpUlp2Q?WS4|ma|v%P$kYT zOAGq7Kt6-i@~C!O{TX9UU$Yj?p0$_UJw%%4tftH8Gw)Z>68hWAsDm>{bc|4f9Akx8 zj2ub}({KPkyYVxwee=)-I`sp^G zu-)g-AyUSu_Y1nkgzD4dPLUYj8uMG0H`!|SZ9DD<6~>)zGq?+SLS?0LtXJ_g6x#R* z6@`9>Go@*j90_EJmbn>^6}T)~v_r~?t4aKLGdcl`qQ84)-d`MH1t5Y>x*zd5!|e%S zC%MyYJ2FlDXcd@NFuV@-86UHwsylY)IF)cF`!hoj%RY5o6TC8e@5u`rwA=tQ&&paM z9#?g%$poNr_Qo|7>U5Wh=X%XO)~ie|NQ&#+5HrQG$g|TKQSX$u<+sA_wWzCWWekH} zpAB^JqE87DSN~4G!8DT8n^S_V)a531Itl@$?LatiVUOs zpuI!0tm9~uT4a=D+i%RL-&7{d@Xxa1^q@aJr*_Sg1vtiFdI7lPcbLG)AktqwoorEm zPWP3t6H>aJFZ+10d8d~O+N7p}+Y(7dSaIS1W6~V4WVk`--k&2yR zbX>#ur`Q2+Vap|a7d<1ad)QR?^98xY@zt)KA*Zs$s z4=^Z~;4b?c;z_q)KxcU z*~X;hplz8_LA{;w0M+@PL^)IE?p_DLlRj`kuldv>HzA=1<|AG#2?YjqdOG1U>_HP2 z(#LjC*z~Dp3fXj`g*VyR0q~Yj`i#WpQc{S| zNcb*b$+lj>%rZ@ES67a#EJavP8&}ZpL}f(RA7A~$*j5`y$*kDA4zPk1Ud+qzN%mqq z3{v9T^pRe%gExsus|@n_SvIkYk?IruFM-MjKz(E^<>T2~eKDE^jHW3yZ}DCo$cUR{ z=`68E$bydM!V^Y}{eFF=X^~>zbZ#!sEUe;2SKku?K~lo1S#w!u0rZ@A1U7~f$=Ius zE1gPg1?Uw`4=6R}xLz`JRlACz+hx0v_7i-p8x8t?;>?tlEy|3$zl za!dDRr(ni84NMVFm}ik|rmKzTs5OYbQz93Z{*rS*{g&}`T&_IL>eGN61%L)#DTOy# zF~X8efVxq4XejMnB&$CyjF&)2Ed07zOBctFl_PB)0*{Uu=7n#qhL)ioz5wM_G&gNT zt{qvU!mUy~ZmXfOwUO=V_Ena`0kIgdQocDCca}z!mw7k~zqk)zw(s!LxxGWcxos0l zy506P8mhS^gw>aL$SA7L5pyip;R!|3lD$4)eL4OB)A=S-lKl-c*+Hb1(Sk`56))C} z?Q#GUUilg=@ho^ybk8b7jA?x>20IHJc&>L6#j(dbkG~NEb$-zlZOJQB?Ui1^j#Kf7 z&+yKO0t`qbBW)M!0SegY4&K0QveDO+{oQ!7SVPUp8KJs2Bc+!gl3a~HWnJB{42O2- zBg)@YrZcW(BGVq750(8Y|0N}2ZVl*C%8FXWZQIs>-jQ1>zatKv7?HVab1WB*1g697 zv#lsLM3fmLI^QRwPUaj5wBb+?ZTSyOGc?mp*+zH7Xfz#s?D%X<&X8t>1P9mkC5a6# z4NicMUTL*^dTlZso#P(9C8EX-=zYljSf>~4KHoq*UTfQ;^`y@X?o8_UfEaNgx<|Ob zr0{NqiCBB3&F6Fh1hTX*My7WO32&u54oy1>%;$KQRkAvYToPG0`O%F(AO?a*vaP|e ztqWgsWF2Tlx&#L8K$<^W6W<2O&0$ zF`nwW3+Ed{Lx;$j9Nv1_Q(JJnc|N#STXbTdV|!Yldt>7!0q*zTL1vz|%l*B@jZDCz z`eW&hsNV^yLrVgdF|@sx;%#VAM$FW(?iW$py@+1vac`eBWjq~-obXJVx!R2o*V%Rv zR3W_+so=1~1xNV~F>G4id(+A@w9=n@?QQW4|R@)zodITrO zq2!cc{w8f`pli5gZ4#i>8w=a@s8!2O9W3@*4m-;Iycg}C{SJ$hl%GqgJ1OfrU1GL9 zo2q2gq7%ADf0MoxnEtbyfTtVXIuJ75)31A=7=)YdAD@yg6yEk{A$6no=vV(>lz-u#TMAZg^Uu`GGSzYY~F*m*A_8{q}`i5oV7x`7nI9=_bo z_8Wh;jV!Z7ep6C~r8B75q(K#2OSly!v%wH5i9p5A+5kr&UIqk`-$YI<(J zr(#=!DLzhEF$DR@sqEengOZTmwJlLvwR4)JV=vH!LI4b((n?LwFM;Km9 z?EOuKFV7|-rhfa=#Z46*%PlKjgUHFn2r?E@L)u#Nm$g2K=elhHr52zVirZZAg5Ak+ ztRDm0@B22Q{4V4sS0ZeJf8JcY!|~^wywQp`c>z2+s_Kv90#J~HH+Kt~m%cyMG;Zj|#?H~A35Mt7-0z|9ToRsu?d^xY#VZ}uF zP<|?My_sq-S8Mn&*1|{gtZ*)Ad$LzxrJF7UO6#7y6Jcb93F-HH&>XcBl-XtKt5y0* zEbboB2(6lb+%wVRVGl`T+`(kae>%rGKp&-^N1COhE9+_T0)BjR=i zb}P90UIB)&+i-5(BDvZxSVFqvM8s`IyU66wh-!+ld)R_X#uB`Il2XOA4qsDhz{6XC zhyF7Jm#(0NcNKzo%^}yx0LWT^sC&|aD4)L-Z`>Q-2hoFTRPI}dEC)30ab4HV zFr>f%+V7XTIUEdLov0^x%wCJWaFyXXWkRzTv9%HW*aTz#9heaj z+rDH7TZ154VOSJpm!qohA;H6e4<4wy5s`hGF-ff$0V!J3(twpX|5zS5Rr&_#RE=+f zJ8yP3wDw2~1kN_TIu>oPHMuD?PgiC$2)# zub&!BB6t~w)Xi)*?ZVy{=^J&iJpH?0@2T~bIl8+51)H)}x|a=&&~1ccbb}0}K5vf- zv>00CExg6Um``SIf-C&%wu|O7J6-cWb=<*Z!Uq7Wtbfei4eY{TqWq!bADHm&L^cEm zGJVa&CM7Ub&g&Bw*BfhWgb;UTlk(6eh16?cshx8Ma#V!>kX6SoW9nU-l9!vU;3W>xOn1CK*tQ<3YAd`Nu*4@>g};Qy_*dNtsAF&Gz+IV-7J0ShhNIsQ9(uoDf+szQ z#;=$E1XqpLg^88AWUSvhH#iY{a$}tsqGH%cipeBv&j;=uALW#scHqa+$%=PI(BQJ?~~BOaMb(zjw3ZR<1$WS(*_e_V2} zyy4L9;munwD4XCv7auJTnJS8~68UJ3wb#=~5J^v1l6d#lZHmq);fH#m=}cPWP7|wq zb(d@Ei%9Kv{Wk&5R(FG`&T;K3>Zoo>1%@DoD%CU>4r6y%26%uS#MdUqu+Ci@NrKF~ zjVb$6m)n#)o8+gTbz*JlnxmGC#df6g@Vw4P@de~jjiubNh_hI9Z)=u>(o(?)ZYr(R zIroXA1%i}NMFa$t zPUyW8=^aEwq$KnjLQt9ziV#9cC}*+X_u1$C_j5j+k7s#Z8oWZX=3H}*`5R-7anByv z5?TYBHP)p+e)v~nIq_T5b|{SsUEeQdr_^)8YZ)U=sbmyxQZs~sQ^`CBY#_Vj$%fd> z$>A*~!ODuep5|s4%?e%oytd~H#8%!`#WWDQLjQI6>FkiXhw}KDPyBdB(@!3;vz2O< zpU^K1cO(lRfHNoUg*p3j^bM!&h+bWNeYOft8SPD`eVrv)k|%2SASX8Bkg7x6@z#Sd zrJ!Pp0VkCGn@XO$h1Vj*oqB8@Bi{?>y96+osb)0>OE?aHui>Df3fA%{|Dv>&%j#{< zd!@8Kw^{OXk17~WA)eoD6+#UNaD71qrcZ}_%DR5BL42DJszsRQ8az!{=n?lTEMi1E z^_;Y`RH7iKH~BiJ59cmn3d)Ekdk>d3|)oy zVFS2!&xiI-`KNtWprh~2riN(eVG-{qswZDh`B@1>uPDbC-l<4^aLkYKa9#5i?`f=k zB0eH+1?ADh7cSmSjYun-yOw=%enq1wb4hmIHI3lP6)CT=PsXc>YgelSRWn`Ule0zhwZ)|0gcgMW+77bNcJ*M>mYk!C%h|Umbbtr>lF=Qe8Ru^YpES+t=>k??0E$ z$(KZcTC`R=D&YkI)q&e|&X%!Hm%~)zrJNGeQh7cp^pQIHaj49H%QlKa`lJl$B@NSt zgN<2!IqVzu4a7a%N%~=_^e$N8PO!O|yg2#kwjJz4eIevp&u=9voUxOCmAj$d{NgGDr8PS#>Gx|w1`kbh zb(F#E>Smu(iWSY0oNq$O%kF3xa_-&MWxa8Jzvw;?-vf3*?(>s=r@C?bYV^+s&p&E> zWj|TVOxF~*p{rG6qYPYtPYc#LA~%skNU2%-VUHk1Lm5$Z6L3HhroM~6^RIp$UO2fJ z^DofA=s_w6=P=J@lEtt(*CYpi)We9r_3FL^gPOnQbk+TNb%kvF20+>QyFBf-Bn-_4 zvHqfl0k^B0ceM=!e}4$NLUM5>F^95U{0m$<)J(xH?c%}NB`VOz<@TsO8pBwe^*()X@a zt2h3izWJvaz>CGN234d=aShCsPiwR{-c(d{+*&ut`rdegIvbvq`hULj@7G@<%IC<# z(m-q+xJX?A99Kk_UlpwLRYX=s-#ZhJjZ6Ra3+C_3HQAn95^qA>!{j&I(&46kT@CSw zdD(-@;meTD9^`-j3cu(i$Bkv+R<;1|oBS8gtmaB3^NpOJoLs$dvFP22>L$v zQU7l@TWD10fY9%A#;;p5Lp|0FoF0lnm#)FdLxfzWc-c8PoN=p& zR-gj0Lytsk7C-}R1@^q7h6GjPe~@5?bF7am}%%sO~{IbIo6Wu5#IN`?oB3BcyV_MZB1 zR7F ziCPQ+l)Cx=g~zC&`?$4XfvcpH?nwhl%;Gh}B8{^^w ztq5v~`CK5C0M%%iIeUJYihkx;QvzKGlq`*!{nxw`vudCu7kUyGSY&$a2a!^!Y}sS1 zukk7{Iun|dPXnhyfgc-{9%2rHwOX=N89*GK-^f3ug?uc(&B_X&sxrd@<&={EQoxa- zDx-VPVMJEPV%{HHCGPo|}!8r7Hw5K5fakXe>sT`C6t2>@dDrk898E)`St4CH9 zit}{Z`KY@vZ0G?8+wu!kcVmztz)I2q=2?UNAbkgb3lP^2>$mj;fGU1sA?0F$N1i^| zDNQLUDbvot7UTPwz$gcQ3At3RUlMmwkqsflI&G>6CyUKq99AD3=>sKY&B32CBoi>$~^5 zrzA}7WJ3>3+|aF)QzG~-AQ!xYuu(zirVU!0+*uLG92Fgx62jy%-=i(hg=<5GWy$hFF73Z?IKOn>A^t832jM zc+fEWQ~(at=*>Bh^$!izhtjR=7O*D)Co=w!-f_QE5b=PqDjbK8WaRH}3hWzbazb)073=#f}}MF%a@l_pEcYHI&)z2H#LRvNrW$HIz$5L#wlq&Jpe#!T{~EBy4u3+V|TkBZlcA@F@vj{ zTnCgU*i8dFq-^Y@WP9_cn_^44&Vz%k_j;v7qR9dPnlP<*%CkE8#c(-%mx7kXm0~U9 z5+2~x)KahhkvlKdE!YQ&oM&?1TVu1MC{={I`8d*gU-k+1*=G02=18e{RdSfUi!UP% zTAhtuaZ9snJ6_Geqj!Rua?ehVac*qL3jj+1lC;dKtJA%8oukUMVc^Q!G&h7$nw`)k zIsiD-sKoW12i~6Vj&7Zm<~ZsWG!YxJ6S43@h&2x7aCwXu$D$eN-U1tNHsKZ@E*{3W zzP<{;4jo8IxXmpmU+E+7OS>)sh=AIAI-oxhHYv0$vUd%{<0d8y7@zCwX~Uc+*i!?Dzf ze7^u#!z(3Ewa<8fDXrDN)%4Z_y7W88}nO_D-#*g zXT#?}?i?1VFmGT!@*vkg1i5$MjTp)ICXKDYV})u5F9L^fFuM)_OSfrQ5=Iwsq&*TCg!lvFF&XJ74zBXGR`FJ0-}%1uk&5674`Xx+X-l^G@QxjKgPQDDZ_mVf|B| zva>C3{9YWE9R@&hu8Lv(Pi)dIopOwPdpRhW4pL{FU$sUzd=Ha8fY#Z1{kiju;L-t% z;e~=H$qnb-zh`O+Hm0gv!XZNqrYyiZQ#WiwDhbG_t~)$NGl%fP>#V)$UMB$A3+2Y& zwkb@_DnDe6FVjq-GY*Wn=i?I9I!Ajh z?W*?rhZ+(*?*%fRgD=zyZUo9Yb3E%%8<=+e>URPjOBF^DIJ9`Qx#`N-ZWAVX0^sYo zgoVc(0tIIuBOlEW0N9xx0IQ-VzbEy&@L&fMJhu-Z^2z|EE1nomc|`~$7(;nO$lk&8 zjDj^V7x3n0EC1@ftluP>YW_NkdEX<9Ox$&5F*${on|pv}Um~4L+f;%2f?&!^f z(AxHPAPHL9b1?+Us;Q%6lJ?;-N7@hb5;6*!eRV3U!FB~8Pug-lJ>6y0{OPKk$h6qM z`)I=3kmaf#OCE80*3XhSR(E~b=co)JspmK?W7$8O`tf6K3ZL0rC_w`4Jq`|~cbTdj z1$4427S;`*23YQLgm(kFdPz>Y&KjE|?K9vIDoD1hkuj7T(8G&?pxpd7%1V+F6AS41 zOgV*wMz1sgOgz*gLyq-EO2llW^>9Q#sV)rYK|hVPY|0Ounm(A|V1T*QKs_U;nu-Gh$vj(P&ZJq@9S5dn?zN$5)57VhtHU`Sga2;Z;uC|1 zWJ(w2=E-5zc+_et_W985ta2}Z$dyFCM@=~9a-UxxH#`D|c;tw{^DhBln*QmP$I7YLWhE8;}Bf!_p2o^ojwVa^QKDL;q zbfhi2`_|UZPAuTSb!BB`_WEOhR~BPjpd;uLBNBdqSUd&TLiCwAV@Dej;IVI=6zoDK z9568#2h77nXnt#H^eLvsE|U71aOf=#>j!rg2&3^6jc#VdY^@A&zC|&24lii%!K|aW z%k#j%_9mZofL~EDSz(Mi80`uUroJcq?Mg)2DRj4&p~KYPF3cI^87pN4EUx?N|6c!d zSIcWc*;IZn92#Pmbyuc|ad8cV(6}aM*OEj{flqt!74B0!fFx#yAI$m!t}Kd|6%g(K zt{10HCPIcru$=%ypZ@ws2{Pg|+zJk`hh|-=fYoK#%};GWKN#@7A+s-6?#jOTY{3uj zI$05bcy{)4>H;1bT=cW`#^3bVePC7L;^hSao^e5|_xi6Y%F0SSLP%9bW$utuP7cje zCCg!*CtGfNeh9Gr09#i2YU#T(y0yXBR2&czo7io1TZ3)yHTb^wDvbE2hjvTs{+&Da z;Y9<#F36Gqp~+fg900LQq@;_lv;_?gkXMMh&Wv0MO~cauYnYHYx8A>Z)wVW-iRn-I zo;12zzX4lu(3HcopFw-!?PNK#&irOFVP=kL9R>9Ka3g>%owdH6*lRtQ!e?6hGOCH= zGti8uZIG?n@O6MAVhT4<*U~bAKpLqzj{zUL6d*{waWVIue-&v7#T&}pz+7!SQ#jkD zg#!FH=h6HKfVoxv?b|c6?Qy_!yW=yRy{ zXFP%=fKK*PMn(k?{J};&&i;%K#3QT&5`FT6P6-S2wU?MKW+t=>P@H2^Vz@{a{~r#C zg0q@|p${)yu{wl?K*!5rFyH~=0WKqhYzd{}T|nXk!QA$_F@T7wr-LESPqW*dl<1Z! z4gw6<#d`O*Av8+vXyu3W6%VG1LJ=6!L zGJ!{*7Xo(V;Po#7Qm~PcQ3`be0D%|=D?MRX)6{H$+tfy-O;a8O-WL)Q0*V3LsQ=x$ zz_`70)mAuQSp@@5#Re0asR>u565LoBjIl>ezukq|kAxw20V-L$N*oiI>=NjJ2G`E<@EH(7qQ3S9usIFx zXlXd)5B_|=L}7O57RTLQ^0#TZv{q2MH-7-t37&6$W$CsK_%IWI&rt}>*4qGwhC z^Ha?Eq;@btKV$U4Osl<(aAsQn%Pc|ST&@zCnCpzrW39~3#GS#bzm}{p!K@&`ZooqB zE1csL2>seYw&85t;{cT{IU&Ioqn#M~wY}Q!)H(}$DshS4AxHBa?fH->yAbg;09;17 z^uEkDsj-b{D)uhUrt}mFeX_f|YYAQ-3ds2M$p$rXfs=&SZvv1?_wZbhc!KYOUmp+x z|39w~Sk?cA87EDH!lww07%y?U=iwi~<-}g>0!%~%#dM++tra1zSFmrz1B4A0?k|3I zAe8};i~{)R;^pO+?Ck7*F3z0*!R@=loSL@wbgoi(yI$_<1!OVHW9D-=a=3v-&VQz* zpXFa)9@ z`bHmNi{BYNCIB;96;44rN5b%bwuOX5(hAr`zd=Xxdb4et`4ku)X;~D5FE0rxJ$ekY zs!r6*2g0KlgxKVil;R&ho@dH$zf3E@HUH5+fz5ytJDq~X-M4Hgki!heB z+g#z}>^EQkyX$dJs{kiEYcHju3a}Q*jL?#=jU6wxKd`;)C*N~BUvqW%sIqPc+%idd z&K9Z(bqsi*nkJ#|L;)a4UhlbGsyk$^@`i%o$-V9 zfbfL&TO`SR;C}HfAjFGG89|cd64HviOFS036woHp#^t}nE}6gh?Wm*A&Sjs`0%_v1 zuQWDLyTt-BBBZzyvxYz!miM=+q*9R!yLqn-e-nwD-iOj=%CzQkqr>;bGN(L3#F z>RN8$CT4ECQF)&ff!6Cf+(PT#2d&CJQ3!Y54qW#j$$j)s|CHYL;n&n{v+^)(W3lXx z$hS;*@UB|F$*PMp=*idFlp{x9PhxamM;MiIU;_P#S4Sf>llS$vT!U%t@jXo*(WL`P zs67S;Z&HP)p*IA(P0BF!aZ{x{*Px@nn@yG|J6b|TpNemK>W4mj-KntmLJ?N%=9o$FOh(6CtciJm-)gxZwYTS_RRa8 zlG{8}I!-Z5s{Dxic=r)L%9|cnn40U>x@6^hwkctGAzg?&?a~ZwA-XLHZ(0#|2R^<#I=>@ug>^d+a zbU?;0(2e&8PV2(~&NFf`NsW`$ud1{shXPbM52A0DyB`LT>x7#tX!HkzbPDg~)jif6 zr-0~ej_kr(czY~%`d^4!jeEo!PqXYxkvM<6iXr(XyFv(#lZL-^8m+&%Atk0MwQAEN ze_t3~P2$NvGE5?A%>VxEiey(hi0vY%C;H0P=J^W1Ef)o->i~FrkcaCc@Yjk%%J=|L z&T_!Nga{874^{H?=PSotAiZb5Bm!>M@9nmo>YLqc|BQDMlH64ny6v+sIdy6ksk668 zN?*Q$;jQ!YH67~&H1&fdK_b&_E+iykL-PhuCsij6JgnJ^q|{(vgoMQ4IY8))CJ#L_ z2cjC{;i_yLL<3vf{KL|ZTq0P~djRY#zo4K)H6rMsF2_$}k|C7sf4Z>w^Q5LhPqTgN zn-k*=Ac5IJ2$AKF?$E`=cJx#jT?E*BUZY z$mM-*wPeOpHXKg*VwY3unKtAb$A`nD7S5vYZn;mdz8pdbEdQ8?B8|t(oP}N&@MrxB*oJP%`Bm_D+BhSQ zX&17iVC|kQQy%?B2id1{U6`!eCbzNZmV&H03zfQYszyE^f8UfQC6hx+R0%l@zlS;QUdO5 zJtGQ=E2BWOjklBc`RQeiLvVL|#zon?u$yfdqT@mg9uD$C-gW+vxFFkJL9pE6OO1eg za24?(Ojj%!*bnF~ZyoPrrH&U!jCDWa!#%93(}e1hYMsqKb^4#=?MNtT5c|1tVSt`>RIby;W&g1ZrN4Ete5rWljeVZL5TxR^^+ zU5?dl?2b6^bmb?cKL+#X6p1lEjPLkW9DvW{(&-A=CW_~Br#D(|iiCp$fXTy!5xthw z(s3kDdo1tEV;a>tjmp^$e7H+~imrZfPWN0%VewF!ol7-Gx7NscZp3UK8poT@1oe^X zNA7WJYgR6X`&X*`m?d@;EYS4TnMjyQ3%D>Zt4|O zQ?g&VDY}8~tCoS)7)0)&YoG8wuZ%B;$-Lu5Ja@DJKJ zv*ZiL`Sw2gRthGYbsKt>d5zjQX69Kh=#5##`5~-?Zh^40;IhVwlR4<|bGJ#aoCww2 z-WA^xee@;Rav|^P&J_h4X0#oDKG;|6^?|Xfu#abn*-M}2x=ol@|v37;I4g@3ow; zCHdEi$DM~Aq|S#yR&qh9g>e=S4KW@Vmq{vPoQADIUxhImLBN>6B%9;&GjV0IYj-oT zU(>mGW%Y!R$5yqE%6`ZDu)m^NaA$Pd%i3uN@xjCw0(9tOMAx8)tyJ-9oV%*~;OVw$ z^M$!0nD<=nuo0}mxy9kbd!uH*oXk_9uP{{}oB1b23M|$)-V8^nAFs)-wSVIjp7*od zk<3iY|9ut(+a0)u;Jo`Gy<&bmZal!X_$g9Z*8yz0|0$sTQ|fif8_R;G(6$y0n=E2x zki5z_&ViH8*OK}!tF6i^Luf8jdEfkZ`yY5EDGua-KAPV`2Am*21@zO~ zb|UxurrSkkyX0zm#O#haipZS>E)VR^_LNNW7M**&d*>^{s+j49D9+P5AD=yD+IMYr z=xv*fzPjP1k@uD&)n$C|p8Dp_relw7@D2+9iXc;xFs{J-M=mEGZspBUSFLkr-%Zi* zwY;ADvN27>$JeZe&ri%&HWLTSZFgSrAl^7e1t6wy2MDIb zS&21R*5UAN_RAvAiM*^lO#31w1vz;+W#8-~SP2>9hPJ_Enee?#@tT+Yw{~>%3RL5r z*R;-ANvSS2$S-0Wz)}oKH(_}0@88;FFmZ7phesLV!42~NF$fHe9*0hAjN=Usre0M6 z&9UNXU{irA3s~6_azmx2OBa_A9Lkv_^ab5`wEu%?tD%c`8GN`$^!f9#%EIB;W!fnx zO4w=6_$Kpw?Sm%{oL?7yxW(6Eh!uQ$#$A0*KH#h(L_GD#-1@eBRhGPk%t3mCjq|-! z1KuaJ^QPd`)VPCN6?hyl8+oh(JZ2q6$)xr{#XUnYRcwms_&+Q zzh8pc3zcJ5$Bht^X3kc&HnmVKq*N((qGqii=Kh@kt0(-ijSBQDZl+}g?w@d1_(ysb zuyBrn(QOG1Fd}>*NUE=4wST%{*w5p>C9E`tpYKGi1k!~m&GI@qCK_?~>>N$Y2`Xag zi|N}V`!E|T)x@r3Y1?Zw)e|c4?RSv@;2n3fD$?R|{1>N)2+3*Wn3eQ&>EXNsrUV0z zWqsLliBn7o$zuOVd-}c0g9$*r`#Pib?Gi+?QvQlKWG%V(aK5~#m8a7);Cy|f%P+hO zmjocWz6;bf4Dz~l-=EFP{Av7K)fbhYFOAd*W@M^S1rHC`E1!KO#u?eR@$#`Sz~4`8 z%PX6USb!~MVmjs3l<7V_cIvK6yu+}b35$&p>)&aAW-g+p(Iibl$5MdW&RRX4kyP7V zAf$FcQd(wYARj zS&f1HrY{!J)lgz4FNOg3#$}4iEmxo#OH_vHCb_L)9JIc3=`E0izS5GzvvlZ=ly@|J zM^}$!LFr$OTBD^3e$(nWd3Aqo3+%aH%Fg0FKuC{Aat?gBcf_sfwY_OFLR%l_O=xKW z57f#mQ#J-k&86P-*^x!C{4_`TX?2NBpU;WIYradV+C;Z6tOp>_M^ulvXJ6i>^rb(n ztRXry)e!07YH-Ig%k$=2SCpQC_s)@1f84cP_Tnn6Q8PlYx+$sB&(GN(AvmX4jh4ki zy#%TgsmXK~=-2!kG`ge5>K)OI53Gp$4K9w{M@%>Fmo+PJP|yr`lAq7^JT^D}pk^>J z)q8)3NOU12Ms{?H@S0AawjQN)2f6Ql&>U@l1@ff1uZ#=^bcMCSqFgmYV(I9ppE}fg20T5_;-w${LlTXDVY1^ML=%S(Q&ph50muxH zJqwTQzQiR%6~NN0fgnJ7)2b7YF<==5Y>)znB>hH6VD{Cc2|&0I|CI{ZM!%LWT*v=$ zSe^(vMEm9({zy(w_cJx|dB*m?Tb2Ay6z8LwR>kLr$9?UjJQ|OU1;(@(Kiw$%Zb=`# z$X?pNrABanxPH`!Yk<0y8?(HfR{&3Q)ZHki7wT$KR^H!$r}$(YZ__pe!_AiA5Hyop zR&Wu`=I|eNroOZC%{6`doq+Lt_yf~9J>wzP$(pL9^Iq)S(TRW?B#E>yd#Y1e!_8Vf zOM`+ZKik+corZU6nj_@FBU8!78NuYAs^}oRT~R8oIYV6Jnd^b zc}CnKzM?U|UEmoIS63g5w>2|h^NpjaPO}bAb`IN}_Axw}NmsYnx%0xrRQ5oss#f8( zGIx0nA8#Z%!vCkl#<*zdlUf6nx;S*FW@B?2%{+X=F(>W%`XG0V}g`9`{T4eozz&DGujybrjiV z{&j+FFVOhT3E2!RDY`w7CZSGe*`!*Krle0L{PCMlR6Q z-Hqy7-W?RJ=dn_cCk5YbiLQTBTc^;(K*K;=9dtaGdT(FWE~(!(sYI;qiu26Na~D+m zcg0ga^mXuigZa{a_nL{+o`WY!8W0U&TQSA*ZcA3s3Ta&@d;h*>2Qq6(+ zdaK0G_gnvmr2$m!@BJ+hk%h4$vL8Rd6RewWz*jN$Z@(!~}{r@#OE+Fj|(Q@sbYmLaNAS zuKFSarz>QRWKRY%#1Q<+)dO7;R#$&Ja#NpzJbyd#EAC5>a9eN9HNa&3YJ>0>q)WihRyXDH zw}SV!%q04zq!7qS0*7MA`-7muaPe5>=C7tRw^Wm0`_Z~?j^LeEBAJ4fd--7?$Dgk$ z2DQD?^@y{9{P)N+h4~XpO~jAc4p!&kIfSs96wE?)-ohT8SL~K$5>!kRxRJuSd`QqT zcHB zJMHNjAE%X!Mw*a$1S-da$pnwPMXj zrs+6C7#*kL^6_>1^w41~85dJe>=#Z=rWfvJTIL`Lq4vc z>VF9&AIocx-=I6OzVdL0u~zId(n3H z`0OiabLT)azz8{=6hd6xPxc6OBEI{T;J(g7Ou$->?}wm}6V7Ja?F?wD^I}6_wS@hc zHrgK@gbB74YV*a2a!oRSqn~OC{*?QHR0(>($&EdgLh@v~j}mxGd|$tnz+)c|9=F&( zOZeqFRm017+H>>;b-Cgi0q~|{JNu`t+Kbgf=h`0nY^ty6KOtFh6}Y3ny8~I%TZk)y zy*3;kr?8UYu7X#48=hL!Ufy;wTZ+LIj{WMQ^LmtV;W8!nP5O`LQBh~iX zaUeWsHBdR2EH@v>JuLywdsG9KDA%ZT#c0%LoA4?RjyiLCjz4xlUYlvFcbT!?>COK{ zt0y#dUaUQy2pmB$e`V3gG7?yV~6W2w2_c*=n~GQuf)*~&L) ztF37+xWd$O*-%6{#knLZ(CK!;)pKZhYU%q%klGO$;z|w5*|HI&JT-v~X(OjLlp+4lIh> z0k$SpGp9WmAC~->EQ3GTP(MZ)VRLsv%v8(rj#)=OI{5?