From 518aa49205d15094b70dc6f56649e27fafbe2331 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Tue, 5 Oct 2021 16:02:52 -0400
Subject: [PATCH 01/14] Implement new construct

---
 .../aws-route53-alb/.eslintignore             |   4 +
 .../aws-route53-alb/.gitignore                |  15 +
 .../aws-route53-alb/.npmignore                |  21 +
 .../aws-route53-alb/README.md                 |  99 ++
 .../aws-route53-alb/architecture.png          | Bin 0 -> 55118 bytes
 .../aws-route53-alb/lib/index.ts              | 175 ++++
 .../aws-route53-alb/package.json              | 109 ++
 .../test/integ.deployPrivateApi.expected.json | 551 +++++++++++
 .../test/integ.deployPrivateApi.ts            |  37 +
 ...deployPrivateApiExistingZone.expected.json | 930 ++++++++++++++++++
 .../integ.deployPrivateApiExistingZone.ts     |  52 +
 ...g.deployPublicApiExistingAlb.expected.json | 779 +++++++++++++++
 .../test/integ.deployPublicApiExistingAlb.ts  |  58 ++
 .../integ.deployPublicApiNewAlb.expected.json | 926 +++++++++++++++++
 .../test/integ.deployPublicApiNewAlb.ts       |  54 +
 .../integ.deployWithoutLogging.expected.json  | 407 ++++++++
 .../test/integ.deployWithoutLogging.ts        |  38 +
 .../aws-route53-alb/test/route53-alb.test.ts  | 384 ++++++++
 .../@aws-solutions-constructs/core/index.ts   |   2 +
 .../core/lib/alb-defaults.ts                  |  21 +
 .../core/lib/alb-helper.ts                    | 152 +++
 .../core/lib/s3-bucket-defaults.ts            |   9 +
 .../core/lib/s3-bucket-helper.ts              |  22 +
 .../core/package.json                         |   2 +
 .../core/test/alb-helper.test.ts              | 390 ++++++++
 .../core/test/s3-bucket.test.ts               |  12 +
 26 files changed, 5249 insertions(+)
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/.eslintignore
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/.gitignore
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/.npmignore
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/architecture.png
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/package.json
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/core/lib/alb-defaults.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts
 create mode 100644 source/patterns/@aws-solutions-constructs/core/test/alb-helper.test.ts

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/.eslintignore b/source/patterns/@aws-solutions-constructs/aws-route53-alb/.eslintignore
new file mode 100644
index 000000000..e6f7801ea
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/.eslintignore
@@ -0,0 +1,4 @@
+lib/*.js
+test/*.js
+*.d.ts
+coverage
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/.gitignore b/source/patterns/@aws-solutions-constructs/aws-route53-alb/.gitignore
new file mode 100644
index 000000000..6773cabd2
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/.gitignore
@@ -0,0 +1,15 @@
+lib/*.js
+test/*.js
+*.js.map
+*.d.ts
+node_modules
+*.generated.ts
+dist
+.jsii
+
+.LAST_BUILD
+.nyc_output
+coverage
+.nycrc
+.LAST_PACKAGE
+*.snk
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/.npmignore b/source/patterns/@aws-solutions-constructs/aws-route53-alb/.npmignore
new file mode 100644
index 000000000..f66791629
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/.npmignore
@@ -0,0 +1,21 @@
+# Exclude typescript source and config
+*.ts
+tsconfig.json
+coverage
+.nyc_output
+*.tgz
+*.snk
+*.tsbuildinfo
+
+# Include javascript files and typescript declarations
+!*.js
+!*.d.ts
+
+# Exclude jsii outdir
+dist
+
+# Include .jsii
+!.jsii
+
+# Include .jsii
+!.jsii
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md b/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md
new file mode 100644
index 000000000..295318507
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md
@@ -0,0 +1,99 @@
+# aws-route53-alb module
+<!--BEGIN STABILITY BANNER-->
+
+---
+
+![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge)
+
+> All classes are under active development and subject to non-backward compatible changes or removal in any
+> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model.
+> This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
+
+---
+<!--END STABILITY BANNER-->
+
+| **Reference Documentation**:| <span style="font-weight: normal">https://docs.aws.amazon.com/solutions/latest/constructs/</span>|
+|:-------------|:-------------|
+<div style="height:8px"></div>
+
+| **Language**     | **Package**        |
+|:-------------|-----------------|
+|![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python|`aws_solutions_constructs.aws_route53_alb`|
+|![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript|`@aws-solutions-constructs/aws-route53-alb`|
+|![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.route53alb`|
+
+This AWS Solutions Construct implements an Amazon Route53 Hosted Zone routing to an Application Load Balancer
+
+Here is a minimal deployable pattern definition in Typescript:
+
+``` typescript
+import { Route53ToAlb } from '@aws-solutions-constructs/aws-route53-alb';
+
+new Route53ToAlb(this, 'Route53ToAlbPattern', {
+  privateHostedZoneProps: {
+    zoneName: 'www.example.com',
+  }
+  publicApi: false,
+});
+
+```
+
+## Initializer
+
+``` text
+new Route53ToAlb(scope: Construct, id: string, props: Route53ToAlbProps);
+```
+
+_Parameters_
+
+* scope [`Construct`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_core.Construct.html)
+* id `string`
+* props [`Route53ToAlbProps`](#pattern-construct-props)
+
+## Pattern Construct Props
+  // If no existingHostedZone, must send hostedZoneProps with at least zoneName
+  // Public APIs require an existing Hosted Zone to be passed in as the amount of
+  // DNS configuration required can't use any defaults and require a complex
+  // Construct hierarchy to define - at that point the client should just instantiate it.
+  // Private APIs can accept props and create a new Private Hosted Zone.
+
+
+  // drives multiple settings in construct, including
+  // alb.internetFacing and hostedZone creation
+  // This is a construct level attribute, define it here and not
+  // at lower level service props
+
+| **Name**     | **Type**        | **Description** |
+|:-------------|:----------------|-----------------|
+| privateHostedZoneProps? | [route53.PrivateHostedZoneProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.PrivateHostedZoneProps.html) | Optional custom properties for a new Private Hosted Zone. Cannot be specified for a public API. Cannot specify a VPC, it will use the VPC in existingVpc or the VPC created by the construct. Providing both this and existingHostedZoneInterfaceis an error. |
+| existingHostedZoneInterface? | [route53.IHostedZone](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.IHostedZone.html) | Existing Public or Private Hosted Zone (type must match publicApi setting). Specifying both this and privateHostedZoneProps is an error. If this is a Private Hosted Zone, the associated VPC must be provided as the existingVpc property |
+| loadBalancerProps? | [elasticloadbalancingv2.ApplicationLoadBalancerProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancerProps.html) | Optional custom properties for a new loadBalancer. Providing both this and existingLoadBalancer is an error. This cannot specify a VPC, it will use the VPC in existingVpc or the VPC created by the construct. |
+| existingLoadBalancerObj? | [elasticloadbalancingv2.ApplicationLoadBalancer](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancer.html) | Existing Application Load Balancer to incorporate into the construct architecture. Providing both this and loadBalancerProps is an error. The VPC containing this loadBalancer must match the VPC provided in existingVpc. |
+| vpcProps? | [ec2.VpcProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.VpcProps.html) | Optional custom properties for a VPC the construct will create. This VPC will be used by the new ALB and any Private Hosted Zone the construct creates (that's why loadBalancerProps and privateHostedZoneProps can't include a VPC). Providing both this and existingVpc is an error. |
+| existingVpc? | [ec2.IVpc](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html) | An existing VPC in which to deploy the construct. Providing both this and vpcProps is an error. If the client provides an existing load balancer and/or existing Private Hosted Zone, those constructs must exist in this VPC. |
+| publicApi | boolean | Whether the construct is deploying a private or public API. This has implications for the Hosted Zone, VPC and ALB. |
+
+
+## Pattern Properties
+
+| **Name**     | **Type**        | **Description** |
+|:-------------|:----------------|-----------------|
+| hostedZone | [route53.IHostedZone](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.IHostedZone.html) | The hosted zone used by the construct (whether created by the construct or providedb by the client) |
+| vpc | [ec2.IVpc](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html) | The VPC used by the construct (whether created by the construct or providedb by the client) |
+| loadBalancer | [elasticloadbalancingv2.ApplicationLoadBalancer](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancer.html) | The Load Balancer used by the construct (whether created by the construct or providedb by the client) |
+
+## Default settings
+
+Out of the box implementation of the Construct without any override will set the following defaults:
+
+### Amazon Route53
+* Adds an ALIAS record to the new or provided Hosted Zone that routes to the construct's ALB
+
+### Application Load Balancer
+* Creates an Application Load Balancer with no Listener or target. The consruct can incorporate an existing, fully configured ALB if provided.
+
+## Architecture
+![Architecture Diagram](architecture.png)
+
+***
+&copy; Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/architecture.png b/source/patterns/@aws-solutions-constructs/aws-route53-alb/architecture.png
new file mode 100644
index 0000000000000000000000000000000000000000..0a2858f5d019bf39903639de92e86eb24baafcc9
GIT binary patch
literal 55118
zcmeFZg;yJ0*FFpsm*P^~wYa-m@#1d9in~K`cb7te0;R>>EkFvz9RdU`8l2$p<Cf=r
z<ogf4b!W}2oE)D$d(OG`zV;+WT~!_fl^7KU1_nb>LFPRS%qwLW7&vic#FrcyBYg)L
z7+4uQX=!yuX=zGzH)m@*2P+sD#uQ64GaSXYj6coI&CGs|u`r>!dB2a2j(=|!JkmQ%
zi8AmWeJEyl5Frs3R!o8por4%Zpkt^PxtRShbo6{Xz`yU%;b^`CD1!<Wj?uOFE)Q$O
zR53U#afgXjPDhBB!NI{%2D3D>Lx(`=g_O+t9^L~lSrlnNHL8~X)1o346uUMznbL;x
z9x<6UIX?xNC+rL%xhgH3wjgmJav2RyMC=%qoJ|sSBZQm{K3_?QQL%~<c53_<AwxE2
z{|y~#Vz2r;?bA`E`56rkE)K2_W-t+gGFQ7K>$M;7wj`qQqd7VBMqyCJWTFROJ=Pj0
zhJ^HBQk5ZI)_fv-1?USzh>?wPLE;FqWK!kk3$1Ny;pV7Sy?=go7kKrmgZ>o&eE9tQ
zy!Q0`47Nf?A8jEbdL8fzW?b4VR}H1d`bDfdR(guoDk?C{FKJ{L*eE*~_?Hyy%Srrl
zzTAP-NEoD-Z=9D?<_p}vN?$2|dG)U}ocJFVB{iiL6<@wJE#0iFoZM}lJqTk{LSDL>
zx6{(|&{I(svUGN2GymXhVa4X-=<-Js7!e<#m!zYWhdHH>ql1&XkdG+!pEZPD(tl*L
zQ&av~#lv2dT2DotQrg+gijtR&hmC_;43(0SQpD|pwa|MRxxbsg{1T<M_3&^JVrTdE
z_Ga_uW^;D4VdoSS6lCY%V&~#weW}6f?(5`X?!)TjPV-kM|LRA^%H7h<&c(yd*@^Ox
ze$6eMJv~IJss9-0|2}`s)5^#0-y=D>|9x367s&oc2|Fhn2mAl^{nAwAk6a;jJ0B|t
zJsCU47xBD|Atu1XBl2hc|4+%kNBpa$w!4*^w6o(&Ll3ck%lGfb|5^CI4gVZc|KCIM
z^7H=ZkpEHgcS{lWKd$^gB=MJ+|IB@nvlyxf`~TfDF;oL54^9{u2^d8gNi84Pqb{U$
z<AuPr`@%J0>q%jWPqJnw+Ud&g8m*Kvt(G#C9OS(=WtiB<4Ox8IJ$IId-BL3aS=iVo
zWHVWpG9A9_H7f9W)!~}KDkSeYe(Jki17AO0FYOixXTK^&mq>TUbw3g8I01`_+y~g4
zJc8*OT<96#s44&ZaDfY%#tqn}`tRJAO6%~n*&bBUpOF9Ska!J?Qbx*gP5_II^<M`H
zz45F6?K@doB9sX!zEf5LUgp1!P{oD+>Gu=zHdeCP2rP~B|MZKUY&OmNKXayp6MUJR
zTklW9|LOOSDP#QCd|!t7XUhK}>wl#DZ}s>`G5%4Ee^!kDTtfd@m;Wt|f3}kU*t7pp
zjDHm4A0+oTM*atU{u}831M&aEHu*;}{!xto|Cp;I?hiYxa13;(Nhg78m0t(mi4b%H
zV8?NK1^`{$XGEg#gXza<+piuAw$px-a+%S7Wl;sRa+*xJY8WNK7fxq;<|dWD*5{H%
zRvUkOTg4w5*KfJfcv<{_c5B_w?K|i-n#b@<@i1KI-u1w|)Q<82=cLi<7+>U(JH{}y
zncJz1Z+x91s3;X94fj7B4FV{z2^^o{6GPX+dXFl{{O|&zUggsT9cu_Ao{6lep^DiN
z=WUpeat1K$isY!E7G>?mhkb=t%OWQnyiz#LiP85Lqhb@2w&s+dh{6^n4XGP#q#a5s
z<yx88)BOnsG@KFT#|ZPQ)ku$W-$J)Xxrd{Cr^nzit@nJ}O>usk47(~2Opglb&a>xp
zt3b1N-TtlclyDcg$!58QaRJ~kiMzee$RV5Zr`xU~G25ngoyo3}$TuZD{*ikZF=dU7
z@t@3bZti<%JF!@|vtr}0niOWkzmlsf=)9%bTteA6#s=vjvyO;Y7-DBB2i6xeX=N4)
z`dY_HREFA~(<<vF+vl|ANYDTNT1oWwKRr4w)Gy8%+?=1g>BusIAwM<H&x8Ztu?O8?
zVjgi~OjxWWQ-%+mYT~MJT20aq=Pb~XHoU>3KkNBI%ta$f{<}`9OH}`T6fK&#rN{$9
z7Df_qLwJC3TMeB2HfC2AKT&!$_54g5FUx8=sZW+h<v0afB|2r6HPh&uy=|~UUnksx
z6oy4~_kTKj&XH{~G|AuG7N)}#PAR>++521>zwt_Jel)$;#*42Spx7_UMX|Us;qw5M
z<>O?tg4K+iNM@io1}x{%BAi<lJw&w%{5GI0JImMj{q{gwH<gr|{4>ysIGlU*9V2UM
zhInPt?y!-RflNQ=;lZ$UyK+u^PGq?&wqS)?Ow#p0hHP{k+;7Xl6*Q4fj{z$_&S&+I
zUVKkP%t(Z&_gI3)Gk7><bcMYmXf!o%oEIEo)-q@*uju~R<+CtCa`yE}C<^QAQkY06
z0N}kwmGyv+Zu4bj)~EcA@whfzwS`t{1_nA7R#v4t8XDF+_;fn@+D;jBRyx|6PP|P!
zI>yH42RdwdzxL`KzQNB}-8Qf*m&B1D=g^7N7sq((ixm?N$Wp)C+okTur31#8ebUVx
zl9!2<#Z7&06|TovV<rI`6mx!tQ-W%N?V`xq-x6gdi%VTA|B2;m0u$F$rM`hRPQffg
zBQ`@hRW1?#*s5>1*C3x?L3}bFYit?qn{HM5ToE#{;@YnQN{7JW?Z41Gn;o2H8aE%J
zIgcPL70)Y;@RRXZ(q6XDU&xlg&c>es^MMYtcYbn?wr2g2NDP!;%Ba4ax?!*r+@@A_
z7URKHj2@8usH`sP&o#8KtST82%H&&2)y8OcK<L(;mzK!zZ_&}vM}*Zr-e<FG{kUQ!