$j$oz7zmbcH0SP`lN5f<7 zzA4VW)paJgv*`4b2&DD+U&I z4i>rB(2!H%aoI!UWZc)Sf&9%r8OL;)MWISBR!5%UnX_p3-%P`+qI|G6mGsp>@Aq6x zuAUxNK0@ibjg?a%Obg45mV4@rs&5UUmec909L)*`@22W}uSl#8S(JlB=IZ@2IRu8M z{@x+@!R_Q|=C~mh!0<;&C77)oE5k<9o&l23*~2 z90ec1bdSYd@CEL=WnooT$b%vc)0V-XuVC~}j3Tl4IkPmJ#CQHjWfqJg!}?PM#i!ro zaDmSx($Zw+C$5(d&}G?Ou-FpntNW?=b$$uK zJU^bx1nk{;N7`Vi0aNBT8qAX1YY#m~&kEaf%m~UY(D7_gM+;yN&Hr9HqFYLNPkSBw zb|;mSD>}%3x&}7M#Jo1r(tY;qtq6YNGsXPSE1Ru%PIC&0R9#fZWtE++ds&E`gx(~a z9RKl7;%**fM*`>B@Oq~~C)(>xC4(R#ec-8rKFz)e!)*d1iDbZkEd7_uyy`a7mHI== z43kR-&n%c23sNi!CclwOX8stpp^MdF`Af}N%KtMg@;Om2xD0JYPVlp9iVI39LuZg` zt8QflLeI*{GKNa)1RLISwFd-0-;qBMi*w+e%=xHYU;L-5&xIWU#VC04+mw06TpXp8tMP2!KY>M$p60bT4C~i^cvW}w z6lrVeUw?9=4@lW@H@{zWMcgryExo^o9IocXLOEmorB^#Fp1Uq#yY8|OJWZ0umB35lB`~| zye8K=D(P%Yl=?B-vg{(&)q8nTF6f(=KkfRiQ+9nRy(SZ=*w)@F3?!*O^vu}HIhjix zj#9)&Yf2%P4SiQOeqZvaksTO;GkX^2b05LJNY%Yax2#uuV_?@#x7unh|2CxOS%V8d^LgN>##0GvTfaVAX7krY zjS8$zt(Fuq)CST7OBjtb?z09QUu%8cxQ@l)4S~hJ>(JOt&+m1;SDq9_k+zk?o5{gP zX-iqvr{aIu^$`49J42BbYN^lHpBK|?*WdAWvU|r^I68TfCT$)ookk3^2cOT8r0ddD zO?)Q-9@2g5x{tRd59(=TF}f}#+9Q2s_rwL+EA2nDo^UHO_*5qmf28WBXaz}wa^%J| zTvqwU4u-vwSZ`I+zfx=6WC%89h8y|NOURgvSNqOIcv;wY%IhZv$%Et&7PrirjIfQ& z_4_<xu8*v@nzT*=fGNHgb40fv_x5I$0wd#vyQzd z*}DjZ9LvrDYjA4=;`Jp`X3#i@4?gIj!yA)GB%%t z?w_r(o64^MW3e|e3tL;&;t}SQxLTc6ddV|5y>qL9W{Z2Yp5{a2X8yL$ z9CEkq?1ft zb$r=MwPowwhu^mKdn+dW^ltxME0x@h{LCCP=V>qb2E$rzU?i5`rZ){WGFUj!3#-GS ztFQ4g!fy`0oC(eUxx17kJI2RfO*oizTxu)CZg%#C-&wcMLx`Ps8*(`AywC-9iFtE# zxNZW2G4}r)jEdC8bu&(rkQ9gjb1pM@JlS_d;XRxBUn|F$I*oH}OboU0bN6C-Gg+m_ z9lx%j+Fk^JtkuzXmCZMX%&r?39mF4uiOU zqA8&sSyc@xL*&Q|)8DGzp$YtEDWT*tr^ik$NLA+IE@lMdT?rOaYCDG)Ov%=bIfRta ziJ4a+8g#0tjrE??TMU5Wj5oK&#e&sfUZV24<;HP|_r#!~+gR3Z^V{kE$DzC2T-P5t z4R=-2BG`6E?&5Q{hg26T2One|XVW(9`|0Ni2Np7AB(a%Wz$@n<;!uQxOnmFh=KNog zoO4oB?Xh6tNcWeB!H@U0?=P@x^~ikZ8pw_T@mbgyw~4R*`2OnHo}O}!0Bjcrw6|J{ zsl+tR*xcF>dHv1{pY-$%kIycBjEm{{&=#-T!5iwf{P16_T8VxcU+1W&oiLQ$e%7BL zZE8xl&$392)nCe7rlF0}f0Iiye@+mvvDUtMr;HUuBn%LV)BL6dZb~Mb;u11J%ssekqqyemwxKvffJJ$km;aVxeTVF4;Um5>>ig zm6`H$X6eMOmff%j7;PtnyuyKjYQxJ=MxEq9jGLJcH#@IXCp_QPQ5V!QH<)g)-)7Nl zYVnJYe!9LBxv$nyYpp48d;1f!w;y0J^c=!6*Xrh=b6r!EXD zreWfE0-QeBDUmb$+Y!l6NLK{BHUq$G^E~)Z4n+u+fkwofQkK*J%HqiCmc)}NU>&)R8HBER&CSA0 z9*PE~8(VVGyCBtl73>I_`eS_1tP0fuQz_LLSFru_@iA>Qgnss1OOtf}dmBzr%qu!7C9mnSL+p-<|NQtgek_BEU$Ky*k@6;jN#~xVPi_ z+0XA<(Ic_3CiMeXtkb9-FIosNic`z#cx}_PsAcBg##x7S{FZ!5DL1fy6lTfFHIT7> zTJ9)qHgQ#r%9!(b`|ge|8{K44Y+F(tN}y^|wQU~D4{UN?Y3(`x@yKEnX?D=`3tY8( z<=|VaKu^e@Tx@C`RIc4LLlZ?4JG$sNC=G(vjESS_a!Zdese+y|N;vloI>FLWh8M-# z;SIS%Cbs~+sF*w>tvs$jKYYz5i%x6@0d{mB3@R>Z^?he_n1TP+oM7sc@9-u(;h@sY zbbn`C${0D!N843)9oId(9_b#$%k^WJ;-@pg!ei9xZ{4_O&vp$fWR4>}bBom*+xbP> z1b^L-D#Eqn+a@*l6Rj(=kpRAQAfYZ&4S&wan>Q?3U=ZuaJL&M&pbaa!wfoh&<{Ex7 z8Q<}!y-4f)yRj68UBieHgONF$o)EEsTiM_4Xi-#jB)+g28BV%$3R=m_Y0(+QBpLb< z8A%v~|C3tb8Ol8rG)jPVRWzQTCy8a1$EeU6iR{?SJ}O=3i*h#6mQDgT4isqrkUhD) zQUae?2rPs2kvDAL;Ab8j;V-Ea&I%;j+h@pli){crY`uxk;F=tf4UTe~dE!QzCqZsJ zKESumWeoiMSlHocFsFdbN)p$q>x@FpQmnl=4Bo7MeH><#Ke0#DMPgTeW2wF74KLHX zV6Lq}At@V&>UwKR`Z1luD&Jm;u^xAtnlH;iCeF`doG0?T4u3rU?iY7g%sXYz3&KF% zxogi-hEo2SMS5!9@PYzS!wIT_p9hS3nI0ZG3w>{KCsj@ng+4*p1;anKF4*N12OGRa zV`Nvh>ewe={6yocpJ$f*3{uEdMvH0=I?_^}kXc3D65YvrrW~mz#lt$57Rl30jI_r7`;b$R>C;Lu{i zdkKFjQOi<0VVUe*y;k#d?~e^%wBMLMDt+&ilck8~){y+_?;iV-raHBAPYS`e__Np) zfpnu~sJN|))>Ig9_K@rpk0&UQ+eE}&;Ec@U1IL1Ax>tkb!Pcv47KP5Ct9cd^hYO0v z2wVG^O9wX5Ek2f`UUOdg307^ILZNfB?@iRRWppX!I{LCpGdL>ZnU8WxnCPyD!~T+0 zr#!44X*A@5;oJU-=4qxcxa~{4UgX-W0R^d60}?XBWBLUy6XNmk^nnlhDV6Blj{o~s z@H->fq{T|gN1EddZ)WX=LjL%!-I<*-ACC&w8jX(VY-Dmh-D?m4N3Wivm`84jd1sFS zNRaH=954Crh_OBDL9sy|q17S$cF;YR5~3xyKMSZ!6w6$~+V$fYwRGo>kYA_XmWK3c z|GYPXQJ+u7-=fe%+~IkkkC}bv$FduSR)f6?w#+@ zUjHOR{1Jl#qrZ2n<$_c7Z_nP-S1k!Ud$m?v)#ApNt`pQXkA6>dKV6@z}oNoC2&=+Uo8R2ky7JfI@ zGVPZG-aF16fjg9OTpvPi*L=;*k)k8q1OB8BJPG#VNCxuznyn|Drz&T;JnjKWLUcf} zc@vJBQ5+~~oGMVIl>rJ!JF+fnh}Wt#Fh=nicDEhE$o6naj-+f)z8aKdd+*_t2lVp! zw_lRVY)?P-xJ?s8!&q-9XWJ8#6iGc_o)+};0Lk;%3+MgSA>`^}o$}nDy+=DrpYtbv zmtglhG&0dX*$N(LfMar8(NtZkNPJP4cIxd;nzLd7Q&`C65Gv{vu}NJJOsTF0w{3ai2ZVI}%O*4~LHw*M9W>20h1)P0kvOl+y z*b+CQ>$?yA#M?BSIs_-Blk%!^l-GY*{!H*fR}mC;0*{$<;GMc9N@+xv zO29edPq);uv{2Tx%G<@(%_ZbnF%`5nDwg_=eq z*!29*gB3Nnr2Vcq=*#SkUv-EAjkIu%KGx;`D(_s}ncn{Zu2SemN2KU*PN!T-e(qyT z66c&8>bNb}NMe%|Mr#`><#v!rxz}+wwrVc9jW|qX!(3u*LTwDqeOQ~{$GQBT^W;zX z?Rma?_I&qww(s}7&u7o)`Mlq+*QaBIdZnJ^k=LL+Gv8Z;Uy}B%m5!6DNU{VapbWiM zqq?kBY}6$Rx)tCFpwQr`Z8BMzgQJXRD<1J}{Q>o=C-8ag4StZ%$Q09=TAe_rx?I#} zrHX5QE?GJ|CtO+U!7kO`dI-JH>w7h>$|fnrbSiq#?+PPwzVqN%Y!EB+6BT0*ae(oj z4^p%4&Q+2sFvfoGOk7Ky@yo}1&?CDDQY~;pE$et5w?vy(*GhnNxn|nUwv^#S-Ad&d z!;UTNS|7{h{!vEs^ZUnw)GSI|e^2dZI8V8S?StRsbOvVL!G*pHP%@g-)#paj9c!MQ zg1FwNxf6$uWQC7ll)7V;d`xt$=J@%ywi8}a=#Q|Nkk?hB!E-FQbtQLJrgi%S{?W15^!fDB(1k>`^RD)V@|J&eH1dCXl1;dGWLvI;z*suJ zwEu34++k1Glo#qkXTuA$`KcmYz*)uYWq4U*X}AAY$F|+`&QI$IrWU#0AM+7sqrEgH zwi_Q)U#;9o2r_z!IQa@W4sYPgi@6Mk6AR9(W|);Xl{G}G#qFGLc=|yDCiw)zwZzJerPiHtff!51`5gLvw*TOV{BMRs zSBI@jaOOshj3Jm`JY6E)A@@E}`h{Q=Yv7tzQamLPzuDC*Am}a~B=eMx^3xL&=@nzl zA6g+4Pi`x8X`26R=VJe-H4i(_-_s(rhxT}!gixGs)u2Yv>in=bTdBTPLaMI;eO(Sp zloN@_1~zqdl$u-#oWSvV!zTpoWwhR`6HiG1!7YXtCG8D?X@r+S{`{liE757)v@G1B zq1@C)?JkR!_}2r|lWK&| zZ55d#*67YUL|00Dr7jfMnaKR_7tbW_g)joJK^M$rVs3=YoSo4hJQKsuL8JKP?qz$D zLpw+t`xvZwwS9}4Sc-G6wTWCd=4hKEqG_pcQmKwy^Wyt zyvj`sOY1Pu$h)UBH2jzUgE|cPIew6r zY%@O!%^5~_tZLXJcBvx#o+_s+AI?*MlWtk{#?(y&k`h>}*Gc2)2V29{4B3P^oud$6 zZ*P}B0}*^}x^xATH8u3!c|MBdPv(zZPF#jCG;4kRlFhmJ5nIyWnVd$GgSlI1Y{cU z%(?Hi<5VT{t(;A&iZ1c8N(v^^hsS+rFWyS88DUauf|8HznZE8K6O+8mxWI%#`)BY< z%Px{#C_$-mf*m5(%Z?WduSYY-1|QalvZr`j5ojiUawj2tcBb=D=^VTj`PPm11S=%! z8mYD*{H^sDsQWA>euCIhT9KY}gE|41tV`MN4-&mdHhov6(h}g)AkWGfu@tD0a4hnP zax|{6?Y+|%x#KHf691b6r8@zyQHk;E`XUX(`a6OZ$j0WYO|(@cxug&JSJA=>R>|4tD zR^sk20is{1?|oBW52$C5-wNgTv(`_Vj&{CuN+#Euj9Bl4&;(6mzjGjlMeQ}3U>xgg zR3+w>#0j5~0u{5pi8Bn=^kYm{s3r^|*iB`>Xtp%7H~xEiU=d+odlr=2yFF+J36)d& zXRQ9NMf_{{f@ks5n@)*|-9B{ZpQ6S8HT?fPJ669-96_HA(kIZ{Fn^bA{VOEbMaBJP z&Ln$QP(p9Pq>TH)RcL=X^WAZEZuWG^FxIn#FDZ6A!$+_@6H4}K*#R{hytO#t#Q`Kq zb@0DFX5*!Uw7$-f7^$r_wM)XH?U7i_RiX~RNZp&J7a`BBw6|%~M zG24$E1d{;o3%f4MoX_M<;$`ttJHDnb!Q}4|;I{1SWMaHtM!NMaLu)xbnTsT;LBEM} zYe-%)EkM|Y8opV%>5IgWghR5Dc3=dbv!#0BFte_8*a^>^(-zIsI-43dtv>w+W*SJp zbBfznUXaM-aytXf?ED(A`hNQhg_yl1J}rLt*oFh9L^pQ7xY*MxUxP|$5V4v1!iB?M zL6c22PDA77c%0RPm*SCs9P1lwWlpJy1ds6-i7c)h(|vHc&aP)<7o76BQcqN9hOVUL z0D9R`z~^Z#RCrVNCMak(Gd6)mVjtd?qO2b1ZjX!_C@+ASN!q7e`L0);^B-jY%Z2)J z)ru3S1Tx?wrYaFkw**(-Kvt??dYtrH{Eiz?F0t}-p&=6wK9dF4j;g9+j*5xx|9+Ek zYHLZ=L365txZRJnCgj9Jdawdn)rFam-ps)F6&9#NQ4_q*aKgIlYVbV+NP*LyTZq0U zvzxAPvhw;0B`zjLO-IwEqMgtQ#4mtAh${m~;$d@@O~F@D>(`OVKVh!&c!^kkE5Ua1 zkJuFB8(*Tbl?^+oA$o@A+-s|UB{>~CpP%UB1{U=tq^D|GW=lDn`^r;xNob^s59p4I zr8512A*CwY+TUOe6=QfeNQDU%8UgXWj|1ruq8caV{27PK@mGc$)~$KYo32O+&3*?19($%VNm9MYdh%JVV&aw5ChlF3_lBS-mh)ny+{V{bgv-MQ|RY$FpCvB5V=3{p3R(Lu) zd;Jre%?0uo;~Qg9Kr&IH?cL@Fc47CJISt6!@;$=}#v#Q(8sqZZ9UwA5h-GX#+q5mT z1|sWl>5lE^#`SO%x9^S7fz{ADV4eXK?k^j*0=Vp^$U49`BuX7=jr=rQc;lQpii>hX zDQ3;S42LX?Ut5+olm)-l024Va02xwbg*3&0a(QDMMe32 zXo@uW&_WTv{^ZnNdp^*0-C7xqM)g=87@9E-`&fFAq$ao+Ujb>#yVez!AJ=PNee{Mpj>4B@oro&N%(=JJpL literal 0 HcmV?d00001 diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep index 5cf0a850c..e2d61e7b7 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep @@ -2,7 +2,7 @@ SUMMARY: Module to deploy spoke network peered with the Virtual WAN virtual hub as per the Azure Landing Zone conceptual architecture - https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology. This module draws parity with the Enterprise Scale implementation defined in https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vwan-connectivity.json DESCRIPTION: The following Azure resources will be deployed in a single resource group, all of which can be configured using the parameters file: Spoke virtual network - Virtual network peering with Virtual WAN + Virtual network peering with Virtual WAN virtual hub AUTHOR/S: Fai Lai @faister VERSION: 1.0.0 */ @@ -22,25 +22,23 @@ param parSpokeNetworkName string = '${parCompanyPrefix}-vnet-${parLocation}' @description('The IP address range in CIDR notation for the spoke VNET to use. Default: 10.110.0.0/24') param parSpokeNetworkAddressPrefix string = '10.110.0.0/24' +@description('Virtual Hub resource ID. Default: Empty String') +param parVirtualHubResourceId string = '' + @description('Array of DNS Server IP addresses for VNet. Default: Empty Array') param parDNSServerIPArray array = [] -@description('Virtual WAN Azure resource ID. Default: Empty String') -param parVwanResourceId string = '' - @description('Set Parameter to true to Opt-out of deployment telemetry') param parTelemetryOptOut bool = false // Customer Usage Attribution Id var varCuaid = '7b5e6db2-1e8c-4b01-8eee-e1830073a63d' -var varVwanHubName = split(parVwanResourceId, '/')[8] +var varVwanSubscriptionId = split(parVirtualHubResourceId, '/')[2] -var varVnetPeeringVwanName = '${varVwanHubName}/${parSpokeNetworkName}/' +var varVwanResourceGroup = split(parVirtualHubResourceId, '/')[4] -//If Ddos parameter is true Ddos will be Enabled on the Virtual Network -//If Azure Firewall is enabled and Network Dns Proxy is enabled dns will be configured to point to AzureFirewall -resource resSpokeVirtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = if (!empty(parVwanResourceId)) { +resource resSpokeVirtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = if (!empty(parVirtualHubResourceId)) { name: parSpokeNetworkName location: parLocation tags: parTags @@ -56,12 +54,13 @@ resource resSpokeVirtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = } } -resource resVnetPeeringVwan 'Microsoft.Network/virtualHubs/hubVirtualNetworkConnections@2021-05-01' = if (!empty(parVwanResourceId)) { - name: varVnetPeeringVwanName - properties: { - remoteVirtualNetwork: { - id: resSpokeVirtualNetwork.id - } +// The hubVirtualNetworkConnection resource is implemented as a separate module because the deployment scope could be on a different subscription and resource group +module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if (!empty(parVirtualHubResourceId)) { + scope: resourceGroup(varVwanSubscriptionId, varVwanResourceGroup) + name: 'deploy-Vnet-Peering-Vwan' + params: { + parVirtualHubResourceId: parVirtualHubResourceId + parRemoteVirtualNetworkResourceId: resSpokeVirtualNetwork.id } } @@ -71,6 +70,5 @@ module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdRes params: {} } -// Output VNET peering name and Resource ID -output outVnetPeeringVwanName string = resVnetPeeringVwan.name -output outVnetPeeringVwanResourceId string = resVnetPeeringVwan.id +output outSpokeVnetName string = resSpokeVirtualNetwork.name +output outSpokeVnetResourceId string = resSpokeVirtualNetwork.id diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json index edd71c5d2..3fd5eef6b 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json @@ -8,8 +8,8 @@ "parSpokeNetworkAddressPrefix" : { "value": "10.110.0.0/24" }, - "parVwanResourceId": { - "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualWans/alz-vwan-eastus" + "parVirtualHubResourceId": { + "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" }, "parDNSServerIPArray": { "value": [] @@ -18,4 +18,4 @@ "value": false } } - } \ No newline at end of file +} \ No newline at end of file diff --git a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json index 495f4ce69..1e059c842 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json +++ b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json @@ -6,10 +6,10 @@ "value": true }, "parVPNGatewayEnabled":{ - "value": true + "value": false }, "parERGatewayEnabled":{ - "value": true + "value": false }, "parAzureFirewallEnabled": { "value": true From d0859d461333f2da3b8dd4e52a6b822d3e20468a Mon Sep 17 00:00:00 2001 From: faister Date: Sat, 12 Mar 2022 10:25:20 +1100 Subject: [PATCH 03/13] added vnetPeeringVwan module to vwan deployment flow doc --- docs/wiki/DeploymentFlowVWAN.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/wiki/DeploymentFlowVWAN.md b/docs/wiki/DeploymentFlowVWAN.md index fb69f3311..1fa2d3eec 100644 --- a/docs/wiki/DeploymentFlowVWAN.md +++ b/docs/wiki/DeploymentFlowVWAN.md @@ -15,4 +15,4 @@ Modules in this reference implementation must be deployed in the following order | Order | Module | Description | Prerequisites | Module Documentation | | :---: | -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | 1 | Virtual WAN Connectivity | Deploys the Virtual WAN network topology and its components according to the Azure Landing Zone conceptual architecture. | Management Groups, Subscription for vWAN connectivity. | [infra-as-code/bicep/modules/vwanConnectivity](https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/vwanConnectivity) | -| 2 | VNet Peering with vWAN | Connect a virtual network to a Virtual WAN hub. | Management Groups, Subscription for spoke VNet, vWAN Connectivity Module | _**Coming soon**_ | +| 2 | VNet Peering with vWAN | Connect a spoke virtual network to a Virtual WAN virtual hub. | Management Groups, Subscription for spoke VNet, vWAN Connectivity Module | [infra-as-code/bicep/modules/vnetPeeringVwan](https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/vnetPeeringVwan) | From 07ae9facee332257c8bb85fc6fdacf45960987af Mon Sep 17 00:00:00 2001 From: faister Date: Sat, 12 Mar 2022 10:55:07 +1100 Subject: [PATCH 04/13] fixed small linting error --- infra-as-code/bicep/modules/vnetPeeringVwan/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index a0d03017b..d38964e22 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -14,7 +14,7 @@ The module requires the following inputs: | Parameter | Type | Default | Description | Requirement | Example | | ---------------------------- | ------ | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | ---------------------------- | | parCompanyPrefix | string | alz | Prefix value which will be pre-appended to all resource names | 1-10 char | alz | - | parTags | object | Empty Array [] | List of tags (Key Value Pairs) to be applied to resources | None | environment: 'POC' | + | parTags | object | Empty Array [] | List of tags (Key Value Pairs) to be applied to resources | None | environment: 'POC' | | parLocation | string | resourceGroup().location | Location where spoke virtual network will be deployed | Valid Azure Region | `westus` | | parSpokeNetworkName | string | ${parCompanyPrefix}-spokevnet-${resourceGroup().location} | Name prefix for spoke virtual network. Prefix will be appended with the region. | 2-50 char | alz-spokevnet-westus | | parSpokeNetworkAddressPrefix | string | 10.110.0.0/24 | CIDR range for the spoke virtual network | CIDR Notation | 10.110.0.0/24 | From 5ecad5f213e701f73a8cf072d19e80ffd9878386 Mon Sep 17 00:00:00 2001 From: faister Date: Mon, 21 Mar 2022 22:14:28 +1100 Subject: [PATCH 05/13] Added parRemoteVirtualNetworkResourceId and condition that checks for remote spoke vnet --- .../bicep/modules/vnetPeeringVwan/README.md | 9 +++-- .../vnetPeeringVwan/vnetPeeringVwan.bicep | 11 ++++-- .../vnetPeeringVwan.parameters.example.json | 39 ++++++++++--------- 3 files changed, 33 insertions(+), 26 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index d38964e22..c136020cb 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -18,7 +18,8 @@ The module requires the following inputs: | parLocation | string | resourceGroup().location | Location where spoke virtual network will be deployed | Valid Azure Region | `westus` | | parSpokeNetworkName | string | ${parCompanyPrefix}-spokevnet-${resourceGroup().location} | Name prefix for spoke virtual network. Prefix will be appended with the region. | 2-50 char | alz-spokevnet-westus | | parSpokeNetworkAddressPrefix | string | 10.110.0.0/24 | CIDR range for the spoke virtual network | CIDR Notation | 10.110.0.0/24 | - | parVirtualHubResourceId | string | Empty string | Name prefix for spoke virtual network. Prefix will be appended with the region. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | + | parVirtualHubResourceId | string | Empty string | Resource Id for Vwan Virtual Hub. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | +| parRemoteVirtualNetworkResourceId | string | Empty string | Resource Id for remote spoke virtual network. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus | | parDNSServerIPArray | array | Empty array `[]` | Array IP DNS Servers to use for VNet DNS Resolution | None | `['10.10.1.4', '10.20.1.5']` | | parTelemetryOptOut | bool | false | Set Parameter to true to Opt-out of deployment telemetry | None | false | @@ -28,9 +29,9 @@ The module will generate the following outputs: | Output | Type | Example | | ------------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| outSpokeVnetName | string | alz-vnet-westus | -| outSpokeVnetResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-spokevnet-westus/providers/Microsoft.Network/virtualNetworks/alz-vnet-westus | -| outHubVirtualNetworkConnectionResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/alz-vnet-westus | +| outHubVirtualNetworkConnectionName | string | VwanHub-SpokeVnet | +| outHubVirtualNetworkConnectionResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/VwanHub-SpokeVnet | + ## Deployment In this example, the resources required for spoke Vnet and its peering with the Vwan Virtual Hub will be deployed to the resource group specified. According to the Azure Landing Zone Conceptual Architecture, the spoke Vnet resources should be deployed into the Corp Connected Landing Zone subscription. During the deployment step, we will take parameters provided in the example parameters file. diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep index e2d61e7b7..52008fdc5 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep @@ -25,6 +25,9 @@ param parSpokeNetworkAddressPrefix string = '10.110.0.0/24' @description('Virtual Hub resource ID. Default: Empty String') param parVirtualHubResourceId string = '' +@description('Remote Spoke virtual network resource ID. Default: Empty String') +param parRemoteVirtualNetworkResourceId string = '' + @description('Array of DNS Server IP addresses for VNet. Default: Empty Array') param parDNSServerIPArray array = [] @@ -38,7 +41,7 @@ var varVwanSubscriptionId = split(parVirtualHubResourceId, '/')[2] var varVwanResourceGroup = split(parVirtualHubResourceId, '/')[4] -resource resSpokeVirtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = if (!empty(parVirtualHubResourceId)) { +resource resNewSpokeVnet 'Microsoft.Network/virtualNetworks@2021-02-01' = if (empty(parRemoteVirtualNetworkResourceId) && !empty(parVirtualHubResourceId)) { name: parSpokeNetworkName location: parLocation tags: parTags @@ -60,7 +63,7 @@ module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if ( name: 'deploy-Vnet-Peering-Vwan' params: { parVirtualHubResourceId: parVirtualHubResourceId - parRemoteVirtualNetworkResourceId: resSpokeVirtualNetwork.id + parRemoteVirtualNetworkResourceId: !empty(parRemoteVirtualNetworkResourceId) ? parRemoteVirtualNetworkResourceId : resNewSpokeVnet.id } } @@ -70,5 +73,5 @@ module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdRes params: {} } -output outSpokeVnetName string = resSpokeVirtualNetwork.name -output outSpokeVnetResourceId string = resSpokeVirtualNetwork.id +output outHubVirtualNetworkConnectionName string = modhubVirtualNetworkConnection.name +output outHubVirtualNetworkConnectionResourceId string = modhubVirtualNetworkConnection.outputs.outHubVirtualNetworkConnectionResourceId diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json index 3fd5eef6b..086d5da56 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json @@ -1,21 +1,24 @@ { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "parCompanyPrefix":{ - "value": "alz" - }, - "parSpokeNetworkAddressPrefix" : { - "value": "10.110.0.0/24" - }, - "parVirtualHubResourceId": { - "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" - }, - "parDNSServerIPArray": { - "value": [] - }, - "parTelemetryOptOut": { - "value": false - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "parCompanyPrefix": { + "value": "alz" + }, + "parSpokeNetworkAddressPrefix": { + "value": "10.110.0.0/24" + }, + "parVirtualHubResourceId": { + "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" + }, + "parRemoteVirtualNetworkResourceId": { + "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-westus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus" + }, + "parDNSServerIPArray": { + "value": [] + }, + "parTelemetryOptOut": { + "value": false } + } } \ No newline at end of file From 2437b7bd7c3524fa8ce3d02d6eba3ba5e1667b5e Mon Sep 17 00:00:00 2001 From: faister Date: Tue, 22 Mar 2022 21:55:09 +1100 Subject: [PATCH 06/13] just doing the vwan connection peering with spoke vnet --- .../bicep/modules/vnetPeeringVwan/README.md | 66 +++++++------------ .../vnetPeeringVwan/vnetPeeringVwan.bicep | 42 ++---------- .../vnetPeeringVwan.parameters.example.json | 9 --- 3 files changed, 30 insertions(+), 87 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index c136020cb..ae109b30b 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -1,10 +1,9 @@ # Module: VNet Peering with vWAN -This module is used to deploy virtual network peering with the Virtual WAN virtual hub. This network topology is based on the Azure Landing Zone conceptual architecture which can be found [here](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology) and the hub-spoke network topology with Virtual WAN [here](https://docs.microsoft.com/en-us/azure/architecture/networking/hub-spoke-vwan-architecture). Once peered, virtual networks exchange traffic by using the Azure backbone network. Virtual WAN enables transitivity among hubs which is not possible solely by using peering. This module draws parity with the Enterprise Scale implementation in the ARM template [here](https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vnetPeeringVwan.json). +This module is used to perform virtual network peering with the Virtual WAN virtual hub. This network topology is based on the Azure Landing Zone conceptual architecture which can be found [here](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology) and the hub-spoke network topology with Virtual WAN [here](https://docs.microsoft.com/en-us/azure/architecture/networking/hub-spoke-vwan-architecture). Once peered, virtual networks exchange traffic by using the Azure backbone network. Virtual WAN enables transitivity among hubs which is not possible solely by using peering. This module draws parity with the Enterprise Scale implementation in the ARM template [here](https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vnetPeeringVwan.json). Module deploys the following resources which can be configured by parameters: -- Spoke virtual network - Virtual network peering with Virtual WAN virtual hub ## Parameters @@ -13,14 +12,9 @@ The module requires the following inputs: | Parameter | Type | Default | Description | Requirement | Example | | ---------------------------- | ------ | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | ---------------------------- | - | parCompanyPrefix | string | alz | Prefix value which will be pre-appended to all resource names | 1-10 char | alz | - | parTags | object | Empty Array [] | List of tags (Key Value Pairs) to be applied to resources | None | environment: 'POC' | - | parLocation | string | resourceGroup().location | Location where spoke virtual network will be deployed | Valid Azure Region | `westus` | - | parSpokeNetworkName | string | ${parCompanyPrefix}-spokevnet-${resourceGroup().location} | Name prefix for spoke virtual network. Prefix will be appended with the region. | 2-50 char | alz-spokevnet-westus | - | parSpokeNetworkAddressPrefix | string | 10.110.0.0/24 | CIDR range for the spoke virtual network | CIDR Notation | 10.110.0.0/24 | + | parLocation | string | deployment().location | Location where spoke virtual network will be deployed | Valid Azure Region | `eastus` | | parVirtualHubResourceId | string | Empty string | Resource Id for Vwan Virtual Hub. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | | parRemoteVirtualNetworkResourceId | string | Empty string | Resource Id for remote spoke virtual network. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus | - | parDNSServerIPArray | array | Empty array `[]` | Array IP DNS Servers to use for VNet DNS Resolution | None | `['10.10.1.4', '10.20.1.5']` | | parTelemetryOptOut | bool | false | Set Parameter to true to Opt-out of deployment telemetry | None | false | ## Outputs @@ -34,7 +28,7 @@ The module will generate the following outputs: ## Deployment -In this example, the resources required for spoke Vnet and its peering with the Vwan Virtual Hub will be deployed to the resource group specified. According to the Azure Landing Zone Conceptual Architecture, the spoke Vnet resources should be deployed into the Corp Connected Landing Zone subscription. During the deployment step, we will take parameters provided in the example parameters file. +In this example, the remote spoke Vnet will be peered with the Vwan Virtual Hub in the Connectivity subscription. During the deployment step, we will take parameters provided in the example parameters file. | Azure Cloud | Bicep template | Input parameters file | | -------------- | ------------------- | ---------------------------------------- | @@ -45,66 +39,54 @@ In this example, the resources required for spoke Vnet and its peering with the ### Azure CLI ```bash # For Azure global regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription -CorpConnectedLZSubscriptionId="[your corp connected landing zone subscription ID]" -az account set --subscription $CorpConnectedLZSubscriptionId - -az group create --location westus \ - --name alz-spokevnet-westus +# Set your Connectivity subscription ID as the the current subscription +$ConnectivitySubscriptionId="[your Connectivity subscription ID]" +az account set --subscription $ConnectivitySubscriptionId -az deployment group create \ - --resource-group alz-spokevnet-westus \ +az deployment sub create \ --template-file infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep \ - --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json + --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json \ + --location eastus ``` OR ```bash # For Azure China regions # Set your Corp Connected Landing Zone subscription ID as the the current subscription -CorpConnectedLZSubscriptionId="[your corp connected landing zone subscription ID]" -az account set --subscription $CorpConnectedLZSubscriptionId - -az group create --location chinanorth2 \ - --name alz-spokevnet-chinanorth2 +$ConnectivitySubscriptionId="[your Connectivity subscription ID]" +az account set --subscription $ConnectivitySubscriptionId -az deployment group create \ - --resource-group alz-spokevnet-chinanorth2 \ +az deployment sub create \ --template-file infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep \ - --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json + --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json \ + --location chinaeast2 ``` ### PowerShell ```powershell # For Azure global regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription -$CorpConnectedLZSubscriptionId = "[your corp connected landing zone subscription ID]" +# Set your Connectivity subscription ID as the the current subscription +$ConnectivitySubscriptionId = "[your Connectivity subscription ID]" -Select-AzSubscription -SubscriptionId $CorpConnectedLZSubscriptionId +Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'alz-spokevnet-westus' ` - -Location 'WestUs' - -New-AzResourceGroupDeployment ` +New-AzDeployment ` -TemplateFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep ` -TemplateParameterFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json ` - -ResourceGroupName 'alz-spokevnet-westus' + -Location 'eastus' ``` OR ```powershell # For Azure China regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription -$CorpConnectedLZSubscriptionId = "[your corp connected landing zone subscription ID]" +# Set your Connectivity subscription ID as the the current subscription +$ConnectivitySubscriptionId = "[your Connectivity subscription ID]" -Select-AzSubscription -SubscriptionId $CorpConnectedLZSubscriptionId +Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'alz-spokevnet-chinanorth2' ` - -Location 'chinanorth2' - -New-AzResourceGroupDeployment ` +New-AzDeployment ` -TemplateFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep ` -TemplateParameterFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json ` - -ResourceGroupName 'alz-spokevnet-chinanorth2' + -Location 'chinaeast2' ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep index 52008fdc5..410478faf 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep @@ -1,26 +1,15 @@ /* -SUMMARY: Module to deploy spoke network peered with the Virtual WAN virtual hub as per the Azure Landing Zone conceptual architecture - https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology. This module draws parity with the Enterprise Scale implementation defined in https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vwan-connectivity.json -DESCRIPTION: The following Azure resources will be deployed in a single resource group, all of which can be configured using the parameters file: - Spoke virtual network +SUMMARY: Module to perform spoke network peering with the Virtual WAN virtual hub as per the Azure Landing Zone conceptual architecture - https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology. This module draws parity with the Enterprise Scale implementation defined in https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vwan-connectivity.json +DESCRIPTION: The peering can be configured using the parameters file: Virtual network peering with Virtual WAN virtual hub AUTHOR/S: Fai Lai @faister VERSION: 1.0.0 */ -@description('Prefix value which will be prepended to all resource names. Default: alz') -param parCompanyPrefix string = 'alz' - -@description('Tags you would like to be applied to all resources in this module. Default: empty array') -param parTags object = {} +targetScope = 'subscription' @description('Region in which the resource group was created. Default: {resourceGroup().location}') -param parLocation string = resourceGroup().location - -@description('Prefix Used for Spoke virtual network. Default: {parCompanyPrefix}-vnet-{parLocation}') -param parSpokeNetworkName string = '${parCompanyPrefix}-vnet-${parLocation}' - -@description('The IP address range in CIDR notation for the spoke VNET to use. Default: 10.110.0.0/24') -param parSpokeNetworkAddressPrefix string = '10.110.0.0/24' +param parLocation string = deployment().location @description('Virtual Hub resource ID. Default: Empty String') param parVirtualHubResourceId string = '' @@ -28,9 +17,6 @@ param parVirtualHubResourceId string = '' @description('Remote Spoke virtual network resource ID. Default: Empty String') param parRemoteVirtualNetworkResourceId string = '' -@description('Array of DNS Server IP addresses for VNet. Default: Empty Array') -param parDNSServerIPArray array = [] - @description('Set Parameter to true to Opt-out of deployment telemetry') param parTelemetryOptOut bool = false @@ -41,29 +27,13 @@ var varVwanSubscriptionId = split(parVirtualHubResourceId, '/')[2] var varVwanResourceGroup = split(parVirtualHubResourceId, '/')[4] -resource resNewSpokeVnet 'Microsoft.Network/virtualNetworks@2021-02-01' = if (empty(parRemoteVirtualNetworkResourceId) && !empty(parVirtualHubResourceId)) { - name: parSpokeNetworkName - location: parLocation - tags: parTags - properties: { - addressSpace: { - addressPrefixes: [ - parSpokeNetworkAddressPrefix - ] - } - dhcpOptions: (!empty(parDNSServerIPArray) ? true : false) ? { - dnsServers: parDNSServerIPArray - } : null - } -} - // The hubVirtualNetworkConnection resource is implemented as a separate module because the deployment scope could be on a different subscription and resource group -module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if (!empty(parVirtualHubResourceId)) { +module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if (!empty(parVirtualHubResourceId) && !empty(parRemoteVirtualNetworkResourceId)) { scope: resourceGroup(varVwanSubscriptionId, varVwanResourceGroup) name: 'deploy-Vnet-Peering-Vwan' params: { parVirtualHubResourceId: parVirtualHubResourceId - parRemoteVirtualNetworkResourceId: !empty(parRemoteVirtualNetworkResourceId) ? parRemoteVirtualNetworkResourceId : resNewSpokeVnet.id + parRemoteVirtualNetworkResourceId: parRemoteVirtualNetworkResourceId } } diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json index 086d5da56..3b96ba58f 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json @@ -2,21 +2,12 @@ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { - "parCompanyPrefix": { - "value": "alz" - }, - "parSpokeNetworkAddressPrefix": { - "value": "10.110.0.0/24" - }, "parVirtualHubResourceId": { "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" }, "parRemoteVirtualNetworkResourceId": { "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-westus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus" }, - "parDNSServerIPArray": { - "value": [] - }, "parTelemetryOptOut": { "value": false } From 893e0c3f2d63257191c19870e6234ae294c20165 Mon Sep 17 00:00:00 2001 From: faister Date: Tue, 22 Mar 2022 22:01:45 +1100 Subject: [PATCH 07/13] using the correct cuaIdSubscription module --- .../bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep index 410478faf..ab756ae19 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep @@ -38,7 +38,7 @@ module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if ( } // Optional Deployment for Customer Usage Attribution -module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdResourceGroup.bicep' = if (!parTelemetryOptOut) { +module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdSubscription.bicep' = if (!parTelemetryOptOut) { name: 'pid-${varCuaid}-${uniqueString(parLocation)}' params: {} } From f7a3fb0bdbb4b4e5e8c5327c057d3d1689542b09 Mon Sep 17 00:00:00 2001 From: faister Date: Wed, 23 Mar 2022 16:53:47 +1100 Subject: [PATCH 08/13] tested vnet peering with vwan vhub - all ok --- .../media/vnetPeeringVwanBicepVisualizer.png | Bin 41276 -> 13951 bytes .../vnetPeeringVwan.parameters.example.json | 4 ++-- .../vwanConnectivity.parameters.example.json | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanBicepVisualizer.png b/infra-as-code/bicep/modules/vnetPeeringVwan/media/vnetPeeringVwanBicepVisualizer.png index 671a8d0a3e329094a311e0d653cbd6e83cf9ffe0..3211c79fed34f787a367a25dd686e516a9e8cd79 100755 GIT binary patch literal 13951 zcmcJ01yoeugFCw4w+|*D!Ppjez9P3?&`X%|5=r zJ-h$2=ePg=?m4^X+&6RHoELZAz3<*n-RM_ZDuj46cn=;tAXI&+r1RjxLvdhJ!@&Z6 ziB3`c0(?F6&{0u%P&P!j3G85iv+ao2RYnE_uFuR82~y-!#>6?*sEF);R+f~=v!;fSm=-$xR(hle8y zS4_BUALm@j;cQE$WU?=D*x7`w9K+h^%50MlBkTv84lqg6K7Vk zPHe+vW{Jhn!XY(ab5(%!eyS$Eq@bWMj3S~hDJ<-rfjK#3iaJ#-FE2Cct>V3V_inPm zYnzGP9aA=GceZX8<}_PURW&N=vfwx|F(L0fz|4tRX4M0otOjXsk9>ne z8kRXD7$T|f=#Hm7N#MkO`t)gKObi}~s=}-#pg!pj+IK)Hc7+sJa_A&9IU{#?-2 z?)oWX@O9-Zh>WLJ(5hR!E{Yhf+7M^Nmuin%(zCGEWpTk~IL9f8Lle(kNL}>g;V7>h zh=ZESgI2=*d-b^N-My+wSFnLFzFcu-JfS+U&zFmtFUikgI)wX;I78C5mE`XrSh53d=Dp?4*l1U z;cd0{6a6w|9gamLERDa1|G7G;I0Ny>HzoyZ#!Kp(QudGJXgyZURSV&^l7?!*1L=a| z%;CMl|F*GMLdX@ADE@7`_NAYooZ(AY;LZHB(6=|9j(Se${dE{c-PM+XMn;ck!)buBEgA_liCFu$xyn3Kam9aju4)4pgcOBLB>T3IUd97;S zjJVr9MN6yW+iKfOX)iW;RO9TRyoQ*cEQ1cNQ>N^bH*GsW>01zGavrtxElB@u-6~#j zuJB&a;bdr|`7vJO!NIP4e~IS$?d1Nd&)jx{b0O1|URk=0`kj~Q#~FG9501WqBA7`>VCT+OI(r>(Uu#F58FWe+(0v0~8%)U*(TJGyF zuiS_58pD6cs_cc=$a~Vxzu{Bx z;6VR~lEFECRH9)!sa;`|e|q!kmF?^#AAwG-{G6nh!~0#S-KsOLYE-FikKuJ9C}t2p-rZdv1=yL?gW z-*}fP5u~vdrCC6w%+*fyY3AZJhd8&#tJ}Jk6JDh3*_?;At8m>2l`%a@+V38YUm~z_ zqfeu{x$u%Q?ACU#Q{ec0sGZMN zP~0JVI%BI&2);NIXNh-UxQ8O`hnb+Sa&J;>6^oD{{fEa$tceOq=)N6 z3paIqxr%jF3Hsbb#^3EOtvBAB*1_ip#vR~)l}&d;>99q=LDJ4&-l&j?MLvvhV7knP!28>V*Irt@aohDtNe}S#o?Os zfN+3C%lUFF(>uAV(?x4mtUXBmOTiT9ok)0!$n!ax_PqB}J144}2Apvx1k^&ElHNPE zVOWIjcA-&@v#`NIr$bF3$OtXQx7bFnF^BwGM@wh10G zff9%)Vjrace)E|zyq@v)Ac`-3;BwN)1#^F<3+}cu2ZBs=)k5+ZOlfF~caRUam$#OF}ADM27 zK*!&2w=}L80*^=dG@D^Ai+fv25&?Xj6n}RO%)n9Gz31639y3hYV5cX>nN*$W97dNY z)w=5%Og^LU+^#A+jqOBJ1#R&ukG&k{CT0JKdT-H?i@jhKEXgo$wN20GbxkvNkG|PZ zk#o=9EBpqnVoi`9<%6Tpkd;~zYme&U8DwVYzlCXJOHMQ=Ks|0R)}^?^v?T4vpHNz7 zt{nXtEZ+PLp|yG$MduD7$LM#Mg_Q!8mk3cjc!GVlzgdv$y|3DNd$sQ(ceANIf3*;J zHjgTtZa!OZpfvUU8hE)`pk+(d*l;|mZW1?Sl^`=|;xd>a;yq(mFkNARF#c#6PFw7@ zH&+j{pZNLZ`|A1jn{Mv%rezGGy2vZ(lkqnuvMVv1xdBy;luCRlk_pt$y6X$B!{pm+ z)#u)91sx5FHHzMCd`r-=cL|o6xjaA+`>g2{R1ZlGXh#0Z5aBMA_wG$?Tch#Y&Lg6( z7&9>LGNEbp;=%1CB-?EkmzUhM2A{D6QjHg^Ecz@4dY{evG~U_h8M{T0GmhR;h4lty z;nc+lRwK=Vo4d2Gk8u zuI<^;R}23Wj!SMl4NrroJ0QzybMLO#MK-&CH+VVB0=L?|SkLuAg3p(tvX#4JqI$+Y zg$zgqUHi^9cooY4|J(cK1UZY%7(lWbq{+3rYXLjkty?TB8iUeH?aX-$JN=&eHkA#G zxuQ;?lqXA_Y)Xow7QAYlg9`;KXM4(*Bq0RMUl7%TAECwJja0HP3c9#{d=n^!tdZo1 zST$`7@V9zSGOe4tq4-9gHh&g?Jz5N*w!&|8C5&*d@O8zlq^svhdUQLJ9{I`-Qj}Y? z-ol}kwK4Pb4LR#adocL3*Qu4yc=Xv{?R;jd1WTVoU6keG6iQj9Gk4N>^Zdq{QI=^N|t;B|if+u}30X%E#MEuFsftu3xnBjt6+D38BJt;gNz;lG4tC&U6ZCytb@7 z9RjlPCz(%moLsayZVey}eP$uC^^{&QDyBQMHtqTNVKe&bakO0s!Ncn|F=yi@hfb=j z^`l`qA6-iH<-hCfEZ3&b=@6*HrHr8*nb~-i{1rZ%(DSRP%PnKZ&6>Ji*$bC;cCrK- zF@Y&$iu0rle-$wwBl;2n+=|za3cgO|mxXX-oy0_6Fm0krTahN_8$aG0oBy>%4a%y_ zqM(Evx4jE7B$|zLIxe7hR#>*Gk{K;^4a4t?8}}ow%gPOq`!I zu1?TmX&Z4xy#dm(I$Z60IzdfE^q`xCJkcH;`-3?cbErs(KD-tY8^f7ZMoOFZGkfSV zhf)*$Su}y^Q89+GyeL+$n`&Q}*kZt#?8Pd%)G~y14g+)D*sbd^fMWIzWwd24zGwQa z_T9Jy9c7BFRsId2dzR{nvK#v$QF*W~05>%@rc18cR=qTGX|Da#e7kObJ%?MdRq^Aq z$#I9*dbZD`G;Pln0D0WRz7Q`pDKVu+G58nKUa$KTY#nW2J^L{(mLiFs#023#i3vs_ zlhp3(?ZQYdvG$R0vK&Nnxzp7}p6hH$b4f?1OM$jB8)G0|lBAl%G5v{Mos40{Sdwx$ zSnz>X)Hie%-CF}uhW5|TK+x@DNVpvKKuj}#?9qbn3L$5}FSSdeU!uXc0av>&!Q1^- z9BCef_|2?^qNm!E&i2D|-6o`Wd%3@BocM^LLi*7t$Dz zD^wb$G@g8;g_~f}^Xz(#jxK9WUzRT|k{C+_q~&%|0cDSv1aClPlmA6?muDY>CU9!Ei$%f|Tdc znFra2y&Wyui6AlHOz1&bhASgne$!n=Ix0X)Mum9b8oM`GeWOM9yGeHx#`*#so1S7X zlZXD8;v~L1G)CchM=SpX+rE^{1T!m5_IiXUvXgv!dsb;;vPttgR=uDx>h0+Lx$9Q0 zrovN4c{!f(z2DQluilPTmQG$N+SQ$HPHEj=YB5ytiG3$qav5m~ht`o$ehmrBtP&#B zV>y*=e*DT1nb3T&Nka-Plh(_yz@W~hc5OoW$_Dn z2{5yJgfu0*O-RjFB4RXt{_0SuWjOF$P=fhP-;b60dhZisOEo2n9t46}=YTu_kPH7C z)q=)h5)6@|;f8*8h+kX6uLxVbQ3|+YkBkO&0V%V3;p%f@+nZdvh%(k+fKSB*$tACdGc8on@pSH6mvE?