zD-pV1f7eD>U$?O#CK6^dfFM$A8w*FD!9t#66JQzP!-k_*?vuZbQkWJ)Z!JBw-L_7P
z3O6B$|88`K``kwW)gnre8$vpz#X}7s_7gZa`}iAh={|Dl2XqOin`4en_2>j@GC)+$
zJ=jSZiYt0)!nqqfzQ!;->^k2S+gjLpFi_Z8#OqOO;>qC3o&H+}U071WCZg6L6M>Jy
z&E!piCzs0udPm~@-Xa%?^wNNG*RA}`m|z;|G=Z(SZm}eMliRa~fsr59ju8ARubn2c
z=ABGBuQ`mkszBE&;7k;<5$cO0fi1%HEYLPgJm7+<fM4x7HfiTH^nFZmg#sQ`bzD+*
zc+z==?fC~boNSv>Fv71l@jO-@nyozy@fNI){)x60MV!XdTzrVn8o3CB6ROB+A`fxz
zSjj|3;y-Y*J3Eg?EZJ<yJr|Fn?l7#GtKgRJ(q;7Po+;ppU}a{;dlYcv_z=ii5u8t^
z{OPdm9aJ%M_%IDUIcQlh5wHN695t3iMFwm~KWz~S=Jq1v-iL5|N6c<82B@lJwh|qR
zaM(@+2lveJX)WW#i#WE~)dj-9eY}da{!v{aaAA@09)8UR4oCUq0@G!RKs*lUs;mc1
z!A3=0;|@%x!zR?98gOy8rAB@T`HXpXIS~tgfOJFmeWXDduxmJ@HA(0C-KaCfW`Wa6
zK1mNF=~t@8_(}>rYPJ?n9h)*12%k%By6)+1A*V%$g^^mQPtja?M;Q}iQ8EMCa3W92
zo6oyB9c3snQah-{!<rG8m?Qaz>VMi}>znkoC!fVYXMR~-O-*Q_6@)WKa+OG$5CJl0
z0?jj3k2-d91p&6iw5vS!z|*+Gx0V48%g=~+Lv;le@S0DEj^K_i=*kw7!|efm$N8OC
z$6e%W!?xzOR>sdUy|NN7%1eEd!nVk~srqJM(5NpNIe{^EvxT3Qgx|NC9W{#LoRvUD
zvC~&Bw^-d`e#ufTWMt6JLs9}yfxZcuymO22O{m1jOMC=Qpsg&^G`HG88(s^GkFWFt
z2lv{RZv-5dZ=_uL@M3UXKu}~&_H(|7F%O;W=;OOoU`p9r3i4kufBNT)I^k`<nok&t
zHd}%?L62UAkbsh3uOVc$DSb>lv4L`(6AXcF(?2pSzmzw1jprJCuk1z%Cc^msqvn)X
zVUCyMK;7h6j(qWv1C2N&J9ks)n?4EIkPw6N7)ieYgX+}b33=0TwMJ#aCeKOor_%Ql
z2^Lz1r)x|P7)#Y;tIZc<Z2lJ+C0>KPaSj(q%Z^t=I+Y2ju+;0R9mvQE9LDhC(-C^I
zYgmFKeR=y#2|V~Q#YX_~hTgH2ix_IyAktMu`P@xCt+x$}STd=3ma)Z@v+N&;Wz*u|
z38_0P8qmX|0KW3M(<$Wh5h(REDyOGhi)@HvZ|q{N-an4<Pj6SG@<q=3Mu=3Sm3~>=
z+YiuF5Sr%UpBPoZHKi@fyvSzMVk5JQ4M?ub|4Z*>6+TIYYeKwwR_)nEePL!!5~UjB
zTg{`|#>~MooU@DX9mgE!uoQ3XtLjTxNF1k9g^<gM?H#I{Bg@_ua>@5;X}p2Q?cnuF
z!&6Sf)#O8s^V=#(<69JWdeyZx|Eg%#)8l6%IcfdcmL*%k9cR1D7Pj=OEvFCEm&pwZ
z+#x+qpfI7Hhf(v6*E5$+ZQi9-ZN-BG>@`uPqACk{_n`fUe(F!W>knW_Re05;Uh&p@
zJKAXHs?bj;%QUfQzX<`pM33A-oGXKJI3zg(0U}7^F=A(VR7J{3fB>#Dsdfh=()*qP
zcBZ7Wy~U!hP3MeLv_8m67IaoVvFgBNV}(QC@a(svVW%2D`9-C^DnG^N$UxaA#D)gF
z`?%$#<7qp;jkcCC(K1HUPjE1msB?iH+Sung)m8s`ny4u`Vl?tYx;a4&4GRT94mF}r
zKb=TIv2qS=;W`Q6zE;;we>@m*+-WBOU54<1T&(h{mS#W32@$Ljy+QyLwD=#bLRO(r
zdmv<eEr=q7IMRohET?&Yf4^<c<IL+?etvNkv$~F##E^3N`wB4_1$&1Iju7Srv!JcZ
zw-Wt0{oyV8IW~P8dzE4Y;2QA7=GP`b9CM4aTMY}2(~8d|buEl*!>(Ykc-WGVOYY5}
zUGiHMeUBsAp;mGfu{RoNzXjDgr0RLVde#Q1Q9zG6^!di*9^lxJCC7+z{WvKwKtu{B
zQE$Wa=L@Ri+=~s@oKDm`7r%WU82wf4Pu3{}tw3V8Nb>%!5K`+b{=g>ZPS5H7iJJC)
zT=<f>$rE3XW!8z}VNs~#wm^G6G^O+c;@1H@DlLD#c->P6TJyR6mVoY_OKI#Hs8lsd
zY{>HRAat*ZJvHbqrS4!*<%-F!!_iRod4xPt5-NEHT~(K>Ym4+UVD4@3snpyEh=Bp3
zfD)`|yQNLv&9bx9(|9aotHA(OJQYa^+B%$+<V?7eY%Y?Ma2GXl(5ANX^qA&CvcQ;k
z&{TSQ-Yml`Tbj6LhmC=-O~!|W+T_r-R<MYxH1c`8Mp~<Hv0~`3#)0%7x0%fcF6m*;
z5V{BM472kQ<x9jSIj+!hS>!}9-Vll>UyYf{H9XdbMf1GUiAb<&W5D6h7cET0&C(M;
zew2~MYRtdhoQXQxcZM_>JA2-z-&eXYM}$OwU*<B5yAwY>OMuddH{Ay4=vu|}GGR{=
zmudEYRq%xuDB?CY1Skk#{&MbL&Z|Xd5`?;tZpEx&Fy9atBr{f9ZgPutz#bFgZE}(Z
zDGK7DlP6BpLU&~jeHFuL$t+4yskN$WyOA~CyY{(BCq6+EqJQJ)g%I%%SwNSz`t{8}
ztK$@Wy{ehSqL2KwJ<*vjPd}k-R4AC|a`7%|G?kc!B_HYdr+Xq*v`E^P2}0msB#==u
zyZ}NH!AbX7X-h!*Z{%>`jV);flh*AWC~JA_y1JI7#luWgoot?YuCqoHw78pTZeXUb
zQc)APdH0n*-tA?ZL_yai^={az5%Z>Xgc+RMn@oo+uUVRsEFaI@1zmFM_T`%3!h>(|
z{q0IUDB;{+R?IQj;u%dEbu5nP6Sadg$!8vPNj#K9Mz+)KlVX%&)Cd{ZK?7MySLWgh
zN`q{+X!?)n`E4OljJcs$=82MmzDA_}H!pZ7I&U^&$qGY~!#lr&RC(ls?{OL`soEyw
ze7l@7_k9WW8}d=yH#P&`2_@LWWu^wWg>EPviR?lP<wqC?u@npcGFu3dVTo0J9!pjI
z;SSRaf*-z+X!JU+klkmG9K6@dvF}S4MlQ7nId09xRa$9a$mOzi`ukgH=cqLu>KQn*
z%=4P7Xr~zmZdv%>?gNN84~OL11ALJiwz0ze>*|ir#<BJ8@@ntJo7c8n9n<oWJHam)
zY3;;xy_l7vg`Wajv7qOXN(39p0k`m%D;SzW8}K`kr<9tKmN`03s++11CYDUD&yV~<
zZBvq#NKR)jWu96F8m_@Z*GBoCI#wz)Sp)g90)D0zRV&dB-AF`uVY`*kfN{_s>%;p|
z(R}<^wU68JsZyvRr;OxwsO!@@U#i#kvVGq#&~iV=-r8)I7Bew99}~_D|Gmq)z$a3W
z)#(PiEOuWfcthrPh0N<a%s7fVi)Rz~j64Ar9gr{<2t6`=wLUX@&#Alx<8K411E+Qp
z>Jz^sU}N=CLGb1m$KbY^L`(3u3dPHay%D>JlVSPmWl9;E=jsUAu0$&XcmF=)Z&~^g
zFJQ5OBEUQ^4#|^H<t&7(4Tw!h$T3T2RL*TGuqlOngN#GIhE~itv;z=-5LJpLA?DzC
z`<gZC3)5L3y>%z%84*=MmOhq>q(0tPWjqz-zWiO#N~XV*QJ{R->VsKY*QH)h*X>cQ
zN<sr0f(Gt|Ir&<UH6e(M3scr#;C0|TGY3MDkiC_yvLg-ro9?K)+6y6mI8}5>AA+}B
zzxU@<^ai>5`hTfWmb&7Wp??;h_6Qwzl}r805N|a@_8@yxZ`0ENCci)Efb#Jb53-7T
zdM>it-R9DF;Ln^K``ePqWwVWAm<bx!V3){I+)Z6IKaJ@4Z=Miy#CpNp^J3gQsXA~B
z&cvyahimt`g75dC_qzJRa^JRP)*q=U`!0i0dVc=e5nU-<nnAh=rBoPv1&WTAMBj<f
zM5bg92=}2%`IY}QnYPq%@x8P7V{mo-Mu?sNHfGYIupyH9_w*}dY`|`QN?EdRQ8N~v
ztbJ}LJ{29|m{WVvxY&6dWPZ`a$?+G9quZzh5KWp-$u*N9H(7p!S}@V`b=7dKl#l)!
zf?cPI`um{f;g7^4N6x|J3(#)P#BUlrr5FrEjcmi>sH5S6XbFy($f>Q0ZkZ5Y>v<mh
zvfmNvfw6yrw$5kx8)_%NkMrcW=fX}aMTe6v8l?iE9y^{8=&)%kA`Q<kb5o{EA=wnR
ze%xGK)2{BN>h@|t_c_pcv3WPCRWDX$>DGWB>O<T_espo!(Bt(vBcnuId4Ue7cSjK7
zuJ+{!4ETI+q19h1w@wn=NT?Dk6;idO^7i(%X&*Z__r^w0x657MEubg(l*5%OSnQeI
zSlhAicER3p>YUl$;YaPxp?%f$V)zwVUbt=X*DrB}F%}Bk{UOgvqSGYR_g^--C-o1j
zD;lDLtm>NB&`9>Q=Q5W!o3y<=CR#ncRU>&NusGIq*fHhz6NJsNxzKrYH0fcrwbB<O
z4}U<UdnV&M>om-aD_Frs=JzH*>)=Q3=+rUs*_P-Z{M>FyqpLIact3DK_)@7NY3;Xf
zsMnylxrE1)mw(2goN&X&mV)ocb|D?6{=oL6*B4EC1~i@44TTR!yio4vb)lp3S@N>j
z@*=`#*!!tc7Gg?dVY8*0*|mUM0b+cRI9l3v8d2auONo3WWJoy6)D6;e6WsT!1OZ1m
z3wYAGUiC0U0Z}@S$2<{X73uA8KL126C+TtlP?_o?Vwb_R^HD~cSf|+9$V8!<S=O);
zKmWzzAS#z#O!>{3Ez0(L-SF9)LopuMi_+1;XAz`;b88ZA^d~Au<m*if>uA3#)+^|w
zjj#g>{4{OZI>wdieO~2IvzuXi^)h0T8pt($OAtRM*Mak*C2mlCdQO7Wv8`qP_-UBl
z-V{M2Q>(PB8=V9_b9v))8XsRjcCGrgvPzm4aK3JoDE8!(U5ggOVuc4rUa>%tt6=r1
z;-ZHiDK_J;NAo9^fS1qD?#p}7(XcaQ@adgpcVcEA4^p>-O3CAS4cP2jq?O>%hdACo
zn@tvo-LTyL&ak;2JMWMW6ygmSY9aNtyyoQ;vohvDoQj$%!>=s>?#I~i`!K<2<gp3B
z<)(V~J<<}&NA!c(#Zqm`;?IaQ*Fz<G-9-vV&NQ;$N8T5R0~mrB!T}U9C7vRw--Z|`
zjK$}jbXVu2nUEu~OHn|N%U_J2i}(yX%a+L>Zt0pG91}#(PC13!omWPTqGWv4MMNji
zY#dWNj?m@G1Y$jAqH-Z?YAyP|Qs0$;$Fm}j2IcRLe!panfDRn@{g9hY?OV!f(m^cX
zH{r5{cAXosGrQ`F&Pevc!5w902+fwVZL3dbav%@GD&EFS*V|0TV2ec^6YYfkV5{b*
zp^t}<{QB~4t|RKn1&Y!<5Vh%U?)Hf+)hlPD?%Sjl3t1QPRv?%%^2>P6zVE2q-#Gb^
zMnZD~{QTSLehqwF|6)9K(r#m{1Ynl(>NYOQi#H7)Km9cLQBxyQnu1?_yVUU)m`+Gk
z_5*9!lG$*65jT?$c+Vd!V#;Ee4&6Q@Dx@Dg@iVK6qpUU*$|*rPqhldCI?ilb>k7PJ
z_bz5#^hOOl#*<rbHzx|sCpP?Xw3bxeREnkRM(xu5f+#+-PiGkj?o0dnsH@3h%Szw5
zOdxqNf4%vl1`CL~*W`qU1t4cP1Oku@A(=>ow`E?Wx3`<YOZLW53@^6w_VMkkg}srM
zIe&2Dn2xcweU12>^TeYue>|gdgevSPlgMv_i7gTqgC0X)*{0RAI-QQqOhkLzB2JV_
zT|cME?yD$cF@z*5%2&~4h|v|O9naiV1;1~dp-V-^TYHO?5~&G(kF42ol6=@mYrA6x
z#_l<*ml8DR-|A$4uv8U)ACRv#xmo_y^{`mm#75Sv_6&yT#5^*KxdfBR%rtgEZ)~~7
zIA}&<TT=x|ms5BJ$q}^Pf`$19zQR~#KYuV{*eM=n@u@J*_?YyE0cgYn-`*j&Qrp);
z@tdcUb8V;V7(ZjD`7D>u|1?c^v5P|AvI$G6{Ge6wXyGX!O7sHK#h1V~DqN?j(z$*%
znY2Y`jVTuqbkJb9G70d<$HtJF{Dz<`x@3uY(&)W*<dwFCm$rSmXWC;qH@D-(FQaMb
z5AnCEaKYBYdU-rrD2dp6l)Imz{H05bX>YcK$J3B}G5cIMA>Bcw08tH}y(GKX{v7R?