}D3 zE6djI;L%~7z5M8WVaK1gO8G#8(^HS@d$aMVJZ-7jS;H~)2_zb)!h_A0pZ6Q`5F@w zvjbm&dN3c5$Us@GOL|@~1W^gam>}RYtjB%FI5$ksG3S)nQt`WY3)$|-ElLFbN+A)hT3@LI7qbo zdYu9iyZDN_E@33gt~Jq_DIAY&jzQsm@_>sBc2w|DGs^lwh_(}(0kq@Hnoub`$*CA% z3f>j*S@0N^S?3YF?fV$jb#^$w-zZJdz8bjsoJxjA3~j1{*>ZgL2!LHPxwprhK0`h& zN7;tli!s+6|2#TBS*)~<1(%OJ^HYSQ^I{Ju{5tViaGohVl5^-&NW7Ih0_fFzXk1pp z6zLw3{!Ze`ZLETU_UrpG}xy3!d`9NYXi4 zF^P0YlN_Bss!2}EYC_7RPr@K1Y*ew_^OZap*bfi)71<2_Qs^bhWKwE%AK<(|FG=3k zE5|(L!DJxjr^;; zUvZ&I&>hrN;Wt9gVzla_5&0VEHGYxD5~i*J4T%cL1Y&&x>^G{B0stBG3DLR!z}*pk zvSx)Q@HruK3mq=-v`qe#-7qN&i`Bk5noqTtyjYkpyMOm5 zL#5o$B^%E-)C%N9hSS|R`$lulJqM%Pq1WM?s6df5v4FdssngR1kpJ&@!o<8?p#w$$ z+Y_d%FI2!uT>r0V{Qt@f*+Cf4_krOgnu_Y1E)uM+JZ8M%wlw$r5;uhV$rIPayZ~DX zW~I|Fxg(2)XmP=)d>6OeuPB-~g&yt7hQG|CtH|Yg;p%LwLTv==)dc zt37<*eyZUMdod04C#T!%3z+MYf>EP)X{|jwLR&bFLB@aTaBUzgnPjuls)uNMuD<$Y ze{m6uh|cy+fmUr_5+`f5G|3a&dVJ9`LFvIafPQ z3yD1p35uB3L;-@`A1$CZ0chU{Zt#+Rhg!91;V>WKdKR1Fm*wSkOqLjs0~!^J-1EBM zG_F%oK0I71lT_MBvLr$+T<=iq*3`m9Uqywl(E zHxbIXL3dY+je*h$vX_N{>r#ujI*ll7MC?q=Uv-IKUp0Vb!NNJC93uJV&bcTqM^BUg6*bTRmjsWuj!NW5*g zKr_?kYyn(u5`1&QN3R{2-NNiRQ`6TSN1f!IZt>dLo+R#`x&vyEq||mv^-d(MbH!K1 zD6INH^=nY_&e0=H6&nnqGqMmhSk$?2d3ymX!9YVrs_9e%t8X_jj?M|a)g0WKD4uUH zgbD|0jQ?ar-zB>3ui5$ zXEwhote_Izy#8l^^wiDQxFf{P&tI3qtvBh3ar^BsV@1GcZ!Y7mB-vwtw{D!L18&}q zX4D$ge6=4N`}*zMRR%hOG~Buc|KjG;8HdwRb^iLpK>v|E<=QPw#(;wmZsLmP6|1gR zi2ZML`?8k~Y01e`A0DC`H>;_umjYCq@2-o|%oAK9AIu1Mk{#RzP!N)Su_drk=H_^; zF=c-^7*GRtfi|egz1ab2eUJccj^>vIJrBetX4oue{(kO+k1{wV9UPNEBw77r; z-wR%VRN>*bRMnBIeQxSUmMxhLXcOLmN-KqbHoJHW(@YoYY9JEG0?hMbqc9p*d zeNtlxpA|A*Kd3zq(ASC!ezfFpg{_6i4Kz8+-2lJHd6`h6DMXc&FJ;Nq#n2wJ7{yy> zeI>jxRr&2?8#!Fhl^bvveU%4vpJ1;&{DX+2<;X%e2HJysmV~ndQ>Yvu2bLv8Sa^k= z3vII+m*-xua>9_N;0d^gg_y`r4o7Iis{-yact`a3a#yU0Ou%|E{^3n?%k|-acLy#f zhD2l7LBQWG%ChS2m9Ee3aOYgvK;vvX?XAPrB<-2t>z?2#Ky$YbVyFhXTcg&H9|XIH zRK6e0j9)f^@fwA_M|BP+Z1hx&Byd|EXl5nz4C)jkt=VT!GhQCb516?D@Nu!-*#Ri@ zoT($=w(sy-F2psPzxCSP$E?MauJvA0jONUFc}YFtb4PfQ6FvUY2z5GTMO-&w3DTJJ z?tB!}OkN9@S&oAEksjNfwY-vi(Q!!LMnz`Eg^JZy$wM6G5+m{Z`}^k{c!-I!Q`eAD zgtWTc#Q0d1_+e|PfmLQY7LiV) z;`;Y6L7aq>_LBgR7RFh^_IlTcsszccCugz?+7bzJxA2qQS)aPaix5huz3AM2b4(A0 zyh=cZ%HSNh0V&^*o>Vk41efy!dJKvnr_62-DUr7y-oMei@{s9A8TYSy5Y~au8<)!w zKImKhD~9^UK?*Cs6^XrAz}J6!8qd!CC!$=y!GykRDSGzv!RO#^`yTLKeSuUCq0X)u zAv>~vI16*V>t|UY%j;OmMvm{G;hZunF?LTT$;FM4ZziCn*c{aj4Sjuhgg&0W0gkiK z#@o-w8saD}KVQcEGhJ*WmhD9FVRlNe5P_3)vLu(rU9wKV5q%)NZ_;sXk)4KpdRNBI1z4HewaIKM#03uH<7!YTCWCAliN=k_NZ)Ucu^^7?(H-5frMtaG`GmFVK>lEZ~}^j%zs@anCyP46$BE$;mGV)5TRYTEA^ zzwI1*HJSp`bcVGXg~*RrLzeh3npoa!Pe*bE2*D>(0N5~RWbObE5GOJ0{~@X)13V#p z>=^dC**cf~WwHuS@sV^T=hyGvy$6JEA{`dJFT*5JVfqb5Fh{o=Z2DeKvQlhH+z`bn z$fvFsVLPc~UVtszW*Y3C9WJmid6_VYp7d#0j%I_oZc# z+Z&|>7A3l+e=YAJ(NIF4a(^fyoB=Qp0|6!c-i>yfKjk^zN{db2#Fa<{l^&6*Fe{C*gcL_<&4Z^=h=fY3vX&8O!xq-I=#!I| zCd%1rSyU`B5UaEn^lW`R<_s)cWBQu?xi0@5kvXE4)kg1r-ZR6yuou`8n_*8_pekKT z?!T8*jNHz0iNjsohg-r}L-l){a%?ZSCK(^%>m%`jqzk zUYaybNUurx9X~U>w z3MlCDm~JVa(|M8A&iL$J9Vy79V!QIw=fXee=vV}4*Y1pn z_-MdA);L9l5zl1%EKt++5nPO84a%2ohVj6u=o`K2f>?=bM;31wfnl#{!k>tibk#cH z6GQXPZ}oC_@kDZk>PSwZ=vq za&LCSX`QP_^o&7)XL7xgsVUeJ^*x=@9^zs0Wrx>Fs% zI(`vJ?Np#%ZvD!V7;~;)qiEbNYy8)pnHGCR0-rbn0F9S6hZrI{ ztU3SY;oq-2z)0gW=-L3x%_3(MEk8H|_G_qjqeS{7Jj>qBe0YB{Ffib>)}O*RY?ixy zVKsO6`>SGUMa6G}EaQaXh`@mP(V}2c)C>g7hwzE`@OH@-%&Uv)*OnT-?1T-OG#Xg& z45pRTPwN=iNr6x6c-I1*20O*Vz7ei}Qs=8=1YEnaF*>jD*UrW<#I1@^L_;YG6C z0Q@&rL2Svdir=+d?Rg}2^cAd(QZELcnIPLM-fn!n#n)a(%!JC_{!Q@ie_8 zmgFWIKxuA_sj=xjKUO>X@~;K1&@NWo&thIV_tf>Xpq1m;4^6G#w>OJ-^YsM~{B@x{ zh50u(rhBb-x2I#dx8t}&z~MSce{zWAu3hy+y;c_VO7tzNZ3f-<73cQq*K;z!>!$EU zb^hk@Kf}2$)u3UmB0}eu3md7UU(a>{3#@?r%RP%pQO~@x0w^i$=DbJF`%KztM!4}$ zhQrQ1dIuatBvj^9Ur$VyIF!G@@Xj%@91UsNgAy$_wR_x*J)>gATNhEuzcmw28=Cb4 zG|(LnbHBmLJnZ73)vKJQ;5VXJ70#I~H8NTs%FZ^w=Tl{2qebFDfVnq2p=aiF@0i5X zNsN{?pBkPqNODqS4hNr3gPht!G5K5ok7lTYpwZUz)U?@O0-rb$qrWHSYK=d5v;X{R z@ouj~LeAT(n;JBQNoj0;2Rx|V!|8KN7RTf$2Z{e+-<9p9yIw)|FHUD&8n6mos91k53W+)t~E)YA;QCY@jwW8F-gSB~X#mX9m%e&-Hl zgIodyk$)biOb>cc){!rIF zTtof%yZA|q(9_fx0EzPqaK5|0%}+Elg!>GnAq?hy0;v&9udqc~3OzJS`W!1=mpU@Q zU!7~v(IUOT_ongo&OL;&D^D}^w-d9_%qN8N&%Iduk*qCcRqsY1zkH)#+;R;#OTD$E zPVJzu-z+gr$fS~6OCQ6gHou=(gtf#-mzv>J{<;|bo>?;TT*u094Kwu&W_$)V`+>3p zvfLZCMln@KjPRd7`+>=w_WQ5+r?qxt-Sw7wCSLCbVLUb>qfZ~EIsaYm64BMTwj$N% z)c5tYm*h$%SbjtidcNHq_ECU?vJ9O*C4IOeHqowQCGM}e3G?$JIQXRYVMnc?O}a-D z_-t=zFbH6O^AdDY$G;V`yHq5eUyTk)PcF}*KaArvxarz^iBfpvy=PB*Nmxm&S5hM( zNNMf$%c-=i4A1=;;s@cj(`H8PY5Tg_6n5s|q$dx)dj{4V!(7XHZtz01p6}5!s6H>! z#3%daVmR1)#qEC3DeYl#9ZBuEC1u+xEb93F(8^G3-t$eVq^n8UqA|*_rxA=}AbnCB zQgiKb!Q$BE>??BSIClv=1G!=#B<;3!)M>6Fjpu)06Mb z1Dv=2Xu^d4U}(R13i|!`T^OZ7yAR!5VfZ-g-(^q@~wA=EoH`Q(nTNaVz6>8~Jwi~{Ws!QSF1j|=K z@JN0+4KAk-p9TFQK9?HS_8a&tsQr+s>A{IUH#NP`T{M^R==M+UbhptFC5H#5^C z__Y{fAe(8)lEU|H7B-#n*+|f%U4d5013KtDHvQ93Y?1Y;XQA6lcYXTcKi=kw+2Y;p z**p)Y0AlNiiWspK>oXew`Xl3cS^>_$1A-bkv{sgrzmZFMv3x(%H$G55vw^$uU<}62 z#EUKHA34%he*`#-@8Aym9(}7RQ2X&rmzK>OixokV{vTTRrayR&l@#ai^@IswjtX1Z6X8jnFL%OY*>Iuz}NA5L*ilZQ!;HjFD6Bo+Jk=< zX6IDu1lk#xk`({uELvg)ishc1si{A5(%RO7m1@5Jn3T0uPGNY$nH2gK(T>-~VqwfZ zrwioWyq;y~E1DWp(O%yBpND>I?dulJzh4LcjWvTy6E6}o%(uB)=<*u}K`y74i7ohk`y;bc#JP_UI!b^uk!Tnm$h;R|D8_l%9*W>%A+{he zbtTcW)+aZ))K1x#IZoiyGcrreC>nVS zRmx(Tim1V&!ir&T-P!RiZ&=y45?DZlpm_HYRoL-xo?zH7{-+s7BacU1*<1;~YdUg2 z6`&<^Xip5h%JAB?$p$AIye=S`Y|y+RCt(p=GH5gQ=hGG@!Zpq~NV;DBTyYZLJS7J^ zf!2OWtM;as(nl`Hl)S0qoBUB|qILbj43Zj$!KeJ0dza*DOlH#Zs@u~cVXDRU4EL={ z)Toy3WI>eIj*g|%Os&^5DFw(66&Zd^UucUu3d-V~y+r~Oh!7NetX`&Ge)t*n*k~K( zL?){PSS}1?a5j{`(2yvJk8tY7^oPlgcf7kJgKCXF@%0tEr4_Z^>*2OsY_7OpUQ>a# zAA{S)jqaveDy!bUof~O5-E+?Fmy{Y|?TrU=h`^YLdVXm2^H9GS6|+Y_yF~+Xz~NCD zf*T`c=N-D&@eJP&JFOMSIBvFSe?2!KyYju)ceIO_{~|5alXIWyTSn(MkeBWyZol%G zTv8t|V*$TJp=}5`XYq2_UvvvgDY2gA@sEppQPP=+Go+Zcu|XKIKE?;+#td79d*3bZrv=m0klwK= zjU~d`@@dlqOaN#s4bOoX+k_J z+P6Tc(3ywDN*Oj1NVin_f@_@|Iy)aKge&X812dh{CFWtlq7uD!;yhTEs-#ix$n#a&0#0Q#mZ_Sr-ru@2`706|C6JC24!2kDh1W54n^aA16Ti z!|{v-+V?p#oA)#e>YN3NRiAiIETUN@1@M(G*?l1-Yh&;RrLW7)$?_^T=`8)vdElbk zB@>wI)uVje=1dgH2uX($re9Z()rjYAL=LrX2|SveHxns(fVRA)Ldzm~t(9^_8aRZ| zJVWLMUW^2t2N^VdT0(27=0W)ZfwOw>N)FuY@M-LDoPRad6Q{njtap(YS&&g>PvJvb zxxFa%f{f6&Y3lY`fiG)}bz*B#lYs(5vNr=`u!E$hFuN73;#!-x&t93-cfo#LbWAqg zR5|%OBO4skADktgEb3>c5vfL%67vuTnco67{?xq;q%??aM$}kjaVAU(S&ijy*~oJz zjlE|f< zIYQVRDqr(UlHyxc4bAm&=I-$52lG-4X?VAmSjN44ExTT=OP3q#b7Lo#s>qoDHWwk^ z3a6^V*%;H7+m#)5#8Z813j|b;?rxi!Z*v#xp5FOSr*?I|--hjA4QqBne{#(>I98T2 zoJI0pTx7%ch!e0S(jSJHUq=mn$d6!}z*g9}Gdc=db{=I8oM|j_)DQ67Q({8P$|YL3 zWPx%Cs@C(dC}L|r=Hb|5ZW3UV`@X&qD1n3NWo1=#aBzrC%d?3qMwlZ(gIfbN;rNt+Le2GZe;BEC(YRw> zEG^$Wt~RYAL_C<))0=8Y=$_TnzU${=Xq^2?5kS3aL#Z3JcBzloCVSmz5M=nLCv9ph z1W`t!i%CzQ7f(e@Sjh%y=n}c{3NWc?!Lf2f5HWcgTT%F#Tus;m!;4a01-vBn*5{`sJU6X6>gK5|XJi79H z{t?GG4zv4%$X+5PRU2j(FG~VS*i)(dt8@?@0PXpnCWNu@csj~$K;J7+Cl7lyMf6hP ztus^6fuwnOS{U+{S6D0)FQ(N->DCwYw=#Q#o`l7_AtGZ0Uzv$7g_GO&TeCdeP7y*N z74%p3#Rx`VaQ@)^I4k#{D%k3?zq+*ClZV9EBNTmhm4eh;mWWUZ(e+ZKqlbk9x4oXV zQ;bwSzh2;Xp}q>%Q}%@h>yXmyb7<-LNf^w_-&+rok1kZWw}KNs<|&Kyle+iMt^RPX zyu%!82|f=~cgyDwUlaxT{>V#HJuk3|!p=dg^_XQ6MKiHj(V?qMj8aVy= z(q+SbbUpS873U?Ja}bttQlf>h%$M}Ikhm1g@yB%;*bdal!?nA6tKWKk1P21^$T(Ubv5}2$9A?AL#SMIv zXdO^q^wR6oR|!?&zTcKsLf;i;NBLljb!D~fh!^_EAoNnrPm75yt$vwKwn@Gk)}UVz z)25Z9qCvNnrGdMcv#BA}I?NelUDgn$*~!w%1ct`p+rJxuqT7hSFz+t+VyHpgW<}t< zp^@B4pwaDJ5Qv+hMRS=$iJS$H!%m*bRo3k_^mX4XF3w)tF*a-*pY$1f{c4_)zVa}7 zTs@UK?-k~BiR3$bi8JE)5;bZbq)}qpd?J~7c&QHa{R7gi_j34nBqH?_Hap3V?{w05 zSHqq#XR&>Iyv?M7Gcpdql(w3?o5Guw7NcFj*r|%ik97neP@%6lZgVt)26Fs=aRqsm zzvDMRLGhV0umPR0$hh(s$2C%WCwo!Gxmq^EJkw^l;xYg2Na|v6^}8SeQE_#gku2cC zeWQO}W{mDG0yB@ye5N8>WoYRhE3BfC!3iq8CiL35nU%_z{`boW{z)yUFW}J)TmqVO zWWcTqAfzsdl_WZEB+CS2qZ`QiK+rKi)%Pn zmeBi{*sBbFwwRxfaYNA2Fv*v)9=_Ia=q9L=FyU27{xV!*TtC|N<$ZUuc=g4f)E9=R z4uL2A-`Er&BvxJk>s}ASLWSf39`pfnRF5)mb zCAHu5kGKTTS21Ae2uZziYtW73ug`*_-aGmQMt^rGJUM=$+QW7stk8;!qjf1S<3?|% zkF4P&gDQ4*Mfche76FwxIfq6CutEq+qE?m5^*5ji(h6FJ$13aV>)QfSVl@zGp6O5F z4tpk~?&nuOTYTMFc)bdgRqzFncdA=nw$!@?9I@RbZP`j*BN#?~JA_u6Z%{Ygth@geb3VjLWthssK?b#QQSb8&F) ztP$b^du%G?zW_h(c}Azuad0Z*?_XKo1AZrRS2FU#!J&`9{<{;u zx^IhvlRd2bS{CeQwmnDij?VVHXCLk9kP5@FLMa^An@>TLFQO>BKHPhK&E-?U>_dLv z=k*)%`%LsjQAbY$c$u3|eNGp4(=#ikwjjO94b7J@Xv5Uh+?21Ku@DKa_jJ--EG#NV<<(gx$|Ug|CC%uLF9J``-bk z)JkmF9SwX5D%c&KmjAzfz<(DIJ(|esK!3C~B}g2iXnnS~RJrt#wmVxk^ha44DByTQ zFX$tyGCgV}Pt|&6GZD0-)jv;)H1LjOX*zp5Ln~;f=HVD_4-ZC&>d`xgwEVB_cEi!p z(W;N9E=Hb2j1}p<`Giz*@71gqN~%lI#2~M=l}9=viL%fRA!Gi3ZkwYwJ9CXaaS}V! z5sWaurlS#6k15;Kt~uX@xiU+k6*T+*_1@As7)hD*@n7BjnS~o+2H4rsH-6q$9G2kB`mCr;xMnETFoPt zS(S}(<0y7(C(MeTr5R8`fH&Q@X3=_|r!%b&@fE}_>v4;fSdqAg!jnw&Y*}Jnb{=J{ z%9)P{%+Av%8hv+#eB?|7fJOfIfdZY4QV_nS#lLn$OGY%XyzZoiEHQDfun*}LmSW?< z5nnMP;sFf>O7c+cC&?C*vW{Z+ok=S5ApTfBRBhc%6cALocJAPM^H!K%;2m$^t0%&U z9{oTdgz-t}3^PVAu+jB06x1jccoHM#we}dTl=$~$f4Yd<>Owoh3J9?xnk(jf6>(ra zFViU}B0t`{{{;KZy^lg^JiPc=lywZgTyL`^AtZIUX()NN80s+r@ufu9fNp!06aQ);sK>}yHfgO6 zx8q_U8Vw>o!4uX$XAx3I5|!-5PgyNFm2Y|1HDBzhXwr*sCiw zVs75Le`x*lVX9&|bKqmwMyfR}w&1ygE?w)JzEnjakmjjVqvBCf{8!PRCfue~8(!&$ zXNPmkF}vfGyUK|*H`7Qt$Nz4W3%SyS!f6({yn^E2W3E9%Mch+btqdS-Tu<2=B<5=T zKq$U0mv(9)my2*UJex{2pybNI?0M*pzG1LRVb!DgpF4QgO-}3F@^R(~Ig4=YI)pHv z!%N_wv~2YhX1NrKjB;t(@80i`x#4d)sV(mU^3RB^@1Xc*N&Whd=qS|N23-v?Hoaz% z>9;w{8Dq!WGa`r?*TzZ5pQR(UZ@FmrEM9F@bdpp8fuD!isb7h6Kn9-fblLy2|DrCe zyy-Wh%$|2y(kVRS{77QEMmOf^OU?l<#dsVBMqy_|4-M}NjAqDF`0W)sr_6N#GSQH6 z58kj{w;=5^?~ksz**Ya>QOHG^*^jk`+#dPQ1sx7Z{6gzNQnAa>C$VLwjDtHxdOp#i zcCzg~?utC)g;vnTC|u)xUZT|Ltl%KPkDC3(O(`<=z9h(fD!t z!j)bBH^Bl?1ILj6&QN!J453#LU8jbr8K;#!47t5DCw7OraFeo!5|C=l(VGWg^8B_c zdqxgZL6E0?sl1w_1I$}Cbtl4JYyDp({XLtO9=b&WwTBXoc(5ruG2tj1SVTR-b4t~E z_J%lHw?ISv((O+on?tKE|7!MYdo4^g0t7cG;u#ws8_U$qNMTjBT@UzkZUcUF_G6l2 zR|4h`W8ogya%n4)q-n2GFfm*QoA@bOyCce*xIvHpOWrYmlrPf796^^js2sEuPNid; z@Hrx0`eGftv@-iE)g0Dvwn4ehph7jc5+?y7k=$zoi{(7)qPlt${e%);+aZ0q^~eo& zn7*&IE|#cUfCUm$fNM|Y19$%(1BKXJ-Mo0pz%6iQ zW+Z5B04^iL14lQZrFND3@-y#Kfz&pI?fSpgGy!E$ruOh1E{W0|uZ}PxjM!J{;D9aU zW*L9L(KpNV!Hg2aN5oTTkFZX}5#Q)k`>RiEPJbOi4%-eEi6`+AIO;Mis9ZDkp z!uyf!%-$E_QIcu-nK;qq$QsDhpwZ>jJXnxa>S)MsrvYu%{^6bj?J(%%;h_V8i+yu7 zVstLa<)U8@mD{FfV2pfnct-C#`*|?f)_l|l!N2a)?|I%NbN=s(1A`&^iCD7md~_MS zy!ph~_{rr-*dq-?+h9?uFPwavhrL|oB_-6=pn^;v<6=>no3j<*5Sf%t$rHA1D~X|d zUs0NfTYuEn0yCUFrR!$32{PTLi6Gxq9gEkN70Yh3PbCIzTbWnLXiA^|t3Mo+SV4u{ z96rT0a&d8)Ua0xv(knda*~eo&USfnv`CjVGF3oU}YpbGep2P-AWswfU>_D!JqY-iyWiNA@z8Q%ANzzY~}-eFAsFwAxVw41P?( z+IG^+v1E#`m>!cA8~T)+HCs*BIQ+!ZDK-ikwhP%4HE$!*49hHl!^F3_I&k{x(OH2y z+4tVBX6^>r2V4WNCo>CvPiHX4I{3_LV5Nj*Q_W%}`26l56?8u0MDlX0+Toi8?LKuV z&;Du_UwbO_E=#JCMQ{}->r7-@SHKA9F7eE_RWBAM$&2+Ijx+mRcrBc)hYFS={|?A9 zJ{z8aCsXzX-mAfc_Dyl#KQ{SX+&B|-C|SbxMK@JnJj2P+VPbRF;<0J1a3kU?A)VQ2 zy}foLeqR&2YP;EKAG-Z!GL7H5yO&Ra&kBAhhCE+O*ER72r6wk{Zp~rI8^341?vCK&VnL8qa177KAD4y_;oj5m7` zDgMxA2qUV$+`lMZoPQu`391IwWWJlED~_)Da_R>Zo2N2YOQb7knOlG3=k4!g zKZ?e?srPZb(c775z40!-sGK8&hVk5$X?J$H+AwHUAs{DgEb(Fs!Y?GIuo{%Py%M6P zSc)4CB>IF$#o0q;=4W|9r`FiCo zp;cJbOXlAr&q+L+Zm)OE&yCJc>RL0U3!2@cA*4{}`|%+e5v`S7hk(8hA)K&3Gn?;4=L*H~7lLa={}(&e-IC zs=k;9#O)#Fn(ZOiJYiWly!74SgQ5(r<`q@xISwM6)A>NR;-+`5`QV7Eb{#_VAdft& z-c-Yut57mIYKw0{?dU#UJ?WOeKsl=ALXG7V9{{L{J=h={CP=IR zvKb`|@#vx~DxC^Ox{oMKD_G!AO1Er1a;)N=4zu9Y2eVXrJNE+3oX*!?$TSt2Wtp+^i)J@9rfVn0>oTPe8)?P~q2&O#|M;d0rEP@$_rim$e+wxqn`AT`^Jg zV;aRXL2>J@D#=grbP(j0DP-NUr1`f%aODNxolk93r*gbYtGDvta<`k-O|9=m7lNr` zw7d0s+sy+gpXF8MhCYa^d@@iG2}P1y{nE!|xKxV#%hT@>3@Y&ZocS~iIZ=ILMT>$L zSBIzqld0Z;c2xMJ!MeWl`G z0B@iZxYWm|*Pom`QiXxG+K302i+%P-cR%yyy_RvO=h?5nifn0>N=<@%lke38YgFF4Ox6NU-NlSmbThL zaqowCe=ySFAUtE}wdfD2Da2di_V_~~lSj<)#MH7$pf6!RRA!vjMeAS95Wa-o=OI1W zVi`{-K9jlGkAGa!piRzZL&22Z5ukhgPf#`xb9WF{FvGqSz0(fnBx(vXSR?NsOb5I6 zO+>7ExW8LWx~GGXVlKJD!QYgvUtavpQ#YH~;et6R>4Rv8Fk@%j0di8`)mHdpb z6z}(g+vh4MuGPa|=qPmZN0>A^Y)nToo@v16M>Nl-%3iLM2V%RSn^R9Ir3bNEjcQdM z9D|J7SBe?cnUQ29@kV%~rOxUyAMSJoRLQ8+am{>kfrslmxcpZ`HG@zqeP+Z7Y@lrvO}y}!^vq(;OX&_ zD5Wnr=G~tr((9={#8!)GkuT<7MELIU9NE=jIBI=5h(_ z;JA!GEkD|Q3#r_07Y6l6j>BExQksrD{|oVd-o3a|Yp=8spHo@0hqz7HA&+XOpc54`22qhlG$mvD4^&A$y(!Rs_X0orCZ}WpANTfwFRez_@UE6_E@#~`GkPdiD zG$M`|B3wvT7&hXPDr-(%|B)9BHDEQYOR){-y{LiPR+kEZ_f>YQA3Cs)LGb0C)l>{R zA0D>{Xur44e#%+O%`3l}xWRH6?OMJnf)o{r02PM$e2_$o3*eB!$&ukBcASHBx!Edx zmj~an5BgyoqzYS9#eP9B71Sda;$2m?)K#xIw#}69m;3}Y)UTs9+;t}z!4~J-)w_Me zwdn~1K8`NVzT;m|oyQaAt<#7CRY|xuf}Qd@C96)^ub?VD77B?1)q@p_I_#RC=Z^o! z3N+g+dDupBrw_WmfTzxBNkfpc&f@HNLW5&0qVBFN5WZ@r-fZ?T+`+D#4F$vRRY16c zQGN__A~e7AbY42D1GR{&CF7BRpBqw;A>?Y`!Ay)(<$>Aj7t75={!_2`@o=WUeiwLc zpxeQGCk?0L75`>5lPr}IGT^`#ep;}h=&M`|fp*%alZU;Pap@y_N63k%w01~`{421C zx?m!ta4mdV#Z%Ruk)S6eW{|8MPIOw6yw~|o1lo9Sd#OP(tCY0QGIM=LEfpgD$XSpx zpr6I>Aizv@!mNT6W2Jh0x^J$O zL-q)9mO-&GS^hxs7mjpI`pMxuIJy;R%kxg{g)HQ#;jtw%{HT>g!CAEFzyYYU^u7C_ zSTUX@P;qc~2VnMOd-A#pa(Alvpzq~yJnS*h z@sjE!CzgH0)7F~1>}0%2XaRc_5h=jg=(Ii?FMty8l#!_iwwb3_-6AcYTY?_JdWYve zd%Ym)HKHx*zX58urffDHrMBGNWC=M!W{coq27I??39$1%bB(142Tot^bk}@nPoBDS zk24tunO%eP{X3x(`*h=VZ0I5iJQ|A#pJe?WLgQ43j}b8^-HYty-!Lm1z2YHg^*tA> znMZ$Hj`DcB{Lz_po))wS{>!gun^dVKY33wiF?hs?%O4zZD9iImh*@#Z%NsTjdNTQkvuWF{58RINUA`0<+mEC7Vz zLN6YNdR9u8##Z!8TUI`|MSRipR2Qr$Z)`PA!Fvrt}ytU*PCdsogD^z-Rj_lm#cu}rr~ zBAG|#5`e1?8fL%Zk5^$w4Is}(6y)r6^_Vyl@no}fZ~QH!xG z+y!97f6mlZO8X8Pwgu#<0= z5(jkBaOa*aF9K;*?r7JVJOVvKsuQklOBkYL1jRGi9R!>5;bz>5-|~7b;Ri!#3ihLe z&qdN|<4>2ozUo~#$dBv3I|oZn@doLymzf|T=XL2W@gu>RQV}SYnJ?#g+lz-^2Y43> zip?^r2k&HTiPw}4VBv$H@yi4=EyCP%st+U~{!SwyBUj5YlwX{rAZ>HYHs?oe))O)S z5u4<&`N}c%KO*=2=MGvud|19oo&!vnf57SfZAh?