zs-E_~pi5m{1JLxT&Oy!7y%^~31AAGO3h1dtzKWtm<wy0mh^96!`%o7Hca<*V=RRwD
zV<WpQ0C#OAw_}<Q3va~Ob1Nq~zi@d<glF`%bm9Idn1k9mEQ7g4^Zer`2E?NuJ?;Z{
z?d9KO9X{9&d36a{u*R`)<ZAB}Tc72=1C45w&&}}(#&SifBU&G{32Mcw-X`ww(lrN2
zm#)TOmm&pK%<-)n*(Z?ghz&Y_vsv!GzBTbbo1!8a$}J_2XU4c5TP%C=0iqUHIO?~N
zt@7GEX2TJkBIMvE;`U$EqHf%vKO=K|oftxx!D8R`jVjx|J*me0!^#o>!$%?xK@hTM
zp9sjG+RW|GGcib-q~02@#-@~xm9u6pMnVjemQ5c|7C0jkGGl#ef`gwIuf51gYwev4
zKmOovtc@+-W@i4yaaBFV+*g8TpLORC<a`D1%sW*8ONxo1(hg%7i_J8Yfg9qkB0;0P
zn|n%^8%)Z**(KmKKSHt;L!+|cWh^3k(j}j}%prPQWNP3<#sQVM9t9W^iS|pWi=9c2
z#hZWc(=-*f?l2*#RSR;$mr<l~%B5qgK7NdOy+yGgenmzCbP3|vGM-cac$KijplrYX
zb58f^-rWDJPHZA<2f>c>kl^;|Qk=Zrkb<;c?J2Ibpc%Gotme@r?3we}>?9qHCsTfE
z=98ydzF4*=o>_;<o2H)oVE?1V5XGY$?5}9$@(z#3So4b7%PQhV&W<e1M{5&2i~K<y
z6Mh|w8+B|EDfC`}9|{u5Z+%Ja-~uV8&{BSr*u9hgDscXHn5WAcip#-uHJK<>pllQ3
zgHQ(W)r_(XuKghUIq<=zrk|&ocQGG&839vXoseioeuJ<*bn2FJC1ecT51@G1@Z`wU
z`WXDwVd(gL9OUs#RS2meZEC+mwRfzkJ9IYmlIjU+w_@r>?j(G%;IFB_o*Kbbi1a_Q
z1gaM5^3ZYm7AlqRZV05Yp`4%QwsZNfmuD^w9g+lm-Gva|L#Eitp!xc52(1*<5#!uH
zBMm_?pXNHCA;P&3vFNW}$dx0xT!dnHtgK3^FHDO$pvAc)Y^K{}|327rrTw+k0Q{EE
zTR67a9B`w<^|Uu4$9G=q>%i}Gd@JfnDc|2K*8pav();!UFx*Y@&kDp4r18=g`|^Fo
zujhjN4<j@>sieEOpBL&@8T$(!4`J=~W1Ey078bwTb7-Fe4_{CRkqZr0yc;t;5RgoM
z0MVq*iENY3zSV{Dn`Qs)XS$dC(&9h+^!vhjQAv%WAF|{RTZ5=#{oEDo7q;pK9^uAO
zDu}Vs{h1b28kyxoSI*uo(!+g|Jt#(+tT4zF_d|=+E0sHT2qfM)l3@HW)Z;_iAc*>=
z>tU2?Yb}OHWo^Ew!k3}%+ZP1NWM2=%Pb=wzR??qBVb}o=)+Z&Lr^t~=(UiUd-oye>
zq?>`H>vk<3$+mTo%2%lN4g$fq;}plWpy0;U!RaFJNJxsf*oQ!4+_kE3*PLv^uei*8
zRL@mvSIf;d_Z-`%_Ib{B{RTA3VE_en1gGZGBL?-?gQysMmoMx`m-B0oA;+=H0~Wy`
zwP^YD)EOj$J$BI59HNF?p3&KJ3n`iJ?p)wo(~I)d<jqFaOH9NdnJix0?&FV2TYPW#
z4ar))ZhZf9mi*ZmS2BhCXSl}xZ=`K~9W^#11vhc9KY+Omxg<SM*h(8AF2{*L%Sr2R
zaydL?cBl}W{#&_Rg=xYo>KqD&;uzP}4VFY61kAtjb-q1ZUGVMZiDScOXAl42KCUHJ
zEen<Ln#V&!$afL~L+!a7@!SaV(pI{j(}|iU|JpShzgTXx#X{OZNt`MUec_u65mNl|
zHyJimo_*qX5vR4#n;3a7P~k(8?p{Xw?Lh`&HxSm>1@rsFBM1cX4&L&;+%jM8B(Z}7
z_S}RyLX)1xAWx$bnJ;@V8*={bbH;8l-^c|u^(W8=u1Y*|uxpl|+En_A%j4_3GB>rt
z`KY(mJso4@clRtty&e>AT22Daq9I|nn~^_)aOLw|#FeLkT>CNIW+xz;=IbhK3iI#I
z)wPHZXBc?Jx3&{z;tS|1Z6Qd^L~BOUHX5yvD5__5bsZi~^1-F4SGe<S!TlrMYiJ>w
zPFE^eD%r6>=E=_6(_ZwE?4eK)Wp_YW-z6LQp-MoJ%EOd?56wy9y~50+IM_iYuI|f~
z4YA`F|K&9wKlqFf#~!YJChtw3N9qSSH~qY$zzh#E5v_JPmwy|70?zO^{l^gun2Yx8
z<Y!}gmVIN6yj}}o_8j$%{RRYc`8${Oi@F0Vb-YOEG?n2@#}_-xLI(tmjNQo}NPgNZ
zfNEiG_Q(%IWF^~80($ONu>B9Fx)w|9mh9gA)SG<A+@MtO34Vs|8Mm+l@tpIs+IB#u
z8pV=vFP@Bo9L`tg;FX#^NeXHh3!96CG3ZQBHvwGvs2pP1QBDon;5UsL5-l^rb<F3R
zPu7wqL{~)&VyM<X!zB71UbS#71P8#CDE3VoS87a>6^*ATJ0KZKx;EI_m9j>pM2!dH
zdOiG<nNq+lRfq-(r7u#-Mcxo1U;w(%W9vT5GN*^V{~24M;hjkA>!L4(9K<8u{b~l9
zOO@&LEK{OwxeS(nlH`t;RtBUCMOH29OjJ_lX6K4auPJC2XLpX9q&|NLXa9?;eSvI~
z9Fuk9=KeQoYmFsHQJtoiJz9pk$9YpvdlN=>ag;o<_X#sK#(OleGZ8^Gizh|}V+)as
z{-5pI8grGzwmmM_DfwDNKT3zC?eW{hmn{u@vX0j3TJRjaU;S~Qyu`HHkF`!qC5SEH
z2xpELIm`$z<wi)}_X}Z`6s&ACw4LT3J*tt%n|BBS23g_HBWB$H9904fI!%bVjb57~
z-*O0sBP#ovx;lo5-f;hN0AwOM97S;w{@%)9+&<KA*i|Siy7g%M!YU$+xtpvdAVJQZ
zjiUjFyFLbu39cU%gW4+{;T9TxY+3IlrO_h2!_-#AxnUCPM7Kr}Ol4w^hxgTBOYXG(
zX31otQQ3y*uMqHkYCh=8as;(LecK)5A`6(j8A7C;8#4c+n!V`{3%u%htoU_2;pTgu
zDFg~<vBWTnE=!{TLJ?^PaWzp<!oQt)`ND9G=g_c|qZh(U=pzll=>$|BS7QR+jKsL9
z6)&6=@aAp5aicHfCCP(4B~@LI*$1|Z=5mS&Ayj{cu3Tfb@^;15SbaYmlz71mgn$~4
zkogqMJEM~=Ob8JtN*I|~Vu}wP@QIQF%zg$-4vaodI+}c2MWzj1x5)%CN7J{9f{-9}
z?Bt>Q>c{0W6k-osFs_7vZvckp{g3ux`=?^@<dA?iu*s8C5(F%`spIqR47Jy?B>wBW
z(Oy|;Jpf?%W0A?*U;?QM)Wdu}@Zz3@-A;z5(?G}$Uz4r@l3XsIWnr0a_l%9O>6`i(
zjjy2!7xNsiYABS<OnwrgSl;U3$c28}8>yuN$6{zV?{xbadOKo3lbECQFPZLtfd>lI
z^yKlw$+!SLRPl_Wj~PMsrpCu4Ahw8@b73(J=cGrCo-4pxU$b$XEd|^pG{^YaG&yeg
zs1U)VF07!xon-m$aE(|kNF=pE7wl`y%s&t`&zxHAb5;}feX`P7I!lEa#@b0pHpo|I
zUbtlG#ZfPGtMJ#5!{BCsd`_-GR%xc~gd#%vzLnx1wD7~yME8^i%Lm#1n3)R~5~YQG
znVkOmtydymut1M+%wWG9<3Rto2@v@~VWaqCf_D{?|62`_8$b^sU))qC*L}uw<8WqW
zNQG-SYoG6ZJ#)v#6W`$q_s1I185?IYaFm_LN)44A4LmxXvddZPz=8m)2@0&cZkn;L
ze+jFU*j(+nJOG_kg*fVsR<%;`M)Z$k+fP3$nw%W6?+N&t1Gko_4ntw1?XqbKi-!6r
zSO(aer&*%BW<JS+Qn|84YNX#>E&i&&Avw)#_Y^PN>y>L3zY1;wJzpQntCMRY_6-{O
znP+d>KbHW5ZhP38iI2FOo_-T|;9Km+uwzIyN-{=BX;|Z_6d6G^FH|Nh3p6C<hJOnE
z{L34eZwU7p3Gpby=Jj&QBS02m)o1s`u#%rIY?JLQUSTW5B{raLQB@whAJ_Hv2M^Cv
z2y!^Ei+WDJP)*m^-+o0!8~BO+VHskMWPNxO!yy4GwjB{mzXyoZ$!rLI<~%dSA`oHg
zbD12Y_}JnvRtHbt{%gfxHTWKw4;Do&!Bl6%qbZ2B))*7Jr{G^sZ8A5dH)yuR7^%H}
zFUr>pnw*Al2V+3D3JvXE)vC8R-`A3@3V-YZ(mSG)EV^~6drBj~qw^IFmNopS`3{I|
zVK8}mG){wlW+!dP>IT{H2evK+?GXx5<}wEWK=^qd<AW(8DO6G^KINQMzp!kpg65Xe
z-!PfAjCC!>$cS<b^zB%xEBTI>cotl{GV=(d-dsSnGoWeD-&ea&Pm*qt4c;O9l8JL!
z1)tX>E{i{y{^~6saPp~LYd0@`m~&1NxR9x!y0@6xHltj8KQAduWpcyW|C40@UrKEc
z=iC!S8i@+sQccJU-kf)IY9cu?`1q?%@K8z!3Upr;F>x<>yLTI~Gp1Y9z~pfj>({Y=
zjNeQmN9hIGgH~EQE*IQFgFr5G)F@>QAwL=~a0JfmoYrj5@j?XQAC~g?e=~lPYW<b{
z;ZFDNXJW^006mb<Jn8G<iJg1hz--dv5|!}HF(s6#SVRiAX|+xSJ`|s{J*>5kNsJ_Y
z+Uz-Q2KWPy3MdYH88zZ~o3(Gc6&lN=LoPx(avvvfw*yYg#KJ0Y(zdv}Z;#xA{Ymq-
zpcX;5@fnilq8BY)(1Wc<FOYm5WS+w50>iE?#Dobt^39I1fyL?jMNj^brt{m5b1pf*
za>x4y0JNXx5zA2<S~t-ot)9{5d(Nw?vwXb3K#4cC@<A(+MphoGyxfpo;0;vcX|r8^
z@v1<U_{_WH&8et2MnYfsTfBE4_`nKjNzGQf%w<ipA%BswQn-s@NOzDL@&-%!$Yfrp
zQI}GyQZE*$LHpg%V7AcElM^f%m}}fM!fwSKZhUILb7xHRMbZUBMb+KdhRH`JcK+Vb
z{z*-&5+H|4QYVwbf>UmT<mM9Ix5g~d7whBK6OI5HOy~7hQ9;rRyr=(-)U#bAg0FI_
zBrlS>l~Tkc-0HtLZ@OTsz32diQs_H?3XYpsg%QzQrJqBY{4AXksxk69+?I_H=Hbc2
zd8{#?pMvh!vV<LHt`fWkF|rL>iiZv;t-o_#Rgv<~x*2WIVQI{o^04)_ZR06eO3&1a
z@mqZ+qS{>kYFvZS*E<lO^dX}Trgi%L3(1~S$MDn+3_4XPbX<9FLsDIH%@nf2UhzHA
zY8?}9#O9~Qks0$k&r=zPv2#Fp-qyGtW*PGFG9Rjvx2?1@R_HH&ozhn_Jd$hP@%Cvr
za*6Dd27%h8j<+s)AYM+sIBeE<>mt<<A&o7@oC2U+e<ge{20Z-K0GMH?U?_qjm_qO`
zX4Czh8L*iR1ntLe`8^bBMlr`{GWT&|t$kJ~Gt&QFO6SWBzV&EMVE?TLLneQ4*Lbz+
z_H{^J=3<;KS>xxL>n}9`ueMsbR>&<)^YI9Qp|mvd!NK_J`uF88oX&eZAptVD0QB9e
zLO-U&=nt}KQ8x0qMiN%!YbilkhZ*F-HylvT@3kc2jX&ihgU-NC_2Byj;UkW4EuxG~
z!;<%Jk4YOCo_|LNZc<eBt-agv+KK`lRq5V2!fS5bbub*Y0o%{KR}MJFs_}=230T9-
zBQo87RIp>(N2*US9i{MaA#<-2?QaN`i)E9QV<UBApmD>L%zpV6a_2gRy*&g!Fq>!8
z6W(*M%w^vnt#i+HbP+!Fwz{hL(^f)GN3!Mz3`zK_URuG3$)8x^MEwGHvhqrw43Dc?
z+RJJ$?$ClkNp^v0-(CT5<-SP)bKUN@YuL}n9GEh_M0g$8#kjVuhbs0{O<|A}(k@X?
zc&E2#sImAPXMdFZ>F&S^ahF)Xsl)b13yncUtv^0S(y>gt`n_FHh%t4xk7ZWa_AxMR
z^|qIoQ2FTB5|C^KWaHd3pP<o+ZP?ff^{Ce}!v0A|*_R$C2YaGIDN=ti94I!mopiaB
zLQgS=jCn07G`d^|D1nYmoHQ83qdK<z7+coW0s+N4mc^b6!68io21#3hNA#z65R{`|
z9`~5+L&$0gRh@7pqS?hQkbN;iW>SpJvDCwi*BA*)MXM{bukAF{&HW@8GYWas4$Pm(
zB8+U+Zt`hz8J~=#Gt9DFkIG$LR-W~Q+oj$FWoG{38sUJ$Cqwd`H_>!dn%DIYGG08~
zzm-RP5J*>g<c_=2wt^NF+SgfEwr%>Ai@q$-nx@A<1rqsUB8K$*^-?636ugTy8Wjz*
zLBIXK-sdzkM{x+=`34CrM>4bu54imVuK%{|)ahU9tlm*uYFyCPWF`$FIWclFz3<Pf
zr527%5g9$tW_CS(3FV4F=x@qmAZqgKLs`duiEB_T{FJ0c`KA<+;?kHWf+l!<B9dY4
z<~;k!g(B%TKKK$#W~Pv|*76=OzMALcR1c!qI~9>ed22Q#7gc`rVmJ5V+7B^KmyzU|
zeJJAjO*|q?bg|7Nay+%(aOg8Gj!OQ#6=SnSF-sibCPfBdkkyRdg$%ehugUsad}IB6
zQlhPxQ^1W%iTNbY;(J&F*wgj*(LH-)zcPz8=Gh1O6m=eo>)F_w1?4AN0}CHm44$_T
z+o(jU6jN*N?_AL_XP_3H$?W#Yt$OMr3oU=GrJ*>BcShw&Y=gqi+MaEz*HfNsnFIll
z>CpLy&Ea@bP}clXAZAtA-0Hg;0bh5mlR29tBM}S@6?UJO_$|T*HIEG)j%aGJP==(9
zo6Q7fv2+_*%>Xeq>9ke{vIyXlH{uIkYn_;J<J?sdpLJs4o4+5bJ}WAe+HSJ(uZq*T
zq>P?7F;22`U3}nW!FyQbRy)L=LE=rF<&aT4cr9MzQTe%$c0W!QSJd+DeAndAk!z~h
zd<6CeQP#|jjzcw+>C>t_J*0|IF2F!87jyHiv8K5$STl+2m!PZDJo&Q)dl{o@I4te&
zn4b02T%XUyx~FKIsKqfwRQjp(G1csUt!5DnE|-&7Z(FYxB`BJIngL;TUt%sXA7|<9
z9loDmTtNF&p#kj|Mn=+>8KReIdDC_$+bYLAh_08D>$eVVBkkcRw(r*H9<~aS%Fd|r
zuPwwP?`b)qXhw_a=n<zIV#>N<rd+{qN%&Qn@+3R63I&|JyC&^*SEntM7UmbPyqlK$
zyv_6(htufdlT?=G8T=qoVw$g%+;0r^F@E{!ooIc7-P}U=WbTt66|XWkXi_hfYGsf%
zwuDFxoceBFcHV-btr;XN*ouxfvM9@&cl7QXsXGxsXFPoUWV?Gf7`z;IW}Z6`&&5Up
z*Y&o;3=PoJt88p}d_C)YxNJU}W)LVpoZb_;^tajs+QuE;pW)GZws18f?u&jM^3x9X
zhb%|2KR^yk--j-`E0|?pjXA5SMJ}QH-o-q|3X}Q-hcktHY;Y5)zWDN1K^?+FaY4$a
zIwsbi?<Z;$n4+$ht$yU0DVK~jJBvno0?c23;J<l^X`+g*7%S?(!wYGkd<kM9IAz=Y
z+Tat)es=2=ffN`Ezh+R8)mk>3#GNccidw2?)<;O*Nj1^?1l<jGFMrI6a`yb;OHz$N
zGU7!>9`)7COER((dg*$9I`Q^OAWnBq4}q_4%etC##rc?xIN91{YJf|>!$IKiS95Jp
z5ozKHhtADg0u`#T_)n6)c##E4ex&_NMYSBNKwDGo4U$c+&BWbeB4rtj2LpnvrI8;$
z>Qagp#=D<{fvfEl+|fp#3C=(0YsC90US4=@0FtE1eIqFsP5#~-BN$H48=`6%)&;nr
z!cDwQE|6(AeyqmR($6BmataU{4YKi?Y3+oW>Agv!Kh=1G_xGSx`8fW)z?%ATzWfP1
zo=%SoQI@00Zdhb`Wm6>Y^Wc|&2pnY_G`;=LpWxHj!nx@sa0_^b*4Zvm1e9Mtu#f^%
z(s%%TD<=Q?F93^To#MCVxs0MhnDL9v3>^@Iqlrcj$In%3S|<b$)TJ>4wS{mp5WjVt
z`Gfi3kb&M1OM@$N*_SC)-v~GT(p&jlDc)pv4FT1SE0f}i$={Q51%yr9SE{d1wP(~r
z`64QajFHSGYx4L#=?6?vWN_j4>M^wEL&hBT*Y5hT$|zLnHkoFs({)m3Eo}fyHS1E+
zA|57bTZ+-$e}xSbMD||tRMx##TP9Zqk^sD28s=9FEcsXJ0?bhb_1QK=Uu4_me7&^R
z632RlFROQo>-AAT>caORBcTop$lrSd*aELO%D)cBW;+Kz>Lg)cDC;>I%UX}DNu`&G
zu<^qg06f|rH_>KI#0u`k3t5JwAAm?60+?t>`>yD58;Y}7$HP+0-E@BE_VOGEj`O($
z+KcB`p2H+<w7LUi6nV{o&hEGp*=r^*^bQA^YSxD>`6Bul3h93Fq^x<Y4CJ%=jmwZ8
zq!0a;PgpTjHMFG+7{F1H<{3>tJ%il2-gRlvIc4PQ9`4^I7V(5zI+V7<?abiOOg+=5
z`Q!}1#NnnaC4G;m>Gf%^URf627AKDJ^pFbynAtCe%INQ48Z<ex0FUXlz>C(aJ`2#c
zR_m@C<UR1*kDspF3}NSkR^(Mz1|$2S6gwaXefN-kKRESW?PKLao7WGs?}2Brh^8z<
z^*@7cUHZMcr>wTNhS5gcjZt=jhjAF6dJa+@%ZR<$P)7Nu@yLhc%2Uqz#FVKl9bKfy
z5_xVpA2^!3DGoCc@9FE<HA`9h(mU?T&O-$qzkby}84omf@==m6J!wiG)pgHN=b4u2
z`y>)rZ#1QVWB>DRC!%BC%u}jBwh&LHc04My|58AU8E+)A%{EqZXPS>X|DIR&(8u^5
zSQp~dn7BJ^_AWn^`GH+<R@^b_I^OrTQj#>}7dhem5TVbhtT5UY6je~S#!!e^Z>1=L
zcu(`MxIzcy_}*L=e$^es?;b}q1gsT<^xt=Fz@>gf5{tEMa~R|<4bV0=kn<=;+%6vB
zaEJQ!CLgIb$Iw7f)oCc(KoGllwex0y=2gOmmHFE(qkycU%BICiuLY=+-Z05&K^nS=
ze-Z9em5-giD_g8~K^Dp%Cc$=;7~$A<LKYj5F7nL9%7iB-n4Yf1I$z#31z&~ADWElq
zRzU{0oZI7=%(br(S?Ba)-IV=A9p~%JR;=uP!;&>s1M>cMN(XAgS2LS^bz<gZQz*qT
zR3@djWxGZ6$ZrX>6;0UA7gK3PexJ~&AWRLkYw&OqeD-E8l5i%(w1eyVPVb-t0`pqU
zOe&3s`BJljrs@Sem{*bL9neYE=;3o{HW799IRh<o@PY)Aq^fEO;$+kX09^^npL5>D
z@cjK|37WLo$B)Y<{%te#44Y_mIQI5GBBJdKv*FfgvRG>DTTGwCo$A@2&kh$!gGdjP
zvnel?I`5G}(h5<s=uaZoiAY%Ee@?nVgow1v7`6h9a|50p7QruGW1NU-wWsMhufa?x
z&s>{`9%kK*g&_t!Zu!pGCW8HqDEZxGnY(`Fc{lnWLB5FM=WVtY8<GVrv@1M<egLF1
z!AMG?1AhB8+pyR^$=2aWKPpcl>eTHpekpm%?CRE{C0R|nc%g73DWlkUjg`?`#P~ti
zcjPLGYVLQhMBdwN#h~(HSYVXazf_H4qeYP~s4yiSN7pk(&B#`(M42h+{O~pAEYwAY
z#9~}gI46}%-jVu9?}W3mE!O#&Xgt`#CQu1W%XpE9aCjB0q&kqbK!+De%NV0rVry~v
zRhd5Cb;iZn@<>1f<?kgPfu{HVWOg7P;@3bz@@>f90i`T!fv7z0Go~)amQ-G~W6K|Y
z{xmWAwTrZ;kVnnF!*FJ8oeWUT^9qfZnYSrUWK+v8k|XdV^ihvRB!aCuIU8aH&bYFq
zR;@@1I=Uw|{9f69_Yi+vxjbp%xH!tkmzrto-Lqu5wI39v*l<Y)SN@07izkH1FXWT>
z&xy7RYkBrfKnGgr_QqP_sVgZ!%IRtL<eGnIN7Sd5|7~U|LZ{nkV5IJQoc<|H4N?`A
zF^fRWm<(M>)<OSP8+@6#az(M?c$6LL1}(fg#J9Y$nASTvc<^|Zy@wx)V|M)63Y_02
z?7NJnkcDS4WS&^7pV%ocnCVptV75)MU7Hk>95W#OCbAd^m~Qv0bm-!?qPLrF{YlG`
z+sRd6Lh)C8AeyY1MZi#dQo`a-vuv{70Ht^3Ri#zS%UQFmTAU1HQBtME_L1MI+{R~J
z?~LcQza%*xenD<KU8SCFu)>B4y_FV^lN9UDCVi9NyakMO<eX2@)*)<x^gE|~^eMvX
zO)JYs&KC<gt)(Cz&dE(We)5@!x)|NwB}(F4;S?EAhL^sKbS94AZ+Gc$(R7Mt$Ht5w
z!(yk7nP5zRvw`;!HN+%qFY1&2sM2~uTJWg9HSsPM8+TBC08M-bvYl^y9_up^e*$3=
z+U?k=GL0!JB|XZ%#qBpKTZY4*@A@MwQhgMC$p@ZEEJ@R2h~hs7F!***xY>M>S9o`R
zB!%i6CU3Uw(8^#PF)e~i5%{-TjxL0gC}3|OvZ++Zhp}AnOg7H`jH`0pJ99AqVtYyK
zA)m0h7eO7XNs5P;FKQq1RFB=Gu-iv9svM((M%b!u<*ko3i9BO<#$8w<cYaHXc@yxE
zI5TOXm`r)9ba}Jl6GSe8M#G?tA|5|Esl5>CoJg%v2~YUW%{ZhxYUXs0@l!vBm}Z*t
zn=uH!*9k*r@1{{IB`w-=_|6%{(_NC<(slQW{x`(*u?&9RW%>u#OJKw0-r%i|7Zw$g
zSK`ty@L^LuPklLZ-%pn2uq(EWZ~ED4gd@_G`i(TGvZ@nkC})akTV`)cN>E*Lnujd$
zvJz>1(VY$Go#<7Vzh!6rO?@um5DngeO0blVo{J3|8_8+N34wdcmG1cl6cg;tC%>DS
z?M-!(62gF;2S>MwWN-SPlySQ$<_G7==dSzzz>ek*uL-SKeQ-B>Y;8X!?H)(Xe^}tL
z+KM<8cx1)K^YOv-rR9Q&H5)$gv*B71-iYHv`_w7n0B2}zg)b=--_MMV_@R?c3tzH3
z0-NHsS`%w^^SxNpwkY_NY(>xk{QRyw31-TVTs~CC>3fsE*iuTS_BUXRJiExWCA-+X
zeQ8D!VzpxGm8_A^FFRt7N^iO{f!eWjDM<$l*8_pF*S$g}f!utp#u_0m%?KN82gSCb
zNpXD5WIzE|)VkGg?##LBunb4ihKfc>KvU-03)KBT<EmxWD^cPTR1I|*S~}N1XH^dv
z82p$xlom3TQr(i>TJLQQCQKlx3+^?opB2zbdEuMMC%!l{w+s*4)>6xC_*I5<yH<96
zmRaG+;ZM8G$c!KisC(N@`jz6owcf3A%<)_8d8|u;V&M2|Ljz7$%oQ}J`9$y6B~OD8
z=I}!W__e$j+RUH(eY`J9t+c{%ekaNnN5?cH{YGAM8;wd4w<O#I^>!MWT`^tT4oQE&
zi6s)ScAqqA>h_d^{6g^4%p@_J@mhA&ogEA{Hj-iiC)-6;Wyn<Yb_BS?5Xr%ZQt#Ou
zqVF7ZI<)2vpLx^y{_Pk^c!DJma%FSpGGjAfq5HaLPIq3Pb+kY&e#`*OsdpSkX-<GJ
z70Ppp7HT&lpYx8hT?-tlNMeg*ec_wquynefennc)m^i21?Bm$v`be-l&~f1<J2fB@
z=1s*rffkP{e=55?IqW+q!rJinE1-G;aA~-$Q4}Orgvmm=x4(09FMg{FTz~RAm=awi
zC8K$}H1Y-K2yKyJTM+8mSgrelQj;FK@5-Gc-(a~<kLOX`GYkQ|x#yi%AJ+}+5nhc~
z3Q$xd$nhNzqgs#Z<5!#KPMRq1zIvuJjC|oB?`H}?kr7d+F7lUA?$L>rwz2&*dWmSo
z!;i_~o3w#nfWCNyc>Eqe_+~9%yJdi9F(DfT%6;JiC%t%F_}OUP0ghN&qQD_eH}05L
zswy-(a(WuJfGurf;3G{k@$y#9)2@l|>2d7>RhK8tWYR5Jl0HtNX<$9jq|X!w;7>BN
z6NH)neW8xndV(r@&8L2$;8xC?x>8-;y0A>0R}V^(JJi^t$WJ!zv4j6=F%BieYV{QC
z0!}Ae<u}iB;s)2)Ew!V9Zn*}G?Q9LbzA}BIq_=WR&Mn52m#n?j7~u_XI6(1!E|Mxx
zrv8(d+zsu`bMCei_C9XBKj{JI=H`yeViRf=tY~%Z-Y_0$wf4;SReDKl&iVe>9p`U{
zC<WJ!nfO8}k8g?QhSNt4tR}c6_o=pAKAO*Ke0sbp?A)I>xpm`ezaB~2I0|bK1>1=~
z{xEcy@#SJw)%@*=^&KIKFc(;t;t~L>kNoo1T0YkcYSWY}jdn)~&$D_6@6D#koxX|Y
zit`k3m(OLyc}M{Rj1O9OI{bq@-b7v~QL@oHJcFe9B2}Z=kR$bvth7G<;6p-_074V)
zekz-XGe<MOzJ#BWY1qP2))N@eN7^DvRg=|FCyJR=fR9?B^I}#siN}75@S`leT9^k(
z_cYE9PRyTNFY5+B*Cu%&X!P$57RRWNMVbi(aUhrNkl0t&H_ysy74tZflAMz-MPN6r
zF;Pf%?9-?;Z$+51B*iu9wYMB@)2J}%CXu(6DV9*kzC^vh#H8g*!=<IAL5~_HmM<p6
zom<xY4(ZtQTlFD7VN6fY<j9PSMfr8b#p#>$sjDu#UR<=53+6rgi%LwhzemLc(=2^B
zx?4q7Mcz5E@SQ&vB{|n#G~vEymCO3swXPogz=oiC5`je)(_4X~pp#kn(PI!dMB&p2
z+;gWX^5-z|Z%EGYRu9<&kAO?A$U*F)MoY;XbS^`0?Gnc}VTV)i_0LoeUlt0}`?9Gn
z5=-ZrJskC9{MT3eK8%nb_6JCt4`->(Z4I?Feg&S^ePE9yD%c*8z})pcXSZWiDlH6d
zM>cG#8-EGqENu?3tona6U1eBXTi2}6;!be_6n7|EAW+<)KwI34yGxMbE~OMF6ff>h
zaCZpq?hxF9e7X02@Bhg2oU_;7GqYyRwtciK2R^i684+OEZ|Melj4HmAndtVTK1RvM
z0{FUjO9&j7xjF{-q2G0pIo`m?D@T`&1iSNf$SOjLdfDJytcCu4kuw)9BVhDusi@Bm
z>kW*0sS?y2^#5)E{?4+7q}Lft>An~Ieo%n#t<fP2CK{Rt@zZiX9^;fYpIqcDQX3hW
zHrj!EH=b288Q3Sd5Xe<}Q}<8gUtA=)gviaO^NGgnJM7v&#-)8lzS+A4ow}zq^Ra{+
z>L4ixx8K3rZogRN2oPbvT=DPZj1kR+etKyif3_}~@$~LdSg?z0GJ%~F6S~rAB5b!E
z2g`h_#T41LBRKS2@ohx5AHrkdPj^ZT16#wigC3LQx!!ZzhPp>D5J!mwO@_y2`#Ywv
z3`%@bqF{I40=`k=M(ZFD*G!rV+6$bLZFdql=n^BI{ggrwsWD^t-7>uN@lyumS~An;
z5M9RRMF>;8q`q0abH6Bw<$D&pZ;OpY6vzik&;pH>8N=o}BQL5c-4Zd_gdD<RTT!~C
zYdcL$0`KQws}g<UN7lOy#uc7Py)xTIqfv6yHd%PWVVXjgn>>}gJ-hk&k9XMrLXHZp
zK*6;;oQ4a3Zt3^U`W~~PWL9?7=_%lGY?>cl(P%fZL23ht<duBDu79#*F9L>}q^n&*
zoi`_b1lr?d=4NmJ;EB{x(iDNU?E&aMy6X>1fUg1kjYQ<|RXP3u)l(><$N~OG?_9l@
z-oZaGw5NTbZ0d5qhIY_)sG@u~LQJzD`3Iyi*`3d>&fBHg+nxQ*fXf{9z})Zl<UJZ>
zLU2&iW860%BgNB!G;S6!PP+rKt<O|%NPei{Ch<G(=;(#kTM6vA2$M$r?Mu!1pm=Ap
z%O^;{*Ur`>n3XItg(^jbJxiy*z&iPLL87f;m~Um=!XC(PxO)F!bSS8+Nj~JujK=GR
zy@fB*bt#<a?y{Opu_%gYJu-I5Y6k+Z3;L-3Fuo@tdZs=gQ^8!AcIWj<cb%P?|5`t_
zNGAGe_w~d(o#Zd5z8|xhqEl*y&fZN{>k}2hlb+8F^#6WUhai*`!XNE<%;^ndt6P$1
zvhp7#d+!Joy<hUrBHFu7i%y4=Q&##lR{Z?>!n>`(M`Js^X`LwAo>F2D!H<}g`9!u+
zF(3xJ#||U-b(VWhl3(Unk_)1vlB1}_|IxoSE;=6HpPLo|uR_+?Z@#x2-~Pc9JN>Z{
z5PCuac-sFNK|zEa)v<@c0kACUB8SELxk1YHHc*DK0YGCJEDZR2b(Nr4ra7#(!&bVP
zrrZVloo0Q?iY^cnt#Onj`K={mq|xt+CYdbN#m{EX>tkirq>2+Pfdf#>Etw%VowijI
zKloi>t1sHS>!TJnn@{gkJ#K$JyZqJz*+;4zZcepgYW8(M#$O-(!9{gp-{V%x3K680
zOeW~_&e5=vxsF|YI_^py)vz6jWI0}FCOdAFF$%^G7}286%&8czziNJ*sVqXfOPYHW
zokf^3cV$VX`y9H=F+Unhy7SQ}f&E4P5vtaF-a8bcGPIti2BDsmT#U?C19tBPTrj2b
zKC=REH_0L&Mz03y+q7AeTWEx5gU!y(DKlNUZ}o2B{o(B?c#N&tqdY`;&8(=O!JppK
z+G4NHt6=}=L-n<caJbp1ct-Z~Ze-JcH$z7u#A&SJ`}ny@L(-e&i~nP!$Xz2QxT)EB
z*sWzMQk7;0*9xzSjl9q0iw5^xQoy^yzLV9KpHAPX_^XaJznWk_bUMNPp6=i3)DV1g
z#hE=MYx4~8<4p#*Pg5vi)LEfakcli=Wj>e}A7wtTn8Do*ntEq!(7wSnLp95G@tqVz
z%)JFygvv3rRwpWcT<7@tIo{K==9?_*d(;q_jY_1~nSOO!lu+95tq&#)Aq*Y<IN9Ba
zFZw*#%Zl{fr@GRW_1`2Thke|B?K&aKQlZuDj99)x4BT;)UuFK>G@rKDp#1`axG|5G
zKH#7E71tp-tlk#8<{lme&lpcS{z_K%P4-;*i@zHgZ_`BQwymSRQ%R-Oyd~dQikw4>
zxv-l%H;;TFt95NtfnsD^!QKLczcU;NV?Q2TEY&yJEJBy<dSYlKmZoB@!xGC2s}Et;
zh;Fn^&D$+_ahqfC<CtIFa!94;5i8={PxbCbT}`$+dwXq?t)-^?T-Igrbts;hNXr&S
zyX{`*@Hq0>Q#60{>dr#_hqi@d-IcvPMb)Eyw6?ko-L(mGJ;=9Z8hk5X&yZzd+}tN^
zb|jQ3Y9@MN|Lv9$`rF-Ddxbl2#?_*;3#dOT`>R;+eTUzJQuctOL7(KeOC{;Q50d|K
z;ZqSD#x66Lr1&f0)}x~K%bFub{DS=q4I;a<-P(S9Gzm(#fV95DAOZBf4iZ`|jfmCY
zwpawaWkO&YZaVjr0`y6SPp6wxG~@(+;z*xm*F#9?B)c{I8++@$Ju2CPJ+eSo118sl
z>UvSc<R7vLv|CzcPM)XGZpijhDv~N&Ej=ul=WoJ(CVw<}n}VaZPQ0>c;9nt5fQE~$
zbiUGT(qAV6wH19Fo1GuQuF-)<SS>oq6az10i3nThJ?XN;#SgKcyP8+9W}>xtYQ8LF
zh_>{LJUA;DHnl9Bz{A}ZA9rwu2c0H3hFJ33zg&_?Kn(n<#t<Dn^XSOI<FeTL1+p=$
zxibkPqASMK6%V^{w>8*-P~|FgP=3)#B@p=Z8xWP~dEH+;u6=X1F(>y&qup_BBu;#|
z^JhT=m8kDwz3*W_NfI+6Tf@N%sm^X0;Va(t^A*olP-5(P>vT^s%VPQlUrEbZ4|=EF
z$FsVJwQ330;8*c<eA{#P7kQ*v#qpb5@7FKqo>cn}+)si8{_2RHs7p~U0SxJtQNrt$
z2GqMikNY41c*e7tIV=QU3ZLO8o7Puz9Xo>{Ci`u6+NX{BRmUOWJYrH~Fae2fi{~>#
zlFmhT1@5vA#|^>=8{7O6S=y+Q;EfSb<s07j7^cK{k6|b_mmn{OwYQ3IE%XgOQAFA5
z<ckg$R#h^&dzajS;;yZew?-7O2@XKz)$Fth{vy4#p0;IiMcZUd(%Y62i_%zBafMEX
zRVT>Z!yi58**HCSziM9AfYW=;G@lD>A+Gy(=kz-H&pXc|RtR4}HFL7;vWI$xt)JU?