@x|(Vt_#T!?t^LwtzWzjT?R9^K zu5Nv@#zcw0+?I>aqq;=2&M~WfsRc7X-b7p7T%A`!F(b=4#R_r2 z$8Ypb2PDmrkSpDHi7c&~7gva*`<4$JN)J%JLJ2Cx;zmpmfcPfP5wz=%G%yc-ndQIs z&9K5kcHgM@IZzID491IaIg*FyeI}Vtrk%>MR6M{wv6}_$cVXF)i)TGl;>yL(k4_e| zpEgS=#6G1=cSSm+$pDOc{q@O=uBe_jKX4b3RS1&Y|HauavLsb3_v>NFBglOr#y+OQ4NCCZdxhW)NkQDWqb}0DD zXDNpS9zkbA4p_M;&b6}Z3C7c4j5=!k_%uXOcYB-n`k79wxyt|jb2zWBT|B~}5M&0x zSGi)EiVV#B*)k2-lp*A)A^rz{*sa^%-QlnG1@y0XCw20OPl=SW1#uZM_+-_B) z%A93J$GZQw76XVfKSvf8d>TnGcIhrpdg#2=ii!8$s3juB@kN$X4=4>xKZ7W9;{I&@ z&jM*7acGRKQVp-MM`d9y0uys7Cs^`kT6R45y@$+{8|M$fM;PwhOUKB9V0Yo$qYk{wU{1b)JH^GXrxppqq1HzbS z8uQtmro%zM{Vpoq31Q_8=QAl0kL6$BhZ(>k-dJq_Xs{=YdjE4s)Ovm+CO^GfmVo|o zwLK~hp!`r?#jM^$83q8U6`v1kY}^G%{i;4t7T1EpY%%ccpAG(8&d^4#c-|zS#Z@;{ z3R9#H`voz7@#HZ0w9Z;VuS@@6rDV=&Ky}a!Px5*rrU_0&J`D($yxQyJcVBFq1c=*_ z!evJY7US1EMdoXhe-*G**(l>uhERToUY+d&(Pi>_p(QxlYs?s%kR4vKD8xj{hT`YF z+IX|f=I#9e`r13G&%DT+29Ur;9M_BcvKgxF1~>;l=axltVlu?MbdtfPec1ERAH`}Q zUI4+1DPZ-seXxUgJNyF*Dl*23A*`hz4|59>KoDe&sA3`#q%gaBbPvVs60Ap~ba`UT zFcXtS73d-+c;dP;0&yMU?YAWW?H=h&1tt^!WBzTM@}y94B`s)Yzs64lb5fWp=S zNgM~r21?*rhg<>r1J|HY2*ANMOj@g5W{wIt!Q$)JzAt(7oiX!Q^YJK`S^}(QC7@Mw zzoCNsJEoVY_%0vO{fRw`8c+{C`ZFc!MC%SEfJbjVSz+mMeLO*hje~AmbK!ZvmHNdG z_oKX!ALE0!tTD!a0Rhy&Lu0eJmly*|uif1{47~uwemM!?kq(|ctQ<~w)75~DwcM1# z-dEGj2v6-gllb?;%?nR9gMV(nEUC{O+s`tIO`}=}oLKR=a{ZFy=GMrE4No0aXt8YU zh3iEewRgY#W-x92b!xP#qj8;UtVeIlqvaLF7U~t@G}@Ohy9j_UU{&7C)x9_3I=4w& z2jfAOJ}k~_bm8ZcKK_Va`PXb7Jume%DqabDD&zVE#JPQ`{gJEp&3I;?mn^vK*DNQF z55AM`Th6_H-fcgBWg0`@%q0A@ z2c%hDc#0J$q^~=oce*?#rh*{6RN$2VTeIqz8Y(LrqC3X5sq-8&L zIpc~?Ztg3;HCE~(fdjedZ@Av-i^kNDgPY~Q#Ypd6Mk#z(NK@TT3b_hZi+W6x7zzbbytt!V+=4t|$}r zP0&97d@Sno(ENU!?=PTwE|*jfMgevJ;Q@PEdZ1tP02J(Qs+PTQAzt3C2o&t38dF69 z6g-%z_n2OnBJzpiR4GYZ)#i)FL_EbQ@1(hxj)uY_Pc&P7o86pf6`UHWT9o4A)@5>^ z2b_Ld*QJxQJOk@wRu3vu0NRfDS%A*n;^KR zQO2nFbG5GtAR8G#(8elX9Bu* zDJAr0Y#}3!cF*bNi0AsWhP|(e5TwaAYE%lDDw7QWvOLE{W%kS@WI2}b+Xu*C3Ho#P z7r`64aFt}zjwL{V%Dk%+D7KoUt5b{c-JS0eD_sFNUqw3iwmS})2PJEC9>2&v*1t#O z6RY|gtnaV%^Z4Oz6$EfTJ_=kYFUua|tu9FI9lG9fW6)ySG zm!-A*R=*;_;np~rSaG8axP8!;LTtFkwZB3>5w%ZpMFtbNmnR7Q`N+XoW+`s;P3^w1 z6Eb*c?f|fKL~@nYKbr^W-=5Q!(`GE*8-0s_R_9Lt{xrv;7#E`nJNV*ILC4StWcblV zJ@yQDxxZs$l&L339>nCchY0yoBaOHgAPsK+12&fZZ{<1D4V@$sxp&-M zfr6R5EB`wPEwS)T&c5NH$ShxNJXrvsE|hs6e*x7zsP8-o0h-eMV=mur8v9&?7s=a? zu0_!H>t2Hv3XwUet|QCl3DDq)NX6fAe)|abj4$MGp*Ch#1;KSHR^Yu0Se!sE*Od#C zGJx{v-?h_L^X1C{P1~pIzQEhvklSdP+jG=D&?EDEdkqfFV~Kr?hsN98`R2X&?|9#D zu_CGQ1orYB<_%ge#%k1%tcPX~gu9TH@vY|rZuy7MDc;+QiPn)z!9^nu{0woRAg%be zUe5KNR0a*6USow`1bHZPasVoD{>${)runTnR!|q3#F=?F0ldg`7|I58Kz>Ijr|9wo zU?C`KCBILS4J*_qnJaXksqk~^#8`&IuL-E;za}(DiwQKgB2cK3O(-q%E3%7vA!6BR z-ZQ+1$WGWIE~C=YHlX`Q16sP|%{eNhJDRtJn%1R8n>aOw$vEI<5v#451E)KB9vh~1 z7qpbzCQBv;2yVJVY&C#t{Tt8%dBf8IuShOmUu;=Dx6@{+0VCww(3=?=*;GXBOHg&k zc`=kc3uq09v%EBU=6*1YylTW_Vp74S_RiDxiC{P<;f z4T@o^_%x-C!NyN=f~pp1iqeNaoNwuM+}Q1Leh`{D2A;d`)7ejVeu}=8BTM<~?Y%kA z;uy_RqM9iFvG_r*Jh3ITEg=$yYmkAODsRd6E+8lspKCN{)*`>ECodcKe(Lfv(-L_E z}h zl({~7EQB>Nfo0kHDdGxS$UhcZ?EnrVhoSE!NEI^J!sR>_0KYW#{s0$tT|}(xzUm(q z2LKLAVO5XD$NS=(0X5fv(!??7A_4x~aD&c?mwt-XP(~5Yf&?Q+u&#z0*D&irJ=;to z71b1OWy|Qx|70K_;qZV;UEIkm0O+P^dB(zcu7rF|av2j!5T;uUG!r!5e!=ARMvN!? zW`H~3$p1T1T`$Som00!*?d5^Q!nww@D|fVy03YR;oissBDzTTCw28B|w5IcIHA-5d zIjg-`^tZNIZ1P|4ziv(bbf=~8U+r*l^l@uWV(zS-Ez`Eq^nIawl~xo^r4BV?P@lRH zp%BIi@27dAE*1bNDnfSIiW7dHEiCrHklZDiXvjq>P8c$=IE=@qo$YrkBmGZu%@WQk0mCl5K zO?74Ese^sDvP`3pLhKA%Hv`nB=`!)Bbx&Oj%f&!b(DI+q7@BXPM$jRC6pCN%Az z$+Vt6Uw0I@?v4?<26|hpdOZSt-iTneOv;v}&JO6(yvt4b*AqO*5U~Ee#(A*r-<66S z8^nz$u&GRE!lc;z5xa(IUhwa`Om`|3C7{F08E@_m>zlYFa|S>KU6m&$5N*QGGO*fQ zmsq*AjE=IM$?9-zGKzqJ`K-x9+KKJUb9EIsJs`?7&=DvD;_uCJGvy>ZG+iOjD~-)t zBN(4F7P4@2Bf5NlA&P#%Qw7Q;7SXgjv{Z=>l%`OG?ax%Me(!l*S9Q3;ro3H%#KrVp zX^#qza(Vy5AnJn752A8Lb(-b8(0F!)V&HkguVDsqifrI@QG*0d8j&niwp^I;U|$I| zQ%g=i?}Xg!tpp@uCPzTQSLegynU(BN5|vQOYe1HYU5S^0)waJo=s;Lq3WvM?+NNCW z)4sP0z?TbWcMT`DElm>XJ;6<4vnb%&gnIST*o(ZL`Nd6Jri$K}$V5xcdj&k0cK=dn zS$HK-D;3za$5R(8FB9xacR9w`_3ohpRTkPKK-tl4>^j}o7Q~hN8}Zewh(*&NzT}c^ zsj6tF29McQGTx+U4KyVe$=Q=Fj#qLA7ynni#|o!(0mXb>!y#R|oYIdOF7zZego@Jo zn4}(5b)LuYi1Ai8YsuPN8&Q#!rO)h?a$E-OO}*u8t0t{38{QrRDUZG9ME`d2jSL;U z(4h;td86IBZ`Y+bp1pTz(+N3=5eYsusO)LHf5#_B{b7FM-?-vK5s(;LAE%RGtmC(x zTtZ>60udd!LzJL`Vo+@LN_CJbce?9Pto3t6$EFIeaw2n^&OIJQ5o=BtJPS~`jssbS z3Smx7@+s>Tm{>8aPvv{s1m9OuKtaeRN!4GXn+3`?FNwrf#d7t5e8SI~hwU$VV&c?> zR_N5Uk_U_P!^RG@G*g|6(@Nh5cOk6aaVm6`h6O9ro*T`po9axAxt-y+`~Of3x-r2n zjk1$QN0%dd0d5~@jFiXU)Rspxt@|!O50Hz{&wMX*DIuT01z(HTIu{zZO*1i3&uPFo zho@zNti&75#pmt}+a?}9Isen9kU?d96aGH?m#r1Bh8_)S=jkZseNOoOq9~@#-%3!&&+-=W<`k!|0v)__l3c;s%+LdB<}YOZ{t;oSoEfVV%xv}iIxhZ90FOU$ zZ9@a)X$IQL5exMU)m~f6-r%Bl4ETD0=&sN#)Bax@t zrIa|WajdT-xH=lnG_>q+lTwNjlHpQkNndk~E{GP%|Ez9*D)B;Lezl4Rj|9}WpD)tP zaZgw7A!VhmrqoNw^N$Pxkm3+nSwrYy5o zezEHLEarD#o)xuwr0P4ecUYGWbXyhF*pV&HM6LZTkK$syuH~iAj7#0)-+m7#ezO*) zv@)iao@31b#g%wAt}*(3n}o|#ZQ?X?lzKf_FYv>mYOH~#mwzFfCAK z2b)Qvf~Ah#+n6#r6(s$7n1w%hGBQTo&bqU zN^0ZcS9jwsZA8dUljy%uw8HM4(5U#DEKBRUPb{rhnUlLmngtGx`zks!dv#81d1BU( z{Bt7*puj_(sz``}L=J$qSpxDgbnz5$If~B}1aeJu1ocSFf9CXjfDb(!5Gf#LBaFa8 zx{*yHA!zvOOVffxr!1X;5}^x_Ukq6Q;AG3smiLbJl5F_M!5oM4M=Yx#!&8MAZuHy6 zf5I%#CGEN2{wx3~FEOTCA843)oXkIJsbxRk+BbD=LRDCHE(3^KX+o9fO?bR5*#iI} z?sfy{vg>h8waN?1juIz9Jq6C%ewJ+8uXYS`-zM;Pfoh~3<1d4FxvO4i4Ck*){Dnk0KPcQ5ANQqf5N?#r~+lfI=qX^bY$5~52V8`^Y3y`?uGy;MwiO%?u!|z znTajm@zl*c&$6BA2l;G8hcu#&ouZ2|sIKp~r(=^g@z>MPuvz5$5kNXuc*<@@Un!MEOGyXf6E!Y!n5w3M|lk+tIx;B2o^*!$2bZT z86yr9#>9^5>Qt^yX&PS!B<=H_s1*oPz7)xvKXv7sll!Ba#+_Zcz@dfzs2M-0h} zm<;Ki0llK~W`7{X4?mvNH{WBSmU)3(+g8DCLNlR@DSFOCPFTdZ3>a&U9dl+5+}^L+ zp>q!0B3<4X*dl-hY@A`rn{?vI@uY)&Y-MYK+=ZoS9y+Sd#p^3qk*ms2X*bSAn;q%Y zNa5a4Lvkncx=(ne*=QH*l5&{qReY5%-YbhY-F9f?JKcS9K2{D(M&NGt+h-rO;q>KJ zsVCS;P0a)GbLkZVM6MDbWKI!em&QvTC|z)Ck+Wx1^L*0`|F*3}ofiO!y4L&}0vI?( z5ie4&v#f3_x8gpa?vI%VkR-v@es)a*WOU&;;(CjnVmvtJ34EDaf+?pn6~xy zJh(6Khxmv2Yl3`tzy1kWQW?*5)>4H*>kYr-Wu|p?FiF(8E_=@vM)${e;@bfgN17JJ zeMsc)8-K^mh1=D$!EWD|E%vn^4_aGahV#}K;hETTmpnFSO_wuJMDmWXmFMkTjulVP znDU0zCofgIn@nIxHX^HiB5AxN7v2=(gNsRJuJ-EpyJ>&!WK4RWUoViCs$OD#p!^50 zEY+9P5=XZn8jddSG!t6LIcBN7h}3^W%EH3AW>cDf=b>Bdl1Y5DYwfw2g45KG@crdE z-(M>eS1ivZw;HzSUacNck#ujiiwq9RTk|@ti=Kz9Q zds2p*SO$P+z~F$SvPIX^=_AX+LdTERmfNHYUdI9y_*vvQJ^?!inJFMuc8P75OTlha zSHO(~j6r<#uiT1MfB}qI+d8&Tf*PeKB$Z{OZ~tt5+j$|9q@k)K@n`!qgsbwJeqpZ^ zp~`}0@LNM$v*JEjrBfJg_JzcV?L~@S9WKP+O5ZfBi_{zx?nCZ1hlp;6^OnT?sdyd} z+vX(}p3__`;qobJ3fn!`XzapH8+FHurG}#;Wr<`ihU4=?m5vOG_>l8i>Vg!OTVt#UMf4=^82p+Li&ew#voA zV}4=ctqZrMIny&J^8J$QZ4YRZl=sh4^_nVKT?ZMDL&?nF+|AXJ^M4Ex<_)0M= zI+k0@N656T34m{>ZaOKh??yoYK=l^QipM_z_G;X;47khyy^%*{I5*8m@2~CN3ZIA{=kVJI4t_2!YjsH9YH_1GDDqnV%?p#j zcR9LvyAHX7yUj03WEt^^rztsQaJn4;iRwQzqL5z9FV$2RY}! ztWD0B1zkB?Wu^M`wx{(~+CJwwZ$$g^M?-nO*;Vmn-nDnqEdT24ljc)0aLB1;M!aP1-BUPcVr|) z&m{+)L`f6LXZ+RA?K8ZZ{iIN~ujsN+uf&@O#$MqMEh+d8J6BL56LiG5-!#_Gzhp_8 zckg^yl+KmYB=~|Nr{!=ygY=K@oB0S~{zOTaHRJhY!1uiHy(#PXJLD>GVEW$L;XHK8 z7B8S<5+Fgo;@??Tkm%!GL4eka`+ZHP+kFP`rTajm-6!_vB~Ih|`1U@I@u>8B*3uFN`pVXpt&iPyyf(%bl~ z8txY(Y_j<*aC?7gX&@pnS4BI;UY5c8L9)O?;`4_CCner3dR zWqR2sD%V#2lmWL(6iMi21^^x%j=-D=ri$r{^3>Ph<+K^o+q4N! z`c3RaR&WapaKPqi^&WQusuLT|gzTM?H1n=N}86MrMbgF9F9x{1kP#-Gt?Jv$)?3w0oDWPa ztyPe9@&1Kmoqlwp8y+VN+ud>GdJRD3R_j`hOOq$e36>I9`JZtTkWLmD?d7VQa>jeF zWSD~7dOWeFoBZ9&FfC~Vx+F^}Oqz0F6^i&y>Ly^N&b>B`i$#&n#2_jdF>$@Sre#a> zpXE3<)wEDvNpq4lYcCp;!49bq9U9_4-0D=i#^+FE>yy#g)lu&J+Wh-*Q(VMeh+Q56t$rBp94SdQ2ybgH=@({?Qx$C#551F z&fm08ro)b|*$p_s3 zkeAJ=FLKJnC!q!6U-j8q77it^G-F&*@s#O&|6p3~)vAsNp2D>H;&VxJfO6!LF#tn|ir{Cz*hgA8 z6t%Ga!*m7H=P$6&UV}ifu)dm<2(fWhESOOCz^^MTrNdls6l4Df8c@=J>G+3KV|NnE zbTy2?Y&BP5l3i@mZh_LB2&PYYNJoc?nSbUQjLG{dWUsM=GCaPeH$m8VG+j;qsz11i zSV8O@S7zrUAQRCzvU*8cug0P`o+Jx(kd5_V2V1;b|Fd3oJWqao_vxG%92iFeXZGD? zLKRHEakr%T51L0_{$rQsq@+H=vE{6fcf%Fe#QW_+pi|>xIBqMqV zos7ETUj3HDw>AbwR6UAZLfUNnToQgvp)?Hpw)5yuClx>zqln9wa>p0vD-j53hOS`Fvo#BP6et zC!l64_S5uGl5+|xSOjf5nXAINNX*FEh`vG}<|7T`7K4DsB`=f}4`{2g%2JKw{NaEb z%xnMKMt`xdR?e0^X7?;Vzpr$_2_O#O>gx6~)ebe?LNclaY|6zthYBuqq{2SY1or(g zMWY3jXni=x7xu1JbI#f4s3?QLHQ!i8P?ruY>hY2lJorSpJ)TTQx|fF%QF3YTvvjc~ zsW$jB_rNF$2MoJmk&SOttmkMxlX{=%h3`+wnUbvKy?R}}r(xI#%tMSG5Kc~=7lD_t zJ`-pe7eri@K=Fr;qSEshm06M^ZY8AXzg4ijb$zu{J7jmtN7>>cI&l4R6qkPBLv$tJ zb`L4{14-<5A}naDcfw}5>pkaR%)|$Gx1dhAMBQc2SZwTOzD{^ZZ){Cf>)uOJ;UVBW z`}6)zN)NzK&KWVSQV8Io4|Zy6KCK=a%Q=f74M#tYjOrK0jmCbPuyN5r>(AwEJ-KNw z`>Nramenl|^jUeMT=UM?`F*M1=GO&Q;^7qp~F z8-gzGX(p9=Y@nV&kK!?AxZl`1pZt;(PscTnP#W6Ex~0|ijLbvY%BK-95R5jA;6406 zhdvx0OLgRY|H+G9th`e4Yl@ZFg8;d`#f;wmb^^wXyZmD+$gLEXAc~;gpUF^;d}N9q zjqGu}mnIPe=+)*qH``)4LEE-c*zvpB#vqEJ!od_$;$OjcIW|*jKa>4I6mW50=1_1B ztLu3aMa~*B%=uKi2m@2THJWE?d`d=`R-Q8JUg;%|;@<44e*5s9rVO;oyFBC{`^eBo z&;r}$LPQEl7~Ti2xrCxPGoUi;W2XRuQ_g1fI?#C|tEz9Qw)+Ebi-NJ~_i^atv|2%< zx>|vji8KUoag_(boYbgxQ#I@@s~Q}#;5K@(oJO+ z`N<32l~~2wME_@5j?eF6)nK{&RML=e1lP*L<;FbgoI+EtvPtKSE!R&i4+dt+!UI~% zh`nD&RdPzK2_xI7+9pKr9+17Jj48_jm#H+aemKoVb~ypglT)EdGE|PSN`>>zbk6Gb zy~AEowF)&kV!aN)-D6wpo&8L)p6x4nn|R0jSd~qEBH45@<=TWOYqo(>(s*q>HdfDh z_N5fiL`G|0%d=Pd;!JHftF_S3e9k{NKj=+WKDxGnAz~9>${J_ivge!~ARnMV0o*?X zDTYdxtq|?`O8i!rg(wuIqDyJ+O|M6%bYDg0=cdE}s`lGpi9;HEQ@mMN1#WC^~J z2^Y5|#tO$1df(zpNQm1Y!aJ~N(`_R>}>bwWB$YLi7(m8C(`SFeWi zU9nV!zP_P9C}%|=atJ#y10J@9{sr_McD>GC4+f4g8T_FsKnv5Q{?W$+kx=CgYi%Jk z38O@Q5jfM%JMqeCelRb;SS0Mca{NZ`+r~55q+THc=E8)kIng$)BBV-1E~n}nu|`P} z=ENvrN<9)CEgJSh3gd6jOYBl{mP|EC^tHtD(qGQp04^pCbgw6gL!Ro8QeJU=AL#bG z%4F|okw9;$v$&K!Pkwc;A(e?E^G|pT$?Bx`EUuh1tea|T$TAxBdc1Xso@MkYeq9OD;7keor6SVtR)1{e z9Ne%@(w8j@^f-!NdfDeZF;7jRi0P75Ib8rKd!A$Q*bG^ScsvH_pnxdSkQL}$R-5>I zOLT1a$ro3Nw0TveLS0e_eOKVQwc_l~kh?!y-i%Gykm<=1dHGHNFi@{;W8L3XnfGvhRR-6*}t5=6fo) z+1&Df)z*dBPuWAg))w!gvvls*;;_ka`|h4c1M?`6$P{TuCNeN6+X>kUJ2^YJ97gc!4M=79E*Im4@&&8!s zp1c8U6RJD&mSqC6+GMbnoF?Jx>PU;0V*n2gMatgmG-B90-|nyowOs7b8m-DIjy89s(1_rPbXvVzy&gU2LQJ&ZGarW?# z$rKuDf_w9(A<{D|qmyQtT@#h~+QHKK zH|yTt$nJ|wTzh4N-@^^pUi%RhDo(dm;b40ov()tH2MN1hZ^X$??g#b;YfQ%Mk!O-W zPrRQb)m~b^y_6)T_IdD_;nL{SnUu$4T7?ugYPYdmOs3YiEWl8C0yQ~1a0-3)$UA`LLsJ);XnE4JMIH|T*B*DZysdsm6#k5HcM9e;3aW5Pvc zX7FmV>W&~Odh*S;_zNn(l=mfoB*bQ>QQI8&B#E)DoYN(9E#xi5|=TT-4N8f{!se2BX!rl~j@44{4 zX}8W}TwFjuujRsJN-QoaFLyc{nF?DcZU4TtLS$z|b!>Rj7WTg8y8{@gTTzg9%pPKX zvf#%oE@kumIwkNmqM-zbZBSE%I`16EpKfBM?H&+RcNhS15|S=!)M(wS=AYWX(LY22 zE8)ec6V|_2+?xI-99rf#puK2#;!~sHanI}=a-*gYVyvJ$_!1xyne;L z&adK7z7rX|5_49X5Usm}`lE*9Ma&vIe7V2AnQd}J)_j19)wx`_SKj>*q^IS`g+nQl z;5wGJXmfpvk?@cLPZ@`dpic0>fr$kb3_XFt;!VCnCjK>Ir@bC#s;FRJ%EnMigZMFQ zSl=YTc8m=3`T9T_HL-u3|GD-Cdhs#2TEbP0jwRxEzn&tIe;_D?xqt2iyM5?C7*|@i z66cD`BJopop?oGCRmkrmE|4?CUU=J3-6NfW?|`JMyvd$m?HQYc$7>Ej9;JDaY7vz^mA%sLeRDw%4pTctvC@^}YeJ3}a3$&c4NZNk9<0*Jp6b<~ zYVGalx-Jjdj+m|f(d}wbOyl-+`So{+(RnPlVb3nBy{kb@I10=g;l7$)bc2d<_CXx) z@KF?efj(Dx9=6Uc%VSeiwVoSL{kw1&`WV^6oFaV%7}YByIwiM$1tJrjf|uZWi4K0> zy=rbNZO?n}G%o|8fwDBR^3!1KWrrYu0gM#Bf=m7mevL-Fzy%L~iq2th2Fcel^}|&E z5c391Jhb4G4s>++CD%!_7QZVfQm34$sVx4ix#wL-ZgH;o92W?C!0*-beihmgYmvQq z+<1kbGn?Umb?OWWj~1kF{kAxQ9+kGg0jS5D+0cX!GggDDVUFm4WHnvYi9|OlfQXl0 zhWD~zMc--!Q|Q6?wF?aZsa8!rOpM_zA|FC4IeF>7;rxWJG-p1 z0m<_QVootc%`~;FUBI@Gnd*Si-qN?o<=T$Ce4wG%d6` zHcEIEQM)y-Vhh`w4ZYRt{;b7*&(rdyKHAYKm`bLxXm&o9oN7~7vsRf6s4jKzCb=-V9z&)rl`{& z<_Y{#ku(Ow%t?6iG0Q|OM6Uf(6~DUFb_#%m9nGtYrxWr6DJ2{^V| z5vita^6W6phfQ9^8upRV5&2HTQ}~gq;>b69MB=L!+F46wAfkj*KBoz|0^hcBrzZ~= zoc91DXKEQ9|AccNlbcMEvk~_WC4p>lY*X3cne}6IHLj--4~;N9tHTeTqa!{HTh`(m z`gn@;&+>wykM`WUi^AV3HL%TQZ%_ENYRhWqaWgjE?uyIx`O9<>Nu@19hjzR}RrMAp z`by%Sq+;E$$VFUklZI_bHQsBj)lY8eEWTU4J(zL@X(OZdy#-b0TSBv8_2YyS;Z}z7y>CK@_n4jJ&1CqOW9cavH2q){{6}*yfT^ zDmTH9H!VM5fuMddIReZ!Bejg!KjU(bx;|Wz;kO|F=#y30E?N(CTsqdwnhg%Nvzsjs z4K+Gt1P#lo^%tMlfqGFt3web2RFgl0(H@6M=oY77n#l8-Giz$X1i#e z+3s0$rCuuPan(n~oH2ygHo0%Kzy`b28DUa`%-#p9F_KfyJXOSRQ=r+!S0&xZv(@dv zA71Hr6*=BKz3=N)1~Cl{v33)Lx8nl>&=aL8JuMFZd}nvis(Xe5=7jjd7~R!Dc3Y63 z$}`vCVd#N!!%%Zlth2mx6k~hb1HUTAS`F5QLT6WF!NLfoG;Zb$+}?LhBzIl}VI)N5 z_cc(!e^Lm%cG&0#uF&xiS1TZID%W0|5TJ$^Y(Jp6Kkt%yo-I*Rt$f|W4)2Ur74ea& z@+YH}h2`)A4U}UYYQ?_o_Geqf;i&@AZq+bnYFhucb}CC#SFa~smJ-a)iZn4_K1-c{ zwi`VvxM>~`Blh}?uQ;%|tIK9x(>fN!Gzg_5h#wfAPfrZj)Iu;M&dDJOT%iPU%GLf1 zGM+gPb5c*1#%Dxp?i^=Z0OK|6$^ltGASEYu@K;yRGGons{PRN2FzAJbSvh!uYb08} zc_MYW;w${ONIB0AMnCNeM!^N9Q=Y8F&80Ppzy(rXw#(yw&{3BfbYBc8eM^i!AUqGd zk=i1UrC=4Rhh&rfEARGzaz|TVTiad98KJ1Uk{#HU_d;(YNZKl=G46z;lrLkJ_2Nfy zoUN8Ke-T^j@S&Xji&>ZCUmReDZ+pIs1+TC~-yaSLE;M;~-x!$25)Ux^1e3SRHF&BX zf0IE3&kV0|s61G+wpw$j^a&Mu9+A|7Ynq_y;pl>+7beI`K!erDvIIf4i>9+tl>i^uNz>*G$MheE%xL$a93wvrYaR2K*4v_i1H z53FYY4(yo!h;cz;x0ITLIx^>b{&E0egj_H?b8pz+x$;Wornl>!e^gPu>GL|bKP-Ut z9u7G%Xx6wx1&;DdFTDMXI_7F$7u!c&c*zW^3Pg^ePr|{amD;~e{Y-CDad%&SP_hLXWJ|ClvgdqiD<@K)Yk>7c?)83H%5nE8pkA&=M(b<;7NS@A$ zFK;W6b|pNX{fLfs*g3>U*Z4&Jn{jWF*`Xnt04ax^2Ns1;c8pGvUX4+k{AUktA$h_w3f&l>k2xoTh; zVC&3pcvKHac=!@?FkP|=`^8$_#c@hwGlW}tW?{3aJnJ`$8Bo1T@X^>5 zv3va*+{e~CMyeuaHW9xpIysqT?I^hZ{{6f4&=m4G-Z=I^d7$sye2iLafkNAKkwDM-STHLVx*H|#e z?P+mMG_}L+Av~c*9$#csnU$x6B9o4qeTYW!lN-a@&*w2mET}^jA*lS>yYa~JLA?OZ zDu?gGI&AKKKRyVTAp73C?TaE-lJxWCbJ;x>A*x*1V)~|=69SoU%Lkls(U3;ocCbU9 zwYmBvqW7e(ZnLa0KX#kMvy~bCS9H4ExE0>~8tt_Om6a0jV(_GM55+PoZ~`zKH1ea^ z&Y%t_Q9AtinVmOl*59!`7gl!~jt#`g8$Cqvk(k$fx!zx&0jvvw)QtFXrjS`%j2QAP z&+YOI{+&_}RgxtGchzUW5T2RyPX%Ct&`EuYQV-_Mx@#)D$tHOdW)krZGX z^Qzb^8F8`Sw=8db7H6ulm2C&1{5AyNanN7}I39O=J=)?lQMF$jW|NSPeD{eg;@zCD zSAnZiCAHJydtb!+>u{I67JND5UyB+{M8HQ0Blv>l12BG) z0~LD_ zGfhBvumFFGQ1sv52OPkNcX-Yukp@km*5_OOK_iK|NW52YE-UNNGX`vc4a0anGcANc~&zH4V>f~!