zjG^<Q$0l~$%X1a!r~ppPY^JEVo|%w`{&t;re}X$Nnf@u@U4O)BlJH*egi;d~e}jgm
z<>!TOEU(h0Iy!SQJ%icNUY3|pgLykWeSQnaA2I6dH$45Ph~aF=(ovs~y_=57g|B9W
zDMbE3YIA`_yTr#b@awmXyNV$sGhK3^umyZ&|KeN=`Fh#jwo75`J%1!oQeR0`m2h;Q
zVFYQau0dtlKq9OCkH5kfP2VHaete?431I2?av!nv#=1j8=DmX;!Wp0(nz)gV^pGWl
z_Hv1~5GMlAy}1{G{3fg20Vcty@6cW=Nmg!I_gf=K$s!X}0>wI}ta7?-#`z?yY(D4h
zQ>^Ew5=s_CEFp8bM}*xVcV-cj7EvgR(mg?4Zkv^#mHI^}+(50~Bs5^(DI)HEr=sJ}
ztiT;YOQVf}UT6ZY-VS}2xtfW5&7RC$G+0uI31aCnt0Lcd+1CPW-f|`fsR^HLvoB&m
zH<k)E2Zcy0<c_Hn3$aZx^bj5O*Z6hEXTHtbS>JT3$_5c*F|TuQ@Qr}@hikMsn!{mP
z!iS#UgYPB%w|^tjKmNn`Nll+4_L!+O4-S}1+Camw%gf!PAk}2ja<&Co-h6>a*kiNT
zaiRTjb&{V$zjS3ij-E$H*lSH*;sa5~z<Kl5>RElieUy9ZlP*bqYyQ>dNx(z5v`%Xs
z7j)NSjmf9NUc}3xz4ftH@49mn`9aEj&%|~`P#6w*U580_&@1vY*g>)kEnq)nF>xM9
zsb_LnjsfBXtG!Xiv&3i_01DQnw4wiF2N6(5^nuOgPn=X_R9_h30p{-30J?GSg|GXZ
zo=4H%#BN)TkQ(K~BMwuki97cu@ePDfaJRX{d6u*eInQ0-feIzIj<s+f7z^?lpLNA&
zLp}+D{q5#dR9@68W^x(o#O^It5rZ)T`wjJ9CAJRwuq_%Dp5S^fIi`NvVZ^$a>L|v&
z5ZC<1^K<c~jWImX-enP4blHER8ZC;CccHajx*`@?CQKa66ZkZl^XPVroaP-pTU2ai
z3%}^%n+vQr*RR){4X|*c#NH$Z2+Ec#-<D3gF<eb1{reVJUcGzw&aIEaeeUsQ)m}+S
zX}2gDo!($n?XPW#q>sn*juJ6hK9-Up91SJSO%!+-yW8s5-g>{gxciQd`r@-)-Jg>j
zni(G#o<q~-m4nK!hiRoIBxaoH9lcGzJof81YuVul&$(1<RvR;cgE2*n(U+rc59%KO
z<;QO?BdgKrlBFxK2@r@^KZNhAQQcr?l;OMc>4|O0Pa0#}m)0B>I(GyBKwAo1u!Ohk
zR=vFFO&kt~hZiQJ0dd>A_ZFMAMyq)gn&wle+#6tXWB4yeK7&=`G&`Hh51Rc#zTbyi
z@9rRcfevQ7rd~0My~16nvA|a%X4wo~CQDJ2UFDE!-Y7ybR*Dr~qzQ=*JY%?*9>P~n
z<BQV4@buMCuq&}yf~?o*y7}<)QW8_pKRHP={P&fltMEwnL!jWvu}*#73ZG4(Gqj+R
z;M*PXa1?A_aHH11M+vk0-KsNfqleEV`Er^i5CS49*?o83ttz|W`Cq8O=o|my^40~B
zvv3t%LgVm<B16T$uBw<ZXs?Vt3_IV#P1+o;6W~oUM#+rIcbn1PCkFZ?J!chPTdv3{
zu9eI#)Y6Cjh~HNri$~q1TT&P|;nozif!2vJ{qIgc@wMR%Km9#_y8mvgmW+}fg%G+1
z_83`{K6$M47EtDzTRs?P9%%{e^j1;~S(TbdandQ9VCT&FF$tbPzeGO9mo?U6ChpC>
zO!3)vU#)%VCJdH}H=p<=`Vhe1dP?as)-)1b=i~!P!=aRU`ZZuYjyn80Gw4&($tWLu
zT!roGq4622unKcK>$XYm<E=Ng#Vc9oDi7xxmg?*E(fvHg<Z3$3CVI`n!j*^fmL+cO
z7Wb&K#+gwG1`cNSBypC4QVB-1buG{}&Cn4$Hdn6jFPQpPa&6AdxgpO8Pt+P^d>M*I
zV>$aN5KEBbDR8K}^}xfDYP^^3F`={ipA2t~xJJO*MO(<~gA*zgdb+j(5>|wZ<S6da
zZ|I)llRqkN+bfF;zXTV)6IIzw+ZsJqP|gGN*q)L{Kz6=dUMhoPCB7IZFbSGL{^npE
z*76iGf0(%0#~+_|z8_8qKynC0S06nMiwT@+c#Rabdb5#AfkxWa5sK8p^}){cYjEk0
zI3t|k;h#QTe3)FF4(|QVsNGXLX`Opx6FxN8lbbT=La`t>qf`<pSt}&!LgI_O=N+=t
zW0Oq1V=cg<s2MU>0M8t^WvwQE&CbDFow`=6d}&DU^(hQiEdh!jaq>whCNQ=lIT-)$
z{o2jqro#1vtahMM%Ub7~?P0lXJEz~RfklP;VCxeyas^6Kq<)uVPp%slbCtYyXn93`
zIN6LH$g3UD&N!L<?kgviDzdfD@49DO<;+iz_J|Ow7-KeQw?L!+P^vr#-lImQaQ)|e
zGM!tU%HVvBe|Lk6h$B76Y>xt$@BnY&2=~AF<M$3TNDVRueILpOqHkuk4v$HypH|)w
zC^}oA;$vNp7w~IagOoHE1sT!{(icXUJQfZ1t6IUGQ^IAI5gcbba&BtnaqP#HKs#sa
zXgybn=F-)rh$e#gY6S2c;%#$*^vN8-T3gT|uJmfu_ga)!*HHpD;?i_=7IGP|EY1IT
zG6Fb4H}mG0Uas7BN{EW8JI37yhXGh5gJq~O*;d)~qJNSID9e%UWp*d4^#}Vdi5B`W
zN&iU<oyaqPK0yh3O?jW9(9h7!*C!Q#UX9cB_2tGDIa&26kfy>=!z5B;cJ3S#M^?^&
zFB&(0BFpmdn6zG|&7s}*^q8IHqJ12I#lm%LoJ_XcTYFe$Sra`Q>UlfGppGN+8pogy
zJ9g3FsUCu(lcR5MZ~mE1P6?M}H=Kw!GP1WnHtnGGJVOMu24j;37JKLJw>R%i&FRuh
z1*j%7Q|_fYs7e`qm0u)C&kL=Syq7aV`h0r9ee>y#J4|^Z$gff~cK!aps|5sDUh#6W
zj#m=+M5(BwYa#5tTd&qjK8(_Wt@&CA0`~QZ6*cRcaIJsrwpAu|#!XhQE}Mf^k6G{(
zk8~`&_Z7(vFuW*#%jqs^8u2efI_(<GJylzeE;Q}6aldEQ5`DV@Jf7?K=S3Ncrw2Rv
zB(Kc6dN7W}aNr0f&Tu5JNAs9a=zjYr)2lcWv`#t%O0(CDB>Rc}atT+R#p$xEakYv1
z(}TZAQSg=}1S6o(Rt`s^uafvTbUEN6-3U-SH7np4sI_9V>RCEgfORSmMIY>Oww`H<
zh;SRq{owV~+-EZu^Rn4kA+mH%)12)%y>A%P$z1p7$j`c8A5?}+u^@1*Z>%?8w)J|~
z?-2w#4(@9*v}?hoAGa>es$G(aqo+=666&*^t$WE&qillvCI@SZRzRhAZxdLi_UdiW
z235?U<H!`4KNOPjj#$jfjzb2nU`SX?Mb*a@Tv2X4`9|GYrqMl0tIU_YF=xePoqrA1
z6;Yul9Fxs->-pnfGW`i@H1&m&28WhDHiatAD{?)-m|7A1<X*k-R`U*ulbh0HySndE
z6?|z)e(DOfU$;<-T6kdFl=?=5#;V?x>2xfl=->--%<B%6x9~#eaZE=mpRr0@vORS5
z^EnRZ<%{@tSDZ$GlC@EFI?wQS5MG?2mx^SBgVQUqcelH`6G1`i6F@YS^hV@@(v)e#
zXuM@k=_Kz<loUy^4oq7zovx8+Gc{zdKE2N#0iVC)&<&4&C6J&(aUd_)^(<`2aR-ps
z(!jayyQ&;7Sab5oyCc=#3Vi+X{3b~@cAU!Kq6P&2bKFS@gL$iKgbX@cy~Gsfq*&bW
zZ-F;6X0;`qybor`8k|23u*ha56-WLMrAn)OR%{<)81N_8Fhbmd^e|sKRQyJgdn=e?
zNCKP{MO9ISVSJzKsQ>c|PaatCzsoTMbY3k%|CZ(u9@;C|x_s}2htH>cI1EPE+((Uc
zVpRWBy9Pg%#zB`<3&dsD!<N7ArJ(t)gnQcmJ`;-UQl}_Ry<&oytB%XX141=7QY%yT
z#|xZkqkQtqjXKda|Ale|UOt(YPx9{Jcqp;wVknYyn>QvRZGEq6GO%G2TuM<xAf6kY
z?9Bx_b}GzuYL$pz4OxI$0VVj-E)}t`S$uhc7(kefoG58vk$%^~IT7h%doMnc0$lKn
zOy!!&IxsMH<}W}XMfcFobl6FSR)JR{hBgsz4-WPV!#yA%9wx$Si<=XgVIp?_!?L^M
zbGw^JFI-MFDi9o3MqnHvGd$Z?{iaC;<)UA%1&1ydyDzJRSmuAHn#>R5kQ>;QM!l(`
z=9so<6wXnfOM}8lWm?nt(vv%=v^nx(TEeeS6@vK4{SJ&sTkmUTWMq4=2gE=ZiDPrY
zjP^z5_#=l;&<*HogHfZQ?3C;&mbj4>v!c%5PI0ZwMT|tnv0Lb89vV)l((I4N)FP`2
zf#2&X{OV$1K|BClTwzEbx+zq2YoF`E<3yD@^s}3)$KQ%1rI+|lBi@9;)wF`%A%4^>
z=|MYVM9QMX&Y$2`X`NxD{7ain`Ef)+m{_-oCFIbny?k6kJ>0<D;pBLueJ<`Zzi<QU
z$mHMuAA~s?|H;!c1(6g~`1MQg1cu`3382z_^+04OUBb!lj-R1GecqtoTz1V=XU4HN
zs9b8$3%tPv<?@+1GX=ZzXpMQs?B<&gj23C4$ZQfmazX%y9hQ$ecDmV0)<myPOu>lB
zYP}tz_7wh1l_m0h#**rA&phfBSHTXB?zJ-v3;_&!=O`V+klOehX76m3d}IeD^_!o#
z28{AzuG1s7b-TyDQQe&1s<1-m>Er@9+mSwsVuJ}Vg7?u+(Jvn3ke+<gOMTV_(#qoW
z@RTREn)4V;D|+Q<8N_}DfCu`1d_WMbi3U3+9P}$AUe1nDK1B0$`+01|^TpEFg#BmC
zeTYUp&MPDo2)@{-&-=!+?+zE-TwOKXuV4!^Rn1M-dU_MJL)i#dVD=A}xD{$@YE){-
z4Y>WWZEQHjc?{CHJCt;q2VQM=hkb<Zx~q()?+y<O0eSMqqYYVCj-Y3g7O7#vL^C{B
zl<7)Fx{bV1@r8Fzg{@g3J$w<SC1z0tZbR6}FHt_dc-0*AseDE6s6kz34(9iPZmS%A
zJ{f#yJ5$quRS$V(T1gh^ams;y1Wq%DU$(M&8t{R7<;N;TB-R=i2;m!jcJ(WE4&sSx
z%0TNHB|-ZV^sLuMF=S@*KJ}w#xJj7$p|!2EM$0$>=eJ!P`3pcmnJV$sZ*3j#{`J7)
z&RKvNg2SS6eBfQSFNDpy9FG;uD-zKxq)PaVCXTei{*;fX!Q<7RL>o7Znx78#`Q}Qm
zGn}q1gf8edZE|jQ-F2U%fF8TT^~4QKHq6Cd3<XU~Zp$Tx3GZ(`6BovxE}i=pP=86k
z4a8)!(^>VJxWBA<S2tH6n(q~U<5&>QL$cK_wswc}i4#ca^-h^AvkMCK@c4qwLy94`
zm$;36I?y2IQK7-w#%1r=!Q(e0$PWh!9QEX0DdM3sm38ip>RLzc+Bh7#L5@0y`tAU7
z=(ga32~5r~`V`5l=Sx2V=}G_|=LZ*@?~&%IlIl^#_l)6iWXGR*sI}#kvxnIY;NFWV
z8Q~LwiCoW_F6;w4^ENY&za47)9IX~J(u)Vj8bHWr4(L)-Y?>5B9>vy3;_$M~Skpwf
zmn|elODNFbmxWrgi`uA!XUN;&quU=Zkf>hxW4#|=#zZIgn!+LD{2N+&gZX7T$#$V)
zns7|#aArMm(SwNg*ioHQ$I9<^pCIk2`vVO7fXO9RqdXz~zH<PZ71bB0S5j(F-@`V1
ze@&2cj~KJ8QSzC(5pc1taN@ERz@WSU>)T#r#(*B)VDqE#98cu6x*LhsyUp?vJB+V{
zVy{+@kNi-n-DYpG8k;s~;@xF1;=dU9ZP)3YceTGbP3Vypdp?n||0`*}bXLR``_WW?
z4j^G#xZ<i&Ep;*TF{eSS`GGgS&Z9#R2G>Qwf-RT*<WvIb^0+Ill?pfAdu@yOG|wA7
zfn0`U9tZ*g+hg!8$W@llE_44f`#<<**rhav;)nO`bNirwji8GZb1o=HyS%^sQiGcV
zGEZDRs5Dd3IR<gCVdN<KAiGtoJQ>EfSssw&ANFVlli3Xl{Kgrrj;AAb+U-*+IR6XE
zGkGop^`1I_gW--C?B0Aqvlpt}#4Iy{84Zpt6}ZQ%em>%ymw)&@RUS<9VDGk}r~!W?
z&#+I^o(zc;fbgChvITUj>bC93I|8Rs7F`a`>G!`$oJ$G@Dji<@TYqC|KNLYX$Fn0?
zBHnTK;$UfB!8gt;h{xjFd_J4H@{wC3Me-L?Qn%DS%QZbyHSx}($}P|JNA7QPmrO(6
zG*`9PTU`n^j|-(>zNe&(*|u$iF&({rwAEJQgG~k7QoeBadb4f%w3FQ-BHPg!(%H@W
zvdH_S)Y7YHldn%|L_l?b{*iUVH>AphLG%=UZ=RWLEdy)es|h-P2@wD6G|G(p>J78Y
zpC_iLO&^uNB2S=P%V$g}r&s<IR6h(CUTR9R;hm=GJn5E^W#~R&^=TOjDz8%~hT5*w
zOoKhGqG17m&}|i;@Q`6W91lslY5$Nj`xdV{pwn)=AwgCw?CiABAl;I~w}<#psNMdD
z$Tn3J_&Xg@tjR}eA&Q-|&dP&Ar!Sh9r(+K#h+MoL-Kx_PyQcm6+I*&+v~!H$yvdSZ
zZ66Pz<<%LE1E1mj*fBNw>_OjMVFMtI#f(|jD@@BPKF%4XOrUqsN~Jj_ik6*b^)%t|
z+?Lr~j;4);Oql9l+u`^2S{peQJ)5i~1~~sz(YP3rvR8+{-F|KJZayvv|HIl&4`qW%
ztBR>}$9lkDwt^?aViiy8^3Q*F^RC)<IxUOQ^USNY(5}X>$qQ#E!{%meN=wXyY+Sk&
z3i+*708BAv?y?o7&Swc^Zu0)ew==%q{3VQ*?TWu2AopCgF7BA6Aw}93v_I!^%hbvT
zP$Ib{zfeDSBPKzWq*{r2;7)s@%jDE!Lk~|l*Az(`>3ZBDVMx9!KxVt<l~<?KHDk!&
z?u^OcnOg0~tmr$@JGyCPO;jP%S#!=Ve;U2~yrx=!eU;JFJeMZo{YBP!5w<g*zHj{y
zJxSlz0mlToh#Q?~>8E}EoW4jXDV_=@`f%A)Pzb7AD8#G`E(AJi8)ZplX;s?F6XAAW
z5PTWq-|_sR1BGgr_y#u5@0~%8F405hf_{1Dh^^Yo&A{?k>KDq|tg_gynLIm)GtG<k
z!<j*sLHc~_TNW{HJ0^#=DQ)|a+r6auO~rw6I97Hhd*vp%`KNRABGmts#2*vXbdO%f
z=95{KyO15n!NvPp9h+2@@-$IUZS*DZ*Y_wxne>yxD)Pm~>TCKhD)<>lBj4(IbWY{P
zFjo)W*5*lHO!1(Wl(O@IefX3Yt!2MBWj`i1-4fJ)zYsGm_D$or$J7a`DPaE)fgAmG
z3eHw4w$S1@<hD4eTUsizDXyD&Ug)=xzO>c>Im+e6QY`S6So6e1oDm$})5__z;(DKH
zJ8;{i7)mV9$t(%*PGEiWDWbRbrxQ6nZc~;L0XSZFi`caTB0=R>AJ^9nGDY6rPnirI
z4{|8iMY2=cGi34)zs1-$>dW}p9V22}G2-E!2Xurvfy@r945peo3NUS|FrVBM;e>Z~
zDk&Z)?iYW^A_Cq|IfY98I-o1vus!W!jNqBfHQ`_Z1fgPSQ%=t(kzZW~7rzd1xhQmB
zwjDO|36Ldq&s7n1$)c_Ix+4S~&HQ$QmJ`m$e`HVe77Uf2D8P8-wm&m43NJS5pz1aw
z3WlB-9MfCXQfDH2!QWfPQs9~5jj2p|4zNt|)o=-Y8`bha*?IlypV|;iZ+BR2cWY4@
zf_|xK2)80{Y`lKXU$9>BjKbWXunrwOn%R5-@75Tr#n<O#ru1B>@GX8k@ncxb^yOu<
ziO~TYF^~!5CP8ki&aQWEGLs8#>^d<OhOyr=pS1btd!FaVA-*@s?$h<tE{-~8g^{w9
z?P*;DP(kJ=3Y`_4o_)_thglF9dQ(^50`uTU<C>XebVYsqJt^uk`wD)vx|&cfX7#)7
z_iE~N+R;KLki^WY+ksN=T#Ip&9;0R*xek(LU;J<y_=)8eO8&Pmr;F?_Q*KTOqS(J<
z-#mRj8QVA$TNT~h^tvX=+}V_kqGXuJtv8NcuI~nWeb0-`q;}gH2t3-h|2SOsw4%PA
zC9<`n@|fCL*G?4lbbF}o?RcmrbeI0q?J~DxW^9&MNx;bP_E!%ic&w!U&W_QzCtj(p
zGZ;D<Oy)yfXm7l`OIn6aHgzznkAs0nuGJ%68aO!KuPp40wLjMeiIxY$gL5ZVK~(%S
zpdYY?l@X%F>zWRlro|swdXMFy(ZUU(m=sWM8~L>MGFJt6b(oH6>@syn{h$y^xxrj8
za7IR8+P~%YismS86aIJbdN=`-@3^D(iBHvdpix%UG=xJ^m@kh#Rh+!s!9wgBzEz6a
zCf6T={SPX{nR|m2BdYfnJ8>Z)G%*BzN}p-wJ49)|;K?D{{TAayb*{M3C)oN+5h(WF
zB<()OuvOSi(bg=R1fBHVBx`iGx-Ti$0&c;r{49$>&O3GYGtAwb_53<#_0^fu=E*}2
zQf{?~6QijSp=JsPQX`#>!(6*Yw|o_;sUb<=$J^nkKzMTldE@JkxbI%s;#)i<LEUu4
zsmEoh{0wI?nML*v8-YXw=aGO8j>vZfyNzupXXv}P(I@<4bN<LTbz)th1v-0Rw~QX&
zBBsWemEtBp$d%81xuL!Ewxs54_6D0qu}_(F<J-=C5U-N<tjnC^>rS2g=+;};tB4W1
zY*3Dh^P-`1ere?Zc9{dZAX$LNxfZ6r?_V3%zBf`nq!}Pv#FX#axPB9!T$jvERhP;U
zj7GLfajHv7&HYfQBGMIh3|H{%i%aJjjQ>bxI|yO1J$PMgJE~4*lNU=EY!wu%JBoDX
z+&dJq@Ufhdv{Qp^-uULpGKDRr;7zHMT$CA&lKv`fYUim&FEE<E7Eg(b^1r>&Py;8~
zW5a>W9qygBBaL5ougF!psdeHr8R$NIg_{YsYihnJW8@oBe}t7eUx7<YKWNWp(MQTq
zY<;`6n0ak?WOQfDulDn6k#kaNw2)04g{OCo$fB6kPo*AIs$^#0mq*?gn_ZBdXj}VS
zx!7~3QpFh2L;g{ay`JGF7R-M4dAh^VYDEYO^YEwL{qm7b7!V&B?+rU^BD`$B_^E0l
z7>d@sfAEpd$;Mu2BUj9AuJX0*WtLA#@z_No^_$0NhhJOx%9lzG%bK0@B9k>9CtgIX
zEJqW~Ng=p@1)2!x^g%MIE*b#gs!$5hJ(bW#!V{m1iwdF*{>!V;@-mwa5dNFZ4%4Ak
z2Lieeuf3k?Duz5nvv1YS^}3FEE+WzWIm6!F&sJjl{k27o2($8Hh4X!j<6>2z8TLxU
z5&#0d$r`-RjFP37gIpBeUA8Fl1b5`n{z<3?bu)QA=@DDX(_LWxi^?ce4Erne-MSqm
ze2VVgBQg`D^xKbH878u1uxmR2`rd_!GK?Spwrxe?ZumfGorEA4HzCJSnc208;!G~^
z)hnXls|K$`f%a!_&~=kJnGD{aYV(pRq4Lak#)aj-$bfb~D149B+W9?BU;1MqfYiZ@
zu&=}7H+ePYYMM6c$>1bO*#v4;q^aNjb{5gGaMF)W_i*(tU&R8*_b<ejURR*liWL!K
zmyxgBonEvYtoX=W5W>*1Ga&m+!&Qc7_3T0y`wyOl9O|dneOHwdF{BpwDiju*F-Jsv
z?T12tietrHYbQc4>vB|XqVHC`<A83nADYjSoR={U7pNG;LGse6;_K{KGL$p3`j-)^
zB6JRa(q6$x^Cg1dAU9ka?dOsaa1&n?6_DGslr6b-g`eW`O|9MBx)x>p<R4v!74V<m
z;+{Wa?5_1%Fn904iso%z4YT}D7wO(Nh&T#{NN+BiDzB;j_jm)+sV&*I(LDS7h0h{d
zdba`pau_}FHCZCXz6`<1n|HeJu4jJ*PZ!X0)XSV`twDS5=feoCZ6*W#oP)oQe<IwS
zO6o`On;!U^)m$cgwDVs$KYv5a3K+?JGIM$D*oA|Ou(b~l{ZdQM-cTn>O-8l|SZ9HA
zHp+FX2WHJo>05vi^y(JPadT<Yn+J^Fe_weDe&fh{%>LHA{Yk0t*WnS#U-mJ=1-w@e
z5(+PBdO+3Coz~dpw($ZW`;D-PNGjpqXe);My?D(vs&Q2$97PJLs))P2(OnvnbzD9E
zngELkeywG}>eC~gWK!u=7w607RKb99?=2Dd)(@h&ZuJoDXR+m@E0|DcFXjBI@8vdw
z&Hlrch!+hFas)u+BHi_3Wn;#(&L-xL)o~LWd!=#?+?;LZ19z`S6*+h5?V&l2ij)p^
zRjm3}(B`b~`6uHs;<fGI<IwSQ>v;kUr<Hz~2|Iu$dgk`gU?#8^urka3+-~G{D>u<n
zzwk3%+hdF}X>Qq1+eQW0G{}$YJ=)ZuiVXRfu<xuIho1R_`zE>ojUueRM~K!wz+Q22
zS^uow<fx(gZOH9?^3xhA{Heg)BQ2*r;_$B;{I|xsz%ypH1=^#sQLfw_liOa|6zT@m
zKbX!i2~XhG!OzpZld~B%)5zx+!@6^q14+wo-c9@{Vr%nhE`e7&lI5GpBD}h!-3pk{
znmLqTW4myf&X(THr^u~R$SZzf<HfDfZ&sbgWFYL9(Wa}5bN<;IHKHI>_h-t6^2h#F
zIIXMv3Haiv+<C9>VEw~S5h#@655|(|as%6Cv=#rGiG&`dZTO~`Bdu+uJ<A8{g~19e
z<}#i0rxAEj!7@jt^iNaVHZ^HimGEi?fToT6GEX0Tk1>%z&_*(|U1!M=XHOOZ8e(#_
z3R|*qCh<M+IFBhTnT0p{`h0Fs#$djIPs7d6#`f@WF1Hyvlad11sn0>A%t8k~e9^v@
zfBB@%Gb?tcf%BYSO^&e}W9rRxPvFVA*U<OYM3-OgcnFX&1!!~+e>}ZVKe{EtxO$A0
zUTC1XzfXXab#xzetG}H$_jO7II>A3Q?}S#{fXQO!HfY32D@lQ^vE{{r{V_o9#f)Y2
zg$>U#9mupy{LH-GEPGWSOy7v?fz7}i_V<e$|0+MzV4C9EJ8PnaRB3-JJ2}{k`ds%P
z6wjSv*YW)Kd#PlRpIu5jnx5~suOsb;&svs(T`Hq(BlBN$<`jHzISH2<2JyNEO$_``
zJW6d}@589%9;38wdpIGWL=K0Jn29tl-I!_{h5|lzV>zvVak;Z?T5Fu|nfUtrXwks{
zIMAmAwR@CVp6E4y&*8eWUEz<v`k5!>&AgT|J7zaXv-9~ffeQMz#p#0-Sh_|n-7=QV
z`LK5Af#-^WE4Puo(&R>Sg+hTg|DZ&>a=;ffonSjzOtCoA3$1@q)gQd^SU*;qqJE%G
zvCLPRaTZ@GLSZjk#Jq~L$BB4(SQ1*LQ5$4*%TJe7W#t~a^-F}}!ix4W-O}}917WO6
zvhftw1l^l&Cbm)@_l9EON)EMpr}u%!?GpD5)WQ1Kqp_4GyKQ#qWMRqHDk3$ktm%5Y
zIcn?DC-ZwD+Wj9B3AryhSDQP#u67OqM0z)?tpX@n>SGiD){AJTKzwaKmnC%M#h^|2
z;%k1kx;~iJx-{L}dAVJzS}=f~h%eez!CPgeZSthevT!7=cE&0TcCqNfc@kGU!7@3y
z<uP;5zJhyousA;w?e0$V?(yg{GIZX56Z99Cz1OPlbpOf?UQV>=!|xTE+k#gg^;27$
zJylon-iuxZkL2(03;LlR6};kcMv?!OBr#WhW`;-a9@V#<J72K@pu?^%nP63t-cx;F
zy|qC;&oOHr$Mbb<MYJ}3WRZwGg*aT#<B{n8#yB-W0d%gGsjf&CYl3ww*Ji72yW|Vy
z<zAw_Zwa}MB8M(2`>tEy+mj;+roIR$%nAR--ge3Z01OUErw&T0Oa9KgS=7f<8oNiC
zEcHva9aGdX-EH+Qq1Ysw!MY(^pF@2-8lePRC@eX2nY5Z&9?%R0;)ecK;J-@<U}F!f
z3z<OFJtNwK5K4$e^7}`gvAeQ$#BUt?S=&sBL5{ntL*7P$HW{wbH}-~yq*I>a7x#pI
zivoK}j~c_g_G0qt46onr{~SkUe5O*;9nMvzuIU%O6k&7W1LWw8y$&F`d}&8+9HuiV
zwAIk+7Gy8YvWe@I>fAcTwg&WkX3kuxpW1CMzj@i5+#DgBkjtF+TB7hIC3$xpkgZ&+
z#nXdPrI})Z_U7W{zeu7v;ZqWO#?cyT;L*k`rP1os80ezv8!Pnk?2gav;e`;a3ZZw8
z#O*EDr;Um1k(zzodbtP;+d*WH*VG^+nBa-5WJ#bjJY9vhUJT5aLJ6BFcAo2!dpahv
zVIGo7!*&^{=&4Zs(7Od^3w|o}x%ymUw=DDqD<i{TV%ck1u^Cp^SZACv^SRI<^2F3$
zc=AS{bW8n^Y_q_jmHN~hg(?}04UsRnx{>g5a!(Si3Ee%r{k#JHNk0%Cr!PTO#&_Av
z6i%P{i6UfSw^=Nd#*W0MFZ1KDvY>SXrhBA^#B$V4V>!Uu+<>n)k$n!wO>GvSIP{>I
zHp{M8!*v^q%Q(hRLUaCcnba~~0oF_Fup?SMx?|8dDicMRrkIeqLAD9-I{HyjS%Sf<
z=#IaGy;Rc;aD9y%xodwZ{E$dl7491A*<<%<WW0ud<nUy=z8Kas)rG0);_g2MZEJ2+
zjRf-<r&Ge|>nxiB530M_c7cww@@d{T@@eZcmwdJkSVnP-L%{d%GUk?%CJ6Rxfs<P)
zAZh<%wYS4u)m2hGMc7#X@!G^s&;HA{laYN3%ltqSXaOs>H1>C<s}vHJqaD%V%d4h9
zo29JR4~Z1;L{u5fvwc(K`Ki9d1!?}1HU4w8*@4*`W-XY=a;I4pzBk&RLC{3crtP^z
zq-`ykY|&jp1I`$?71%iG!_1|SZ3Ad{;Dg{6v}^f_V!SIx#51Vvi|!T(K?Xx;)E=rH
zn%s_$$R^!ft5>>gD(s1zj+kh?(SOz&(f0}-|4yjQt5%`#cC${;CO*HEwxItLCFpv%
zGLOlR!R;tJV_xfPJ#+cnZHSlK_Imi;Q#RL3ZZnL{wV_YwQOZQTS^e=g<dY2E>D7%_
zRHv9>ABwKmR4mXRu=aRD_&he+g*d|_2x9SGr*1MkVpw7%amrEq247!aNmnttRHRXg
zJ`Jz4TfKc->`pCzP0ix8&?N^VV{=}o#owp~>)Jvo4UC2oZ7^P`WXR(w%hSIkXoc`B
zC&)w}+T#1XUUm$<sW#6qa|^^_(fv}I<a^OzWfeu)wvp0V^T#y~*5=Z$`glaekHdBO
ziAbRpP`GONKBukie^~(aqq`Iu8h+~ET&#UCr%L)}@BdEAr@^NLb@p<;9ex`^1MiY#
zhjgl0RxS;T?o1H?@V2S-zpM-3NAxru-inrs7HQJO{3|gT65-9&7!@yr7Rj5>53%RT
zwMK^csAmy46)ZZsa?0NqGC@w_uX#9gx-+J28@sY=?GDsCBGT4iZ^fvtD2E#1htA#7
zynUO4`HvPJE84(l)AKV*K-Pu!rP{EPPk?kC7MQa=njWKG<ne%Pu!tQ`pPPZhnM>Vo
z|F2Wpg@P-|QO*|`xX72Bz8h?g!+c;<x0!I`@HbW!5UQ6pk?=yYNMk~#q)EBHUcfl1
z=V#Hw%^cfQ&noYIFZe(`0Mo2HiDMooKK%Ef#}Hhl=GQ3kws@&NEP(@Y%%S{)QT}Ll
z2(xGG1u!)S9!l%9rI=$MtSeBToFiX5Oybm^YG(GZ-FoB)bDI)eYm)8><zfS7phCe<
zZd-*CodD&)kQ)o)+KFfl5LKyOBVCER*TSsivODxWWrr5Y%!eKbAR#9S2Yn#cv{pta
z*<Q1LdL(zI6qegi_>DOS6#H72_NpF#jN~AM_C83-8gv8OxH{6cFi&@?cN#ET{p6mZ
z1nTE6y|TA0YW4~yt335d+z3-El4YizVY?VPAR0R#Bc`heZxaLHJ-m0MpkGf7hR^!x
z`_%+E{;SSbkfH27*62t0JVM>)4eY#o6InHh<fkFcI<f56;8?I(0hqg&mQOo8b@_7-
zqzXkz%b?C912!)(TXuT`3Se@*YIBm1xvt~(p*?|QCMS$!hdp_V|H(lxV8K)isq^OU
zH|idj*Ri)AlvvpY_rveI%P-s6KSeuAc*x`5zUxerR39EvaPfm^O_EiDpXiI8{{Z-|
z$9>(p!vl}TP41g3!&))T6nP<b5cEI6B5z<Z);se+e)e-9W!;wJq^!DC^ptW*68ta!