*{LN}DH?YS>gg|7v6{w95TOjV3-7#pceW=CV z5vxh+sTkAJ&-?2M%rxWYddm)dz(>MVy1CuBlZim=JH737K5Fy@YQAWw09Do3Piw)Y z0_GcJ!;dU(*mUogenh38VDxKSpc>?ia!?*>ql74B8m#DoN)Ml$5a~#m#hpRZ9;LWGKH%Q23i@lK1`VD^}Rk5<<7cFmBx$u)5Ua(!LIMzlDSu;n`u70la5R~P^u z)rfw~HG2c$;+n%lwn1RE91W>$3b!&eG)x^J+Ex?tI(!F849>f%`4}w0g8kY*5yKCE zqkEE@(C}L75C*J(-I4yOWD;J-xkb6S5|UmKCNe6YiFQaBbH zqypvEeUo5`Kz6Yt*0UQrA7|mSXp$GtU^~DM&fOffwlz0CVY!_V@wRtp!)Hb#tK6GR zEY*-FY_pKvXSWXWH&{x-717JF)D9s-5Jc!2Jpwc_K>sL2wF)TBD}<|ITZ$I!0Am!= z7w8h4@_a?RqD?+f+c-D=j*}m5fw)-YKq07ezXlbF1*2JjM(i>Jrx0h0VLB>+H_4@#;~)D@mN0eC0_-P8U- ztMQ;?tE^o=z{ndIt}Fwnr$b@#Y7=8?-i2KtaTO3s9{2%$wnN=sgj~0!89&hn?0XTIqDiQUlj49 zii8PvIMO4!KwBh-u_QbqNor|C+5nxmYdGzPxLss~m7gB5lL z15{2RPUh`km^GaUUIW-Y-xBzx1BN(uK*H-sNlIWFsj-+t+EZ(T9n3PGtnwGKynkk? z+^TZ>&M>mzoSCK>J{4LW3zKY=li(<*XTOE-LDBw5gLrBcRSl1J>b1$dtI3ze0pvV+iNg2-sgK_VYQQ7`n->ZNu9cXP%<3_L$^Nn@=y5ZJId&* z-Q2lLy@;x255roDF*k_kqQ*iXQQ>N!_#%9CTwaNJ-hGzqSr=r z3*n1aFDoYRMWl_vFaF#1um_}a122Bdiv+~R$lP@`d?3@u>i+dKiYeYCIfO2db&T&0 z-eMS;p*Dtz{UZ+R{&W%m{G^|==PPd4U>yL|SWY$8F+B#~m9f^Ok9`a?3B`;vIr!&q z$P(xOh~5$lKk$|>X;P@dMvkYtXf(?4o+MN{ zAQb9yH)L+D9&}z6jj|vdM)HSID1EHt=HuO#gf}tzsak;MVc33M?c%$#A4djmqi~k0 zrU-Ny^o|XS<24`mtaY`vIKPf)-76L^^b%6h41XH`y!&$>Yt(n^<`;zX`{jUGApP-s zpjzl-IT`8*i!mlYwf8h^s$9R*C5`G>f^=)GEF(;QcqVJ0A#vn*Oc2#cxF;hIgPEok z-t`80hHgpFJsV6$8ys)*-k)PS2M@DoU|%##oVl@Q8WYCplkR(nI8N~=nl)o|2mf@# zXl9D8y#@k|_x5EC&nRR(AvJja`HJso&CMBm%eK|txa?1qNi~sqP?W;vEbi>sGycWF z^GCyFe#%h@ZcmfQH3zBHPdedYcGbn~5=+lI%{vCRA&e4}AE$N0Zol&oT4cc#`i3}C zLoP|JL=1W8Kk9pqK2kRP>gB}1uq&}H)wXMt6?X^Q7+-N{X-F@Prb>SrGwv4LIIkG8 zy%y|_rRw-2)*k+{=>)p+c}>Ukx8G%IrfRKUW&h>#=j~hzVPKnyvP?9ad-s55c)bVU z!)wF@F!Ec03}J+GZC2}yyx8@IlYnD>x+KYdy6C;!t3FR$cd=c-?z-_CXDYJJ6gjMO z@h6^rC7kO0)I6U+k}?bGx@D<8hCQan7&=2R9a;*tibM0?aa)UVxkUP6`-sPV2PB?} zZEbln>n*aAjM%wMX|BX1%!z9)yB(OD1Zo_*iO~m-bSVujiaLa@FAnJ6xJ*5mR+dZ} zg3C(~1w=mX;!77yej|4`O7&e@=es%x@S{#-95@7s-sAuz;OK=bRU`!b|I1Zbmkt|I z3T(g0mHIb-yP>|A?mTkMY~QhjwiCp%CYq#XRDF*;*CmL4@OCP*3D-1n>l8c!c<&xTXMfWdHo`@n z@WO?8^F}DN)#mL=LWqNk_oSV!K3K9pXT?V^v#0&u5o4iTOgRm#7tDR3w1Q zD)d>tqRaF?LlzX^^?R!%8WII7m&K>myqE78d{(BNR%2)=t?29P8;&FBvS-GI&~fEW zev`uuI#iyf518tsasy-R)hekg440;djb`e4Q2|G2L$Ofg=`6cA(3% zs&2V_siU0PdBz@nY;k&#Y3W<9Or-wBVJ_(S*{?kxBk7O7xu#w(Id4}fdI%j?xjxff z``jVz?Li4!Ndow>g_`Or&XX!bPiEM15=Oh2q%6_Uw3wbcY-B7_qJt#NjA z(@6%WVF*#(N`p51r%xuIxg`OfE2?MLNi&b%*m}Cf4$o1{_TEBd5Y@E=RGX?&GYRh5 z{J0uBHaqPbAXt;zu;Ukh42uTBf4vtmT4(1oO8_7;7DMYMGxa%q&sV#52quk+XV+I|-q&exIGVU|y4AL+|?#&xk@X76+# zvifoo&N};Y_8Sg$smJYWY_(o9-oSAZ?rJVmxyo*!SGooit3pchqoV`KT*lBL1#@!= zrc`0B?bA6v=M|p*C?YD~#{kRXtCHzf-9MVJD@EpR%|&)s^9C&dZ+JyH0!aIm>lLhfj#TGCgP#2aK24seiYsRex97;j+8H zyjy!9;wkPGE2;jcVFp<}fh|HA62esK3=(m@xauVrG_1ve9Vyw;j}`2sNi6RR{I07` zdaQ-hb%^{Xm@Ur<{E_?ppG8WX+wf!L5kP9UpQGNZ7pZ+??}g z8i19?EGKgNl(v&cy{v@xWPV+hvVK*Z7vRbCJq*yi%3v2dUbQzrtLu+y5V_W3$~v^$ zdjOc6_I09=yHx{&n9s$+If~W|22oUs)C=^e6Q^aC_bvCP{hgx7u6Kf*SCm`H4w9JO zcY){pSLK%HR@b|I6^F9-EE95@YV;pxfNTT=HkI%%$Hq8B6R<^hy}6BIHk>P4;V@OX zWFQM$sVTX7$m6#joZ{EtV}4o{O|&K#w?AGML<#`g5<@xC(ZpPK8W6Nd2+OJ(lppz- zG+>uW*Pl2#o}`@iuOJJfC7RfWm3lJ;1=>Q9Zd2fX`>uRru zDjGRb0KGSOqb*VyXQ0Q*%YvBmfMt+pE4#rEibFv<<4~n|1D^l@Q*dwqJXAD`Lcb;t zRrJVTMTYLPT#+2~vW5Wk?tlk&iTWGG-XKXMcc=#d8W5GQadRV{ff`b|8zNcwo*zYm zl2r(7v`6?f<3>rG!#Y;eoHG69e`X2^gbV@35CIinLTn%ax5|pweFJo@6pj0#U9|@D zEbtnQe2b6huoq3#hy;lp5Go9r5Nz5R+BI2WZVvH{0OC0}$Qhb?BSt~AMBM%P4Dh>L z8=nXm{{lF<6%){vP%=#z@+iu78M0#~WGy1yYmC&dbDUMsu#xUXh56!s`oSxzUD@2Bs&(0Vw+CJ4|-V|7`_0Oj?j3AjKInT z^q#iByA;=}(01wt#CJcgx-rq1yFBPgZ}Lc0OT%l|x4raJYhd{S;7k*DD+Sv_Z2 z9zQD3nyBZMF73L3_H^cjpWGP-*9{1}*g#a;haWVm{*&huZ@84NoF#li^U;uo0BT@2 z&C;)G55diH$C|)LFB0ds8T@$jqu>f6K|#ZM2WpkFf4}<+;E78C%@iyuVL>WMn!@Cj;6HG+v>j%dPq$Y!h1kT zDiy%GD}943dRnykI0A}vK>iwna88=CV+aUhRP=iDpo-1ykB)Wg ziJ~9_x2BAc6gZPQ{{|@8IXEZ;kaPn{UBGDy6vEG-~PBR?M`(MMu?u@D6e4Pce zs~fys)fnNwgL#U641SVW1_u%Wj2ygRTB4smQ*%Swf>`o^v_-lb_5`TTq8{ni8f-&kfG&C>DyXC8|m-cAc>ASuRVH zmh4kaGKNp6%7N<t%zzYH#4(AnkO~t?77Q8=rXAv+)Wt6)p+u|SC3LVW?>8VczFAHrH^7yF3LJVeg0v?=C>!ZtK|tn1*^*FP6*1_`!8cd4 z6v1zAJIzUh)#@?<40FE12etH>vx`26ow;6o2%b540g*sXO>~b3JQ^_$v5G+^3Pg$e zOK8Uk9m@E^O0sd(`$x~a$Mu~uu6X6+Mn8;=kLR~~9zFzki??B}GojFj;xb`-3&?hi zAeD$1fa#zn0Fic3(O-zcn1IOQ{u@ z{FIxj@qY{XA~1C2yR;bmC@u+OXsVwhDg6(JqzjNx@`WP; z`K->rA8;x8&Cm7WQ$&O+rDQ1o;}`vhe6WA~W#aVCM=9{w-iQIP@~3Vr%*9~&h4@=7 z|3`1N|GzFbHqMV{P2W=dm&eC{e3U>>le$*PfNHqdSiS0h1dRTd*9cb+Z#>CANmNmEn;kR^z)GiSVhCi zlQc^IU2=eS?aj0o;1&_Xf8J)nqc?i^yaGI1P;qk#i6XHbv+fX|+jz1WbEvyiOu4#g^I1h66?`7uN zS%DHmR_!et=;3+*XII#9DmN&cJho~k!j5S*U;N`oBc5mZa6lDMQyo8I1HinhioDBn zH?05hv+SS;?6H!l4IbqC^=X1vAglp8yw}iLP3uOSP9;}o$nYugRi^E!O=Dc~4XaX? zqWA0jM>kx#Iqz8jHeCXzfn_d!lmzO5#*HqjU>MfFGToaC>qVaIEr%b|x)J{4{dfUU zP%n?P*G-N>S9`9f*9axnftWc~=uH0e?+fEv&NfPr&y&4kM^8t=`PZgY z*9WJ#cM6QHb3lR}np#mj6pWYaHVk6&hic$yS3>~J~FWP)c2ZRrD3`1R#+G^}>&nI<*_ z`QqHT!4vy-7UtS%s;kEb($|3n7n(|&Lkl;k{p+vJHqBRmeCV<+zDX%kt6GopZo7T& zE1|x_11LR;bSq(_kk(BKRoyE9%0{A(fUptlAkuLu#|{R4siU+V>%dY)4&4)iN0a8z z1*Q)W#ZR#)_&ICm{m$W0NU)_M0x)Mf;q397JVG@|EVXKYZR<(WcO-$>7tqE55MB+t z0oc(Da8Dr^FfW)StGgT32t$`qabZh~aL5qYys*rYJFBT_zW^87sDK5Cy<`W^40y{w zF{YXThdT7U0V|N!O*6fi4P0EDg=9H<#sB1^5^K5xN}tli%0cD5I0T21=Eu!#aIcJ5 znvULVO>DW+oLW3LvilxWz8*^)9b^A8^sB*Dz0R2I*FH~jq0_NXdIBMKn7~t0XU&o66Ppfg(8CGzUXKd|ghu^V9 z1{OQ#{HMpGA7JxtMEJMr8BmuN711kcKL1x4e^bx@kDrCs$IAV{DFtn^|NcMrcCcC`W0^8D834mA*){Fnc0jg>RwLn1I z1rb0Y`v@t75_B%(kAudyTR9L?vx{$o;pP^%tAK+1KsSZzhMoedun1_KgS4h#+bWzdZ zBLm@A!(1CPp&ci9Z*udVDCT}u?VFrfO><8}UnbHTbywR`l*L}X*;wLF7DVD4l?g;x9%Ce?2piGY%1Zc+hX1kVzc_=si!c1PQz{8u1_Gkg-hys{WmtHa2&BCzAyvZY&zwNKZL{cfqdALF4S||AA?$_F~gngrt zqwAMU-eWL2-d^c%Hp1S&y4D6i}blt;9bYG3vq&@cI*?YIWDFQ9}kLlD3V zFhW)sKr(Npw#i`AB29v zt3#HO(4p*Z#~OC`Kc*ou7gxZYqMn{6f(U^)?0bpjK2M=F@&u@k2_XIQGQckSZuEZm z6evYBBhS)6D|8J6MDoyBzXEIn%DGQ)#KL+hgB}7vlLmh)5LkXDFMSP?5Gw%8StD`T zcYO7iWIrE-tD}IpP-ak6TvHD;r7vo3>Vd>aP%@XE&(Vg?TL=uX2gTZIT3&+@e5u0( zG)ngwPp$BS!YI9zlWKrc1)s{60$R0TX@E@)fxh>W>Y6Mw2DWlHJR!R2<+sX7W31G# z!u`OfC~WKR2W$b+kZ|aB;AE)aH5e{Ar^AP3k#10a)-ZpvnTQ`43o6fK-cIUOooxXt z{|H@u9&rP&cf_%&$SxlrSogKPai6s-r)u~{{f zk73Cn!!5q&-H-@_VLQKss5>kM=vl$?4`lTx@9W(Wa7y zq_|z)q~EEd7|uu?%3A3uGYdaHQ(>AmIqx;C{&@U* zPt||EYsj~~8r&$Fjjyy0(@)iyDEYZby>OZOnN@8jhTGG6_J#irHR2iBC$Z8C$KZBg zqF_E)$X84wgmfJ0V==D0#*obR7P?==$r+Sq23>pwy$j%s5kgeSF-1qv1%AnY9j_vd zXQrz$UZ39gcfvS}Wo;jdv|Q;2u@RcmB&x}6Vuhc2Woi=Nh$m}iszjS_0jD}1Q-z*663Dh&!jfa&89e#rn*r0cvbv}w7v zg4Et4OJ6aa=P?JQt5s!KI9*4&Ek2(7PRU#Cd2X2i#{hr-A=$`_9_BqBEq4lWfa`%? zari1b`}+Y>>!+nB2l>kd*Z8}-Nm*Mj?r`2tS~2$hJ7zmqRFFyfJk!Grs&F->`EIq< z=Gb#2n%v=m(d1Sdi|yui@B`>Fz6lhhrqSLC09Wd1V6-e6`1(skNg09xR#4T?&luVN zW7#KDw?}ZV;VG^4X5P4I2sCu2>)S-@`Q6$25L0?5fgv{WFq2a_boMM`oxK27^0YZ$ z@ImMHiP&L^;i>O>i-1$Ogjx6YPIxFKMb0_P?eOgkC`|1>59*VaK`Kb0CyF8#xk1_< zgo2}S7b6W)FP~K^ir#LIQV}bpseWiz@BC9C(7`q@Or?Fj40QtZ4+_|hfH#LVgzgSj zUr})Hv#n3r@-j4&YN{6?b|_(5qW&4aC3*!aFPdWZu)K;l*s2VB{Q~V|}DzrcB^&>Z=CgK+b!&3XL8G zR&Ggzr1*-t#cxnA9)bMm2rvQ3o7g9LjB1@cw>9E zhX?)iE~Hl5@*YQm)w-7Y%cFnFBP4ldqq~L!$OyMJxAXOR_F{?8<}q_-hL0K|WTJIh zdlnk~Rnc1&-R4W*pQa7@9{;xab8FW9G+X%{z2qS6J3Mss6ocZB?Zl}_mbBnI3>F%z z=q|x`8Jsofi_{+Mqd)mpY@1jA6{9`rF?i};&}d2{SwNzrKX1m&H#lG5C@Aae^oT7i z^op%7K>oNeCZp6rUPcq^V(?L-nQ)>>vH$1i?KOfi99ajnd~cKN=*EPm4JhAD-)WER zef%kA;{`$cs*38<$p@Smuk+5sKgtlqU$zGX)rgs_ncSX<$GeZXJrbGpN}erO`{j5Z zz&VU59o&7^E>>r!PN&q3sdjB9 ztn!?(e2N%UrNrmGjuP!j_AQRU@=*86@sgGdeB`{$z|p=rUzkE-=fpIA zr#1V0JAmE%SlzW*iQcrj$xD{45ApK~XaMB`DvHPqbug%Zt;_WZG8n;+g&>}MosN{$ z(^0OF;{ryOfIwGVPbYC(Pp;@SRo&8D9}4t7rnjf4WBG$M33v*R8G2rSwChz4BpI+* zhBN1T{Wu>ENp+P@6W^uz@<_PvSQQC_NpKlj@)0EjJ=D-C3ROF`I#*X+TR>UMtc)(q z-j82{0&3}h2krK5B9~_Hh5dnr(TD2G&bUUT)%@<%QghKCGAV(7$hrt-;RQPfLpuCl zkbQiEitgX8{o>Bs#26cQ`eDVr>W?tFXPvs%8~H+qU4q|y&X&2GC}vZLr-fi&S0+61 zz`mViHwUmyNVqUVK!AKDxyv_d`gG2>$14V!;<#g#`|_2X+KV}Tbhqg+KUcrEHR^1L zs?K@XZ~U}gt%wo#Mf!8uuE;?-$rM*v3}JA(yYrMBTTWLGTMQ7PCI%QYnQpnIiAUBt+(Nm?yEH)rCR!cnxd`ltK3GG zO+8!D60T1j{hoy;_!ej?cH0YYi?g7OfPia-?@aP zbRYJQ4-<#;5j**Ew)fUs^uzGv62oKK8gk*`2HIE-Uu6oSMXo&VhrwrI4ERae`V7=@ zEF~+6T$JW9=`O*f#qJuC$ff%ow1#dN?dj6rZwaiRiwkzUdKh|gMg6sYX(TmfnOgP< z%kk@3bpbR7a|>D_R~)ZW%S&>zJm=tNqamzAE6#uyULNe~KE*?h_YHAY#)u}p)OLH!LHrza47Ge-X2jln(kE^s zLVx-y-my(<@XU%6Q#dbcr?ybqD0wOQzm`0nea4U%Jbao)h4;eU+vzRw`nwHc(;$^^ zxA-8zYIt;0)WQ7$FpykomYH>FFtQyVBMPqnO!jQ#V_f%BK?dxy&Nnis_ls@Q-F1W~ zANJ)>>v_Qx#EI9qIo{xmiS7s#dm1 zu>I_Cd+kYH+)j0|a8G?gcl!FnfX}n$>+4GZF(m)>enNH2VsvT$c0#HITkd@sbc;8i z;)h?5etEU!ad;EYp2Y-x#0j9B1=s0W{FWOFYdBXzE4;k!y$|ss^ zfc9i*m<;H~-1z5X&(r;7>f~5X+i!7c=wm!jH|||gD6|@)NNV>$_eOm-cMj!U_lA)i z5F5P5d-*r%mRwrpZkJ5G#s+a>lB-IUiELsro-~<`c9Pgk{n4|nHQ~*l{A^xMTGXX* z3bjCjL_tcL+(%z|cM?q$2Q5UYrbWL1T__8jz>180gK^91rD>pGqAsG=YC?#)8OPQ( zguT;Cy(o9f01*;1aIQ{}tA{cDZ9%R2?VE2ahBl0AnGX}Dh(0q0q%7bdxT>;*QGeIj~aNzS+m$s}lhpTQz^jZ4l64Pf; z%fglmMk1rmGwUlt87}2G?_dcBOBm(snj%X-GG$%rM~xgtUZ1!2x|Xg^>r;ukcPqYc z^J2Yb_Q@x??y4a|)SQ=`?_iF}AH6V*I3V_n=rtuI#W2;FLPrsd-hD~DT*&~1NvKbn zeF!Gbl(vi|`xLqI$gc?gfPsYWeP5V`p?a05TzxL7Y**Cdmn-o-#O;ZF6&C~TWp-UTfL;Vw?-#~(&=+SoPp@U)cM3hW(ElRjX)KJZ>&?L=GLwv|T`QvL zf}^lYJOO|Dn2zi{%E_sE_xt_g%>(SviL$lLVfi$Vt+@8Iu4)uv z0{Qc3rha;L57X8)$EY)Jf3n#mW`_Ph2y}J`#5c@IpvtoM#0~D_$Vb;MhFe29Kn+^x zTV|(i*k)&Q1wC7Mf(~I)Z}R+~Mr+rMB_ekJh^<_v^cfo2|_cNwho$Dvi2@ ztefzHFt;3C4rfzSQ(8~O*u5v*rObCU%YV|z8h(J*(3*x&apH{EgV$XhssaVCv@j+} zC_rVvSAuIY>TW@e*J5iMA>=6Q;L)~3+&mvQ`Fpox;F5@oOb#O>=SYWAztv6F!EZE< zxMm=3a{Xgh1u_=Xd>u#8xbNYm)XP6d?e7fdCh+tr=JC>~S_EtPOm!Wu%Pdt}yEbyN zInK7f=(o=PS#Jb=A`YuR$3r%s$uuC*Q`*gu(KFP%w2oVP2Cw zK2;BYVXXblnSC`SZ^%DqWk~0Q${dB+cv|IKO<&G+w>&1b>!KY&pF*oDcE#Rp`5f!( zP@R^~6}yOz(%mZk@=)U1gKT2X{C!c08X=lmeipOITI``xwhSZfdM<8Gso90l$)hd# zZ1<3=Oyb`*-!epCUWc>d5^Jz8_CKZ%Ms5B~`AxJYU=$!F zObeONT9Y4kj~Z4Kr~N^hcZI){5~O<`iR{ag+4zUR2b&;HJMWV%rsu1L-8uH{Nm#aa zYo=nR_Wk0Iy66TEq_mmhPCulk-rrIE(u60hp2GBc;wM86qjBGimWMrMzqpOWo^>jV zmO?T!{V%6&wRbhZP$ZKzx!^6VaiL1_I3dz3M(QN^jD3<@({*n-oYC)@Y(H4{b!^`axNvza!4d?E# z-gPZ+oJhnKqqyDxyME6?v@g5eJzV+YzMmcl?;mM{rIU)se_gD`w_a~E&YE9+?G1nr z`wE$TztG7`W2r>i;vR>sgln_LvZOu&vUu^w%&1df|MJ^FjUhjLji>u?PbhrANHZ%a zDk@;-$_8FS6}OE`J}yu@<84moYwf6?KyN!WgOOy znH440>GgHo8#|n`**-j)a1-D&#`J-mzHG;s6(YIdRl_6ZVkF&9spDTJ-Yya@bb}9TVWPIWdQ}9PTOCr1j zD~@=mL_{>_YNyx)H#B7W(6}*Cn7TciCG<$Z$+Hd%2ppBB=xmRLtx62o&Wl8m{r{s zO3p;mvKg{U`Ro3Nk#JXSo!XE3#epmz4AUGjpSwrv4jd|I_U0X=@wFIz`zV;q)@Y#w zW6IPdJ9q|J1Qm3PW{^{WPcz48ed-GnDX0xHg zI8j5Dkt*v$p(RE36LVu3!`F<+77L}(xwC@x*URPMuC$u*i=A(KpqNo`wDe#eauZcJ zRxSBB?@9fi@AqS6+1~0-x|Kj7yoBa%#s&6G=tLA)2#4{vM-Qey`!1BjvpAn%D8pmM!e>c=bjWv9iv8qA`O5*t9>O)aAeT_sEF5#o zp*U@Of9i$#xDzWK>aINa28%5DXXeX+UVIp+rKSF(<_iq>?G5Tb;>r0F9yr-}vLCFi_55PI!jB9mBwS0P`)nSqSo`k5{I&1d_sgg^y*61v(Ml-9ZY7)Q z>5avq4X$S6PJYA(Wz9{mdK?jPddk-4=VSlOFKy!G`p;RUeMjz0u2*o?`;L){255Qb z>yaaFa^4OG=y`n0=|e5jP3#-W*9P&kaI*D$@4aaAIZb~c@O%n6e4*|y7}l@I@4&U7 zc-SW3w~GXFNc=S!`|=l8mk^=Jm|YqyLhHa68%8Y=`W19OjnhZE?d)@|B(mQ7Nw?PU z<`|eWdH>BzxhOi8>J0Sk^4uyPxGnv4;YG_Y3!d2yp3)T0p*r(9uH*t_RCetbUtC}b z#lJIE0PZ{ez1Rz%-!xRRTW8R;0h5sF9ca69&jGu4&v2gn@__%9s~~8DcUhMWg6TN^ zZzy}P9#n8kAOo9OSj`Yh6g%A6EG{Vv1KX}DUhT0rLp?lG7V-7Kk`wMaN_r!xSaCYt zPdObqFxwWn)@e9*90iLJPvnF7Q`q68gZ!Bf!CGB3*tK*<>9fC4ePmi~+W$G_G<+w& zJ(XXL_%6YF+mZad7#<-1Uiy_E38FiMfjclCZ^j7Wwn+$?O|LG`dqC)C!W|oW#HriP zoRE;UVIz|xFlIV~uHn*`^NeaL&BM3_l{hFinhMBLG6GT@3pjuW5EzIE zLQp^n9T%i2U5XBbVMU6xgx*1e2m%pF1Q81iAT_kmW(-mSQbQ3CX8&(y=FIMgJ!ik{ zht1&&AGqY4``&y1_kDiP^JJVI91J||QyUagNC_C_R0Jf6X|IkjpT-x8DP~x2CU;qM zK?iY$X*x+t-$3PR5%9+IAT$b$Q%iML1~2p83ugHIaFf3BZELUvC}esQboZD26!gZ0A7i4cn%ZN3^ci6i$O zyrd$LL0&~Jvfwq?a#V9_NfkgQ?5*RdThW!;0ayLI%l#E1gi{+9{C`0fV9J1Em{7Es`Z)sZjhk0_>X1Jp zvfWIcGI)DBC~1RVPJY0Bi`yxqNr0EA{>v503AoX3@7zJ0dN8z{b)8se>7n5zbKM$(jCHl$ylPu~=Uvb|gL5U8wrBCLU}b#aA_ z)PuF9DIt$Lj5L<$tiRskWVc+)h`Kp;S-km%1>aBaDosMZMC}EUi;DmreZEr;O(fc> zoN?>=>Zwga^$WUKTFm{m*dT>FQTz{{4eJ^+;>d!b)}kN?roTf)A1wrJue){$U{8Q`2~7+Ym_eCY~omxB9`QiVIWR&$6foB|q!UBKitc zcllW7o>kahRe0sHW82wghih|#Nb4Hix_#ecOkJ_$z*nTw-1*uE_w#`VzU5!R1Q**f zqfJTW^6U{^N_Pn#)|U9M5IYTe7vzIdW@+736MO1seV8F#lV zH_g3uyYOYJAS5lk*5OGjzKKmzFY-b~wDQ-ktj3??k#Q$V%ZB46F$BJQ?-ra|(^HB< z2d#y8I^;^LPu7q|ky}?8z#x21e(p;d`~{J4U*JJ+0gRLX(7X}SGUMJXp6Tu;sT8S?jLsFzZG#dXwyV%o8Gh+wp0eO(^k6-XS~6wg2ai5@A@{pVR-PQzJV z&P;KtA7DA`jr`W1xtcfi)Y^;y`HFDx3uV%)FRmYIpDrmHGK~F8cf7C?YQE7X5AhKk zC*@T4UG&z8o24}*Eg^x+bm{>E_NGC$YstWAiRhVX?-4gcynL+cShBaXknYq*dxS=! zRuBDG6Qvi!cWxFf-lhrBD@Y^3y#9RVRHS}a?|&B%;x()PvqKG~@PHa6(j>#79lK45 zW1-M&vtE9J`O3m?xYGcu^6hKiM}{JmiV~_*^=Tgiyvqu2p4zpIH;t(o7Qh*M53K>2 z!)Y$^ZFx`r?whSS>B=3}?d5_fMnithJNH;>xVe1z(s!-dm^Or2g}=<2*906|RQFO4CcK(q=a? z*SK&AlHSiq?(~*%6$wlE>;hR8)XB!ldIhozEtjLT;Mv zHrZImaTC+~V>P@nNhI7usbW&hr{-lxi&0*3I@VxL`Vgm|uT&ztyv5(6#9}RTr5gJ* zuS?