zPzEJDTHAhA*=OQ&n#&nVCjA`L>;6e4V>!XYiPTm5^s<RF;&LjdIB*-n%O1mLr9$6!
zCwh4JccUgKncn+eM&C-`_q1eIN=9qz^mj(VrslLu{sKWvnk1CS?h|L;YNY+YExyS1
zs-DAR>&zzZ<Zkwpl-#GI%r?aAtCDtGP$UxH?UU+F6Up`1BeeAHZ@M@wGed?@@5*x_
z_grpbq-heqAtsbvrX`c;&#tc@{VZDU5~<kdSJBpH;PQd9I6qc8*%y$)#j5T3iv4Bj
z%(4pOLKr%iY2NY!+`JQv`#SWx0y;{uzcV1SC_wo#J~=#X7RzDC<@M2IeQbSk8*kUi
z-Gw-%)cHQv0s)6bq<2s3vxBNlZhZir;Bu2|6;X>zkluA!pwFNl&)nyS;9ARLgQtpd
zK+`na-CbC`Vxg6nn0clNzzMy?g@BN$G1FNg^QDn)VXlU0k58(T1a<_)uPOBqUL~%i
zb6%w$7cG*W2xpA{PUhhD_733jZ~KpeN0~0Gr5BI-0P_!fQVZD6haIQl$HPf6)=Aqf
z%WCUD&9MB1)vMk4>rECw3<oK?>&N}5*T<$wDm-W1Vul*{hC!AZ_$w+GZQnP(u2eBH
zX5+}3(1_s@NbqRlZ}gUbqfw&H<x*NpJeObP%6#CC>g=x3+W4%D7JC>Yn4%aB_FPBw
zG~-{FuKp=As&28V=-C<8v~GisDuQmy=tPFg-{lsvS1M*$FRSxs=DQ#52OgWk1m>ih
z3!OhIp?*%~W#L;iDAW4xZqPPIc-O@A(Y7jWmjHW---MuQR2cG}2|O9R>Fpv1C~fTZ
z;F1EbU{5+4gLhLxC9~+CIaVB^S{?qYtTfaTJ;(qe>!8m1$-YR**P$}0j2|&I_Uu~O
z6+`-+2y%@gbQloG4562yQK)}(Ow_x8G6ZH}*nZAjk~E-n-8Z1X#W1lz17f{uMj*fc
ze<*Wr)Sn!{3z{AcvDimwvhS&Zw?oCMJhfg8v7Rh;@<h|0n7Oyo-{CzRyb1a6wb5(I
zV`{PVI^7BJXU9D>OOl=jhcGymrK~~c?)oC(BBkF$)QIcL+R>4)&<9}XN-HvyIP<{0
zgRJ*fL`fp>7D^ED)lSp+#AQ`rtn?7*aj2Gg!VrkbEI6&P-RIP$DyZ1%*}^kPpfD_Y
zacT?(%RLx?xo$pNoMQQM2@?_qR+*TlPkztQLCJp+{I3`a3TppQFX&!iPY+*w&ago!
zIioVEw5eF4ZWS5NMW}AqZ#J2kQfJDSZR&M}hRU9=ct8i?rglKStDz6)<Fo9|53->3
zVC2v%eb824&iEj%p}hXK?|F=sgU^AsNJlYebcuzNaFDqXGo*IlOkj-Fhgm6V(aK7j
zaOh&{KHGtQ8h<*#5AJA`s@>l&Is=!kuh->XJZW>yq5v&$3SISd9iQUA)$&^<+YhP^
zoyTRstV;9!*mu%oXGF|I%9Wp_B<Pn5+54JPYEJoFurV*ss07j^n`J*6u}$&>>jdr<
zl{?Gp5&(am(UhwYaHiOgGAEOtA6Vrw)lqxztXsttoOM&TjF)wP9f_gKb30TV_+myq
z)*{W!9Wm1#^6wUdGY3KXzO<fDExqVfFMg9&OyA5qi`j9IF0BUk@-9@F2k~i!3JnE|
zQPw|wdn199dfz(QGf6QEwDr54=SkzWZL~$J7HtW=*#`vrG(Fyx3l1wg<8N$)2DYEP
zZ%2WiyoY4|c0TKVz9Ot8g@mm*KG1|C@rv9t%DLq>XTCbu)s7C^TIb@-$MoEy7US7A
z*AmVMO-IBSHWpR61V0ZftW*|Q!}4(50;FRf%t|J53IJM`Dk2q~Z>HKSR+ys18<}Q8
z?G3DMR$J!44er6E+I38c#SdSKKPw9ikS5eut*o%>LwX7$<m=%wsjauWn_oQ15$*Pu
zC`V$iB6rJcS9L$m+nqlqe`8<9nb|24)P@Th+Zce37h~)2l_|Fg*S%lQ*}-8$Wo&7g
z7mrv7f$nCwKGP4*r6XWpN+uU^*jz(${DZm`IR^pO=F{jyMjXhR;J{nBstYdyq!*nD
zxqGm12%Zn>{zdA*k^dWs#1zIznVlT=uHU;;gK$NShsh1-Bm7HakPARGism|?*4rKz
z%RKp^ERsGN1CwleC`QO9IpaAb(574LEc!RhIqfoCXGX`K|G}jWxI-haKzI+pYw}|m
z>s%I`;!D6+h<KCF=iz-L>l!vNsa0ewKWn9=4y+~KVtS;a2!$Qd+%a)d*sJG<dZTva
zQojAiOkx;|KMq!WzPJM&yHRTWd<TR~DJV;a>))K@9KFiS=C`tGdvwZ`<6zkx(YKv_
zv?_W$@&ljVq^dH8i;-&`SeiFbN3}ifLIYfv{#jN>><B2cEafH2A`>82#!iZceSVJZ
ze?OyoJqH$+Xd<Te;*H^9@=ARFJX#g$nRlA)5k?KJi2DG@k7H#-AKUCnZ+1I8y2ysl
zd6tt~o9ps?ILgWONk3_E%UbrnB2U|;@2qdKJYPF^`l_oh%P3P2E?MI3OW0-dwlLMT
zEySf+hR0`rtS@xo^gkvCO8ik$IVisp+jbYG=YFML_kE@5?Zh8jo|sIYN&W4aD+KBF
z7n3}iCw14|UwF8F655&P@H=e)I*kRqg|6GV4TRh)j3l+5bAmQOG4-P&lT&jrH(g*q
z>ML7ZLrirY7nDVI|L;yZxO5DYg6VPNKyMPI9D|5$BW(lx+4b)AbYUMw0;l2G9m%T+
zO?mYvE+5AEi)bdO7KBiXY31X7e%j!a?pZ-WSyiT=N$QBVO<sm?hio&v>CJV!t%7%3
zev>Jf(eHrn-6G}gy(f6342MIKWrmgl?yhN&i*R29>XXa**@p6QPAmf~(8C`D>ev%V
z--o73o&b_V;bM+T>fgH<{#*2xuMT3HZm)@mAUm97oE6P_&uRO7SCw>UW+%TFo31{l
zouA^tI|h+$&$}Xz(<6Hq#X>RXpwqr9+hbl<!OI7UrzdAVi3oH(O_i8%heXomv7Obr
zI;kn02<Er_;30xUY~&?!$((+jP2;y!dc$xvJiU4=DfhEeJnGb;JdCR~)6SV3q8-g+
zYMDTrr_u)?kVjutTJQN_LU?t#F6@=>Wo}Mwo<cKw`2sQ_wD#lP`;34;A$1!U+Nfgl
zMHa@8m5+GaZoY(v<i<?~gH(6-o&av*fY05;Ox`=k@$L~Mc-xi6Ey?UEBsoDX#wi&`
zLs6Wlc>i$4c6}+s{cOZdMtT>=`Kv1Rp)h^oDA8OrE9XV(F0YhftIU%SY-P6`+z-X2
zPgVww0~K8eGgK|;!T$U;x^1C~#8gf9*3>9IeRP#G2e3Ov$W>CaI-&D6q#aC!*y+H3
zT1695LV#6$m&U&~sATx2vR+V*49G~H-(pHob9vS|Fse|7NS|}7X!Tcn9IaRqNNv3D
zVa^{$J1r*w_gLLVFigs3T;WbjD;ABh+6gdDu_2k#e50<SR2cqlBBRyxPy&uN4pPmG
zW4;GX&LwKD@Es3oF}Ji&)8seU#_|Mz*9Y?cTh1?Dfyn%+yOza^WB*?6&yL(<AFbzb
zIQ!&x(J!9|{?*)qUVURtGj;Zn+(EG9<NnQ%`xPY#o3%LbQ+#>j<^o9jCS3)h)99U}
z<j%eRi&FbL_7c~snX=vvoJ54^USaynP%8ZL*skEVMj|{fN14<PA#1OKNX3+x6<&0F
zna^x}O<HDt^1W^Ww&j>WClb~tXX*NrYB~<SKcFvH&E%Oy6xIb0GICnFP&IqgL6yn#
zmHiu+cYYX`oqp?N5qq>a^VB!b`%b8GiV@n~^rn}!cnX*OH1+TO&^t$~+R5;*qwR;p
zObwa4zmODB#)9M8Y}J1n<uWDy5-}0UqQchDr#Aj&;UvmI`<vwT@4y2h1#AZIe|n?;
zEP+qP`&-;Hixod1r84DZ*SD`DZ939<jYQvH(SE1}9#`hAtI%*2qyraXgx!)cMJwtt
ziI<>FuCSKb8uRLMWc^kb2%B3L|Hw$5^?io)c&gqFSa0dCl!4Ho%$UC0og|sF!}H?;
zv!OHm<7zW1C!Ia)$>(}uLC>Qb`$FdFc8ij-{ZJiRbuk{GNKUJo@NjN^?X}RPk**)-
z6fOr%`5+r05xPIuwfRgf+&wrn{CexSjLWXS15y=73=mOo(aa>)A7jZ=;6+*YOc|sy
zOAQT$x+Jz%>sD8I5JG#W9BWv%2|CHnnR>5&+_nk3YW|fF7$}+=Xm#2|J#QEL?;$9!