|j<=gwrCgj6f_X_vfeXlC0KQVdXJ%2+yR^0Go*@;tvp$%_-8#>H*wUpv*L9W;N z#;!FBrmler^`OSCudjD$JS6#`CxON;Tog{yFN)+jMQ?N3KIfS!E0M6@340`#RanvLwHc1M9E6GUeqUh4 zq-DDD>#`h~#YR2qq{?R*6S=tOr$Mhq7EQ=W)!F7^|L6Z^N zd8pOv7CMDiH~`j7!o4Bv^x{x|mARVrSe0kBl-WV3(E7C>mXlpm;_>-ToMM63I9r58 s!A!qJg9dU=yXw>s-1}qGc2MPfoiOC;$Ke diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json index 3b96ba58f..ecea0d6d9 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json @@ -3,10 +3,10 @@ "contentVersion": "1.0.0.0", "parameters": { "parVirtualHubResourceId": { - "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" + "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" }, "parRemoteVirtualNetworkResourceId": { - "value": "/subscriptions/8d599126-99a6-4102-8473-5679bcac3ede/resourceGroups/alz-vwan-westus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus" + "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/remotevnet-rg/providers/Microsoft.Network/virtualNetworks/vnet-spoke" }, "parTelemetryOptOut": { "value": false diff --git a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json index 1e059c842..495f4ce69 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json +++ b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.parameters.example.json @@ -6,10 +6,10 @@ "value": true }, "parVPNGatewayEnabled":{ - "value": false + "value": true }, "parERGatewayEnabled":{ - "value": false + "value": true }, "parAzureFirewallEnabled": { "value": true From 50fb03cbdb701d4bb35c691098c0b56f6e31f765 Mon Sep 17 00:00:00 2001 From: Jack Tracey <41163455+jtracey93@users.noreply.github.com> Date: Wed, 23 Mar 2022 12:58:41 +0000 Subject: [PATCH 09/13] Update vnetPeeringVwan.bicep --- .../vnetPeeringVwan/vnetPeeringVwan.bicep | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep index ab756ae19..f340c7428 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep @@ -2,20 +2,17 @@ SUMMARY: Module to perform spoke network peering with the Virtual WAN virtual hub as per the Azure Landing Zone conceptual architecture - https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology. This module draws parity with the Enterprise Scale implementation defined in https://github.com/Azure/Enterprise-Scale/blob/main/eslzArm/subscriptionTemplates/vwan-connectivity.json DESCRIPTION: The peering can be configured using the parameters file: Virtual network peering with Virtual WAN virtual hub -AUTHOR/S: Fai Lai @faister -VERSION: 1.0.0 +AUTHOR/S: faister, jtracey93 +VERSION: 1.0.1 */ targetScope = 'subscription' -@description('Region in which the resource group was created. Default: {resourceGroup().location}') -param parLocation string = deployment().location +@description('Virtual WAN Hub resource ID. No default') +param parVirtualHubResourceId string -@description('Virtual Hub resource ID. Default: Empty String') -param parVirtualHubResourceId string = '' - -@description('Remote Spoke virtual network resource ID. Default: Empty String') -param parRemoteVirtualNetworkResourceId string = '' +@description('Remote Spoke virtual network resource ID. No default') +param parRemoteVirtualNetworkResourceId string @description('Set Parameter to true to Opt-out of deployment telemetry') param parTelemetryOptOut bool = false @@ -27,11 +24,15 @@ var varVwanSubscriptionId = split(parVirtualHubResourceId, '/')[2] var varVwanResourceGroup = split(parVirtualHubResourceId, '/')[4] +var varSpokeVnetName = split(parRemoteVirtualNetworkResourceId, '/')[8] + +var varModhubVirtualNetworkConnectionDeploymentName = take('deploy-vnet-peering-vwan-${varSpokeVnetName}', 64) + // The hubVirtualNetworkConnection resource is implemented as a separate module because the deployment scope could be on a different subscription and resource group module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if (!empty(parVirtualHubResourceId) && !empty(parRemoteVirtualNetworkResourceId)) { scope: resourceGroup(varVwanSubscriptionId, varVwanResourceGroup) - name: 'deploy-Vnet-Peering-Vwan' - params: { + name: varModhubVirtualNetworkConnectionDeploymentName + params: { parVirtualHubResourceId: parVirtualHubResourceId parRemoteVirtualNetworkResourceId: parRemoteVirtualNetworkResourceId } @@ -39,9 +40,9 @@ module modhubVirtualNetworkConnection 'hubVirtualNetworkConnection.bicep' = if ( // Optional Deployment for Customer Usage Attribution module modCustomerUsageAttribution '../../CRML/customerUsageAttribution/cuaIdSubscription.bicep' = if (!parTelemetryOptOut) { - name: 'pid-${varCuaid}-${uniqueString(parLocation)}' + name: 'pid-${varCuaid}-${uniqueString(subscription().id, varSpokeVnetName)}' params: {} } -output outHubVirtualNetworkConnectionName string = modhubVirtualNetworkConnection.name +output outHubVirtualNetworkConnectionName string = modhubVirtualNetworkConnection.outputs.outHubVirtualNetworkConnectionName output outHubVirtualNetworkConnectionResourceId string = modhubVirtualNetworkConnection.outputs.outHubVirtualNetworkConnectionResourceId From f019cd153961e53459f1a81bf22241ed142d1b52 Mon Sep 17 00:00:00 2001 From: Jack Tracey <41163455+jtracey93@users.noreply.github.com> Date: Wed, 23 Mar 2022 12:59:17 +0000 Subject: [PATCH 10/13] Update hubVirtualNetworkConnection.bicep --- .../hubVirtualNetworkConnection.bicep | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep b/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep index 39755792f..c3d88ff9b 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/hubVirtualNetworkConnection.bicep @@ -2,21 +2,21 @@ SUMMARY: Module to connect your spoke virtual network to your Virtual WAN virtual hub/ DESCRIPTION: The following components will be options in this deployment Virtual Hub network connection -AUTHOR/S: faister -VERSION: 1.0.1 +AUTHOR/S: faister, jtracey93 +VERSION: 1.0.2 */ -@description('Virtual WAN Azure resource ID. Default: Empty String') -param parVirtualHubResourceId string = '' +@description('Virtual WAN Hub resource ID. No default') +param parVirtualHubResourceId string -@description('Prefix Used for Spoke virtual network. Default: Empty String') -param parRemoteVirtualNetworkResourceId string = '' +@description('Remote Spoke virtual network resource ID. No default') +param parRemoteVirtualNetworkResourceId string var varVwanHubName = split(parVirtualHubResourceId, '/')[8] var varSpokeVnetName = split(parRemoteVirtualNetworkResourceId, '/')[8] -var varVnetPeeringVwanName = '${varVwanHubName}/${varSpokeVnetName}/' +var varVnetPeeringVwanName = '${varVwanHubName}/${varSpokeVnetName}-vhc' resource resVnetPeeringVwan 'Microsoft.Network/virtualHubs/hubVirtualNetworkConnections@2021-05-01' = if (!empty(parVirtualHubResourceId) && !empty(parRemoteVirtualNetworkResourceId)) { name: varVnetPeeringVwanName @@ -27,4 +27,5 @@ resource resVnetPeeringVwan 'Microsoft.Network/virtualHubs/hubVirtualNetworkConn } } +output outHubVirtualNetworkConnectionName string = resVnetPeeringVwan.name output outHubVirtualNetworkConnectionResourceId string = resVnetPeeringVwan.id From f2a14f70eb2c6571de81d7aa796d2e6984cd8538 Mon Sep 17 00:00:00 2001 From: Jack Tracey <41163455+jtracey93@users.noreply.github.com> Date: Wed, 23 Mar 2022 13:00:40 +0000 Subject: [PATCH 11/13] Update README.md --- infra-as-code/bicep/modules/vnetPeeringVwan/README.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index ae109b30b..bb9fbb0bd 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -12,10 +12,9 @@ The module requires the following inputs: | Parameter | Type | Default | Description | Requirement | Example | | ---------------------------- | ------ | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | ---------------------------- | - | parLocation | string | deployment().location | Location where spoke virtual network will be deployed | Valid Azure Region | `eastus` | - | parVirtualHubResourceId | string | Empty string | Resource Id for Vwan Virtual Hub. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus | -| parRemoteVirtualNetworkResourceId | string | Empty string | Resource Id for remote spoke virtual network. | 2-50 char | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus | - | parTelemetryOptOut | bool | false | Set Parameter to true to Opt-out of deployment telemetry | None | false | + | parVirtualHubResourceId | string | None | Resource ID for Virtual WAN Hub. | 2-50 char | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus` | +| parRemoteVirtualNetworkResourceId | string | None | Resource ID for remote spoke virtual network. | 2-50 char | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus` | + | parTelemetryOptOut | bool | `false` | Set Parameter to true to Opt-out of deployment telemetry | None | `false` | ## Outputs @@ -23,8 +22,8 @@ The module will generate the following outputs: | Output | Type | Example | | ------------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| outHubVirtualNetworkConnectionName | string | VwanHub-SpokeVnet | -| outHubVirtualNetworkConnectionResourceId | string | /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/VwanHub-SpokeVnet | +| outHubVirtualNetworkConnectionName | string | `alz-spokevnet-westus-vhc` | +| outHubVirtualNetworkConnectionResourceId | string | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/alz-spokevnet-westus-vhc` | ## Deployment From d0a72b5998675fa64761b2e048c2f111754e1a8a Mon Sep 17 00:00:00 2001 From: faister Date: Thu, 24 Mar 2022 15:00:19 +1100 Subject: [PATCH 12/13] final test ok after jtracey93 commits --- infra-as-code/bicep/modules/vnetPeeringVwan/README.md | 6 +++--- .../vnetPeeringVwan/vnetPeeringVwan.parameters.example.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index bb9fbb0bd..74ccbb0b9 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -13,7 +13,7 @@ The module requires the following inputs: | Parameter | Type | Default | Description | Requirement | Example | | ---------------------------- | ------ | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | ---------------------------- | | parVirtualHubResourceId | string | None | Resource ID for Virtual WAN Hub. | 2-50 char | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus` | -| parRemoteVirtualNetworkResourceId | string | None | Resource ID for remote spoke virtual network. | 2-50 char | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualNetworks/alz-spokevnet-westus` | +| parRemoteVirtualNetworkResourceId | string | None | Resource ID for remote spoke virtual network. | 2-50 char | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/spokevnet-rg/providers/Microsoft.Network/virtualNetworks/vnet-spoke` | | parTelemetryOptOut | bool | `false` | Set Parameter to true to Opt-out of deployment telemetry | None | `false` | ## Outputs @@ -22,8 +22,8 @@ The module will generate the following outputs: | Output | Type | Example | | ------------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| outHubVirtualNetworkConnectionName | string | `alz-spokevnet-westus-vhc` | -| outHubVirtualNetworkConnectionResourceId | string | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/alz-spokevnet-westus-vhc` | +| outHubVirtualNetworkConnectionName | string | `alz-vhub-eastus/vnet-spoke-vhc` | +| outHubVirtualNetworkConnectionResourceId | string | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus/hubVirtualNetworkConnections/vnet-spoke-vhc` | ## Deployment diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json index ecea0d6d9..ad4ca18b1 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.parameters.example.json @@ -6,7 +6,7 @@ "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-vwan-eastus/providers/Microsoft.Network/virtualHubs/alz-vhub-eastus" }, "parRemoteVirtualNetworkResourceId": { - "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/remotevnet-rg/providers/Microsoft.Network/virtualNetworks/vnet-spoke" + "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/spokevnet-rg/providers/Microsoft.Network/virtualNetworks/vnet-spoke" }, "parTelemetryOptOut": { "value": false From 806a85b141520b230087b9efa533a98c806d915e Mon Sep 17 00:00:00 2001 From: faister Date: Thu, 24 Mar 2022 15:03:04 +1100 Subject: [PATCH 13/13] pre-req for spoke vnet module --- docs/wiki/DeploymentFlowVWAN.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/wiki/DeploymentFlowVWAN.md b/docs/wiki/DeploymentFlowVWAN.md index 1fa2d3eec..f6c5e42cf 100644 --- a/docs/wiki/DeploymentFlowVWAN.md +++ b/docs/wiki/DeploymentFlowVWAN.md @@ -15,4 +15,4 @@ Modules in this reference implementation must be deployed in the following order | Order | Module | Description | Prerequisites | Module Documentation | | :---: | -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | 1 | Virtual WAN Connectivity | Deploys the Virtual WAN network topology and its components according to the Azure Landing Zone conceptual architecture. | Management Groups, Subscription for vWAN connectivity. | [infra-as-code/bicep/modules/vwanConnectivity](https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/vwanConnectivity) | -| 2 | VNet Peering with vWAN | Connect a spoke virtual network to a Virtual WAN virtual hub. | Management Groups, Subscription for spoke VNet, vWAN Connectivity Module | [infra-as-code/bicep/modules/vnetPeeringVwan](https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/vnetPeeringVwan) | +| 2 | VNet Peering with vWAN | Connect a spoke virtual network to a Virtual WAN virtual hub. | Management Groups, Subscription for spoke VNet, vwanConnectivity Module, spokeNetworking module | [infra-as-code/bicep/modules/vnetPeeringVwan](https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/vnetPeeringVwan) |