zEo6$4M2QWjAHeZS{bqQy)!pq#JDS7KLb0p3M=8w<?s*`%IdIJzK!%=!3)arSp`-ib
zPklg<uQnO0QT=%EijUpYdW`5u6^RP_kpA5CVYzDM2}E$QL;pFc^?|c_>q_S6US91L
zl3N@CO(Of_0ugTL_#w)>YUJCsr0^gd>e!!s7}%%OUf$_rlxvZeCT<jLsp6<bE;|oY
zPq5tyZq(Kz)@}t}6&j^;3|}s_b%CDC(^r8m>7gMm`>a0Zjb=t?|JUAkMK#s6-C9t<
z0!R@R5fJH0lOnxICj<eh0wP@qp$G^hAShr%q<4_si?q-qy@nQ=ltg;(1V|uoHu}Bq
z|9`h<j5E%SH;j>Fvvyl+J@c7!u4idn0CKt!A>mn_&nsuQd_9->6BgRGU3-frUZ=|c
z2N+XQ89agp6W4RO+?$HB4o%+}!;YIuO;@Tn+Z}h!LFgwO6y@|L;uz6ZMuxrH6O$<8
z?+$4|-SFEr`2B}Xi=za$j@Q~2a7w4}CE`W5a(d)8l{cP&W9<F;!}axC?K>o6if0-I
zc{LutWOr(ql4)0zJ619C6{PGB*W#4U=3!P+&pEn(oGjni1WRI%r=TCOympyu#V*2G
zpjNDx>Y2*Tho9|sZ}yaG3w{qz<g#*7Gob}-Ye24u*?2a;!WB!FlcwLw&J8H7_T^;F
zY;R&1C>In<TF8~R7$$r^8R-J5UWdbR>?AsOQKF|N!n(vaBJL)2E@@Iykbp^N;{BSr
zvDgatp?OGd0czMAF9dAgT2N%O!7E~YBr9<g)8M`s`WBK9GTm<bSh>bZeYhs$=bVT|
z=Oyp$&=zy}(5Z!Iav4?8pxm4U*PAZv$1(Ix_Ec{^_f84<2nf;74f4uFL2M5B4{V-t
z{J52wYj(CbjcA9`G>WA$eH9S29b<QCBo@P!@l>8g$SiAy#RyC@&|)Cq61Adv!=H?+
ziID0QYuNL%=8@SDTG#r!PYy;Asby2%w1Q@i+vYy>TZkRD$`RvAju8o@2L+9c2zfp`
z;ZtLjxrCq1p+%MUG+Ky=smtJ;z~S$-eG)o9U6Eg=GPGjj{eI;?!utkCU-|f1k<k{-
zB54y)Aj=mixAaNh@!Q_J7)ADmR4yl%lI?1D)cj^vw3j-4KH_G0G=41ePQ&}hfW8Nr
zjqwq&d<<m}D$4@yys1S^bfv#E@5JtwS#+^jA%@W_ntFS@#4`^v`b%e3#NoSep2*K-
zx_AeC*wqTlej{TckAeb&>VD-qkx_2?SN10NmWrImp3m~Ec)YE>+Ez1HqtkoG9&os9
zy6MC7vo1^CCfTzFz*8N5<R|HJ)ML5hA4N6xR5DYnG*`c~Y=z3SMu3TOG9O7Y!n3s{
zrG^%!(^Q2nyuA?nMuqZ(1r%k|t~iBC?O3^<mk9<N(t<wb?P_!6226WFL$@h?rZiMn
zQdP@`PMp(K+g?6)P~c?iYSZx)icB_IOkvrXHKwFgP6DT~knLZE@CuMj&6R<La!R=6
z%A5Yo8}&-E)AFo>X}~5!G0wzQGDMiD>#~|?c5(AO$_TPDVoQi809@o@V7Wakz3t?B
zw<*I>b*0Enp)$m$to7lx2YrB#6y;SzwlbWiPNiW|{kVa)ntVg>-Va~_^|F7yHN!BZ
z!cE%co?Pa&dmqxRcoQlJi~5Vt<jL>mQfNvq+lzaOnK(4Z)VnV>H;7CvvbZ-3D8QL=
z<Qx-H>!lyv`*r@DH`iGbv?-x!b!|w^UmmB?RxK73Z^2G7jVk@l#=<$FQcAjaB!^Y_
zc&^oTo0<NqA%VR=;@yW%&Ur&g3Q-4gmfkc0z1m0)q=CGEm89m-{lN5Lk`>ST^PcP5
z_j;IVV?1BKYgTqfJ3q|({ES;$K&tR@xV9Azci+M|we5F2o<Ms~_bG+MOb5CwKh+t2
z^v9G#N^ZN6(ew<qxDlJBH%5zH+*8F)xbJ<YtLWYrHmZO97BW#egx$(%3;mRAjEH%V
zgycPH;bnI#QzTPF#uVNF#=?C35iQ_Aa9Nx>=g?Q2Br>R6LLr%rWb|y*Lc9^}F2JrG
zGOUY~{K~%ssM${sB0ZikpqqT#O+7$Jq{wAI=BGzfQcQkZwoh(1$Ef865hnO_NL0JC
zKd0Xk7ygjR$@!vT9Hz$qy2m^slljIrA^Q$BZKoL>CHyTDPa&+4GxYA#qax6I1{aDg
zqY$CFsh_ryCA=kSAhm)o7cxtC*FH#o!zd*xo~1>qE5${yH(w5@V2K-4`%kV#NkSp+
z@FryRO0g^NjRk+ZNHE&?dB_B!?>fquA+rtg4A~-5<+*{1zxQo$dX$t_CYh3yJl#>+
zs<=ie2gYg=Y!rNBa^#DYXC>nddV@mzm2AxRKCF}Z0m<IIv!A6`RSAbqKNr9UKKbw)
zE$tMpQ!K=5z^3(&r=5X85T6)iX{gbgbt5b>uo6hq`@=oTaFToy*O`{7H2w8+b)+Qm
z&DBc2qKk1EI-Rrh7Om)2gMyCnn=^Cx=JPFDVT~T{w<Sxzu0Bfg{OR*GpgH2|RA=s2
zo6k44PsUIjK?nZ<7ssm4J5t?5=2BYr-WR#XZExOX`d~E0(2_}SjdJ0_BU<imJO(s&
zj+KErYf|uy+4x0@QVZ}+M;h=ga|L)J9mToB%V(8h_JHj@MG>q_ZDg!sUhKWCA4;yJ
zdR6M*uR#tg8xDYsD7Ou}`B$}XD0Xa<Px;(dhP_Z)yJ<Iu;rzrMxlHqtDt8tibob~n
ztBN^FD?i1wb*)_`e4AX5%`&4q&6X=FM=(A4mSINeZUNJ9$is_M`9IRa8KRy}evBVq
zuC4siN#kAF3C1@|;y%3n?dc#!|M(#%wbuNQqRc|`=C#lK4sK0UMqNVKeI+A)@5l#+
zl|5M-kmATL(RZQQZuKIn3@FFR>4%(0R^Kv{yR_cskKmR@CcXC8UY?iiZIB*v9Br=`
zfqe!e7|_@e4jj4tH`uohaqpufN7-|ve#8#|UhpLdd)OEYvQSyczP8?vw|`yMJG^Px
zwheOaqg`*ai%=X2*1k(ax^-_q{2N*9JSBmvV)xDE3ru!u(r$7rhTkj=lTyA`Ki5hU
z7{9NlmmI;)!#{k#8I_@*>yYI8Jwneu?q20=ClE_s54YA<q}&An1rNQ<UL~~wZbtrf
z($ifXw($1PsuR8p{pq#;0TM{+ucJ%oa$}6-O{YcCV&#~6gx!n^!izp@2{L)NiJ}*u
z4E?y`oTP(X(<GJ?sA9P{Ch%ug#>z`Cb0+(Y)P1^~-ZNZhLyvG;KyP}z0)@-Si%T;X
zBLRcz8Wg$c_!9j3KHsHF$f`gaIPfQJ^M~oz2i5r2EaIsZWtLM_{tGX!AQEzCUFz9%
zqie6S*BDpayL8*oB2YhV=e|p7Cz(I{7onV4Ef}!#<a8hAd1x=TnJs)KMOaZF;=6Wh
z3Z1E@L(szVN!AQiu7Be#?nJ9+x)ooflCPvO@rdqU&aVJADVy??R!f?0g~><#>C>`S
zWGV;kop-Ejd3M6leH3@K%wYX;H^V?~WCs==uSY4dhNZ&(5zoYXniLGKfXxLQKVCyB
zT#=dxl0Dgb8w0TzyU`oqUlUk~Hxzgr`oh#OgTcZoARSinBc{|lDk^y)mB4*skZe%W
zqw_^vv!0-rB#{3)U((<HJr9-^krXm^Ep14lJWjN=TN*bv*IYX7yiU_KL-Skt`>lq5
zV>?TtqkjK&1+aRWcHd^Bk=0Y;oosg<=Z#q!rm4%6+xWLW4SX%!?}NK%!IwG&x#x#t
zq$#)F9zEhi_VeZ09dNgzs72C4oTcD$LUhywb8i0m^y0e!&@8>uzg?<p*`Aex7fADZ
z&7GOzj)UDIi5U3fj5$TpXGqil?Ln=ds_(jA;|xM3s*Pj!A`+6c$VM-iLe)6!OieDQ
zF)Q$*`@T|CCs9{pGe2wS$?h0XyY6yMR_{z}El@?h$K^8WDsD^uMG}{v|BGhb`WNZd
zqUn@ebb8VQw56S$T0H_fbYV;jDTa#LH@763cPqDy-980zMMh5oJYUPF3rjSA)&u<^
zf*H@n&|xW<{eR14f36XLh0D~>-{n*zr5*&G4(Z<{`sv{n3TGP17-dNm{yFgXFGFl^
zp69MZ!Cn8|#u~8P20}{J@cTUfv?1#TJb>K8akR_tICtv7|7{zR0AkSi*~k3<`)tfw
zCIGZqKHe+4{Xg#yIP)k45VPIST>C@r|I@r~G+;pZzrEx`DZk{SS&qH1=-PWn#B~qk
z_{<t{VnLdId3%n}SFEVZmpI~k0om)bS6YQ#e>7U@oCZo1FHgyqdKw+5CX`q^O;<z)
z+cjRlyk51CR0<TilNrSKD>F^f=V~w_6ux!2H<DwN$sB%`w3y;M_2V3U&XZD<B@<U|
zhI4eX;OTqbP~nq#=y9uccT9hY|MWNliv4l8m=;nYTDJredA<27%Go1m!6HP;I=8Km
zFxfKI$y4M|%C+G&QnUKwJZ1Nc<l$=RUK7)CAFybGJzm&83KRpZMtd}KrDnCH%VDuE
z#Z!{vH;c)A?qrMU#C$2m4NzV7N}}r=^y!8QVN5_Vxx=00lL@CH*wI$o+hjt-<XmCR
zy0~|*H^!m}zGe@)%UdP&BwE+~=YFs##@2o~AFu;Smfr6)oiocDS|zL$QMwtGSaz5`
z73D5<1>PsHI=4vO4JAAha~$T~CV?^MgD<J0xv&zdzj`D#gxv0|Ib#o6MOP_(4-}{_
ztbM>fan>s`g)kBNf>vv=#KHnIB&OP91M|dCbT+LA_b?f+@z!kT116iTq3lJ=C5inB
zR}dv>2N8Hf<mZ;nPH<)lHh0ekoJOJIJTl46ALpwKv~PM$y6HcX*&DU+cp54Zx$*uQ
z;F4CL`2HkKX-$`qsJe^q^~G5CBvgS0fSZGG`;n6D37#VARnnh7mtiM|Sf~o201Cg{
zFep2VPh2b*#vZR>MJ!YM!|^){@fg^oQ`1!uIANFHOAv~YTp2DfR+upH-0oAL{E0vk
z*Gvo_w@Z*G3s|&{l5-^Vl>i%W2F@NseRksC8ic*^ZeqYZFY>|VtsNh306QWsNbGe#
z?0qL1aLa9ZC{I5r@cij8VN_+t1xK5D*;SgU%fff!u~&Q<4SRM_>N;EQ`>$$C#5X{0
zTzRa=RDkt?N~0$JfR__Yx#oK`!=%uYOc>14@QuqVAl=`s@TI3U&bd!1v0A*@ht2Ij
z**GC0`4gwon26aAOsWTkxN)iUb=gk`;bVN{nWtC3$9J;L2dPk;76^WQJc%VH!nZz|
zUD@KRUQA`?HanW8kI&?qfbF2%w_4~CvGjhYgV8<kO=fnMFdzLhCqFy!Bog#feG{t_
zeDcZ7OkL3hpt|OS6I2_U!!;b&>Cr2-|E_+wcBf~2{z8ap0+;4OPa-HyZ~44XSRqWP
z(Wm*EvJid$_A?@Gy5$q3@0*-^pByQK#%67-{CAC$aIo~vMz9R=6@!?|tjLxSP@vwd
z#hb8{)%5vo+86Ooc2HbIuk>iKxdNG4`OBv&MK)x0uhH#c+Y_cHLd3%l97)BBpRWI$
z3Sx3>WAcTm80TwD4`is*OU%buXjm-=#CG<pBY=~L!RXPexifo%2!jfrCN7;!5~a9{
zoV<Lm8!kIcR64iVUTt%o?-oEcE{+r>*KG#ym6<mM3cqtLVWQgfjH-kuyy=xH#Ag^V
zNW)&EB;LmrnO|Bs)*3IdGDbKSNFDroD~#+2a!PJ}y7MG#Y@~j#JWghHL<EXS$kOov
zs%6@*<(Uy*u0<n{tWeNJPlGL4J9co=vl_y3p1m1iAo}GA5qn~?6Evlj{6f-<l%`V;
z4<ULkXlY#k@)VnVyqlH6%S&Z{`TG4)cFnwsN%wJxuvzo1WfAYaRmecu+?2ilxh_QA
z8U&)4=V_w_u&C$dCr;~AVb}}7;5>W+?nleW?qDt2_E!S+LA&~|X;JL#(B@hy+dB?v
z>BQ7MnUfuvlxHUAr6=#ru3gq-7~o3sVIY2afpD5?4BT8xd~Y9eM@n9d_gw|O)H9yy
zJ2mcWM)r=MmggC@+E-Ya@a^t9ch8;D5s56DGfXFsCTw6PHYnv%`)cH}!G0%CVP&dS
zRP_kY(Z<Q~hJ99|yV0ZJs$*DL?OydrUEvg_K$0%=@Fc`%H!be+yFj6twh+qwi5KSe
z)|}0rUB;L&??WNNuZ7mDE;5V<5i4<EHw?SkWQfe(_YmRcAt_9Yo&r8+J?M^?E$V{)
z`ywA{JUw#Ax~il)JH(^E5@b|P1SVD|1>fY#_pwQQFo>Rlcm}?iL;8uUIbG)jMp<ox
z?;V0(m=YUG;0{d+IG$oUX4&Za<e-b)uiJo^gW^Tz@GCz8EKnEB6~<o$<9BfrV7QDU
zmgD)M4~?x~(RuO{{u4sciTIB`#Bs_YLrEMGGImj`Iux&)9T)O=$ZKyk_M}Nq+&51z
zytwLcy~cGb((yL6#qsqFmfk%~dSvzxN@ULD=op=R91;DURkUuf;!CwELZ4stYdYaj
zMaR^`?IQJ8;^BU8la8eCj=_#-wC6L%vSk$=k`GZ4BE*Z1c&>eQb3&ACxN(JpAu6j8
zLequ~9G1p+fGcXHwLM#)W^IuREGgW6t5K0JyQ2B{l*Z=`65*vfw}{fYSx6#;V*WHp
z%LY-Y5K&?a3E>M1X(v;dnKZd7vn^)w%vUnF(Adq*Lw#SIe$}YghBr2zLlypIdPS}Z
znBj$)o)*D@>8c1Hm##JZ=Ir^GU@4q#Qsxl6K2oK>sVby3Nb*&0RLpkHRC#}zGO0}D
z5~~%98ICQdXSr#zSd&WHqU{Tc=$3DDj>#_<FSHZ~PN6Vg{`891k832C*Q+Bl`Z>2k
zs+ODG^+@TD^aCqt?TY)}b&@r+Vd^g(6LRO%Y&{cwj(3t5?8d}LpEQ)E;hz4?O&;TL
zo=vkB7A4Ro8S3sg4`(44hID0CO2P6mgabr9u0YsCW;%I#g`pvWbv%obO5<?1S3hsk
z=Wq=#({1cn#a5=oD!;^(*Q`;>gK2*?vx5_v%KX~wH?XW!#1MgbvDBK)U|wyvm>G{L
zS#1Xy;j}nhrUK|ij_^VSPOf0LVbs&Rs*cJ~ua*k8W{|jmo&7u2G%3X=+bd=#;)5nk
zUJOxVZ00N1KfHv(W*A)0W@u_b55w$-fP#g3{v8D}L$EPr(?E=msSke6yjdOEr5#j2
zA&Z=mA);l52F|}-&ZsVH!_!6u3Vwt>!6~6f$Q?u(f*Vb|*UE*Z-efyS890EQAfh^V
zPq}bgxgS|+bLSRFWe()-D5S|QB|WR%&m>c9NWaEB=@E`zeG?%vx$p`8g`j~-P|>6u
z^xD*moB1Na>xqB~46CJA3M7BkgO^!5+{=36mApsSc+YG1oVvgAoXTe*tp2AoMlWj>
zO?hp*IAwzIkRmZ?dT$BM!IYzhKZwhs%G|v7=HoM1oDqm`GEB#S+Dw{F!V`h7OY^r=
zURlw(v9prlNozmX8Hw+*_^>%^dO{cpazEUy**qtJw-?&^^_H?HmN|wx7JkUkPzF8m
znF<bc)F!mWW|}WaNO9Ver2eFXTHZ1l*e#yDXBz>`n61qVTbbYDjLo~622fBN#{tj4
zfVca|6QU<(=|Qx=$8M&+gR$~NdiZk}R#M>);nT^P7}akFwez*>j)D>=jIcr&$Y13?
z&RrYL5RN8G%2eUhfQqA4eto&bKF5)g;8XhIrfPmpDd>fGWYJPI7bq?>w9yEzZkuti
zWbDtuxN?}d0kg?VZvfBHDGTBPg+SyFK#zat*NOMOU3)bd{VI9ejnk92{tH*~o#Ewx
zC)65VvLj^hQg!sM5P?~L)io}wo$Hy-H#A%j6yWHV3}w^S6kkgJs+XpQ(tIfUMRL1+
zv*d}JmbV!$SAXc<a$I7wMXrLgnw$59a6+UIkL;X~gp_M~b!LC<U3&6d>*z6Kk%5uh
zzRD!%o<V)|&!-&0-AlLZ+^KtCEZP@se-qM<Qo?Vak>R}LN}?0mUGM$*`Iv`q4L?Fm
zs!XIvUkw@|r1<R-oh<4Bracbo({hdVLssfez*jtI1Z5NSEwM_KerIq?zkWMX5<4BA
zm{_$$H$Hq#bP3p9&qinOfxx$(l1CRn$Pd%@;z~OVGUbN=K7nA?@7Wr;rGMlZdHGKD
z*vg*^bbipd(>jYnQ%B^fOt1>1H^YwQR?YxzQ(4qnsPY}Vm<6-d&!0SB=E{dA78=j#
zz`Tt=_X_+DJ#61{`s}!kybLpr?-B8UQ^)7twQoKJi($_P2EXg^*1dO0yUbEKx=`jt
zp6>nZRw!5pWjwhM{-#e|Uaao1`dvlV9f@h7^N;x?hT3d{ORb&L4~ve%?2Ddr_gMDF
zCF*JN(L4=g2qtS#<X!SiiRnQ^k!`UN#%A0f^RH>Z<5#{(14jsZ%Rf{Y5K^g=j6{!3
zG?&rQd?=*-^896H4K&Gut+!|qK7{Y{C?=#44*QDnAVKKI5LnEoo8&LTKWtfM+z<K6
zsFCpKdxQG0L)Z=%$r3-T>%~`a*F$7zkc_7f0iE14b5QoCIIF454&9w~x_SIIzhSrC
z9IW#jaYp9Yf@~WBzdAg!UISET0=)#6x(eJ7nFt?Bn@{Yd+i#`;J7|U(S3O~HZ|-;z
zmQQH6D`GYLtRCOraV|8UwsRZY-;o-c;2tw#-H6hR=jcqY*w!KTN*}Jyb4tK@R}?$W
zg@HNveOD?$rX9D!e2Uh@Vq=GdGexfN?}t6*+~|JG#<}HW!StX2V}}eW@+Gd!>*#g|
z>&EopY7Tdw>`=hGTWBbNl=Isp$<f)Ni67wi8-e~Bz6A*cjpRZbY5#gqu?#bGh9hKl
zW7;-;Q%`RY7A03)!k*`;mR7esHe)%*i(5j$)eXHwyDg8;4Gem$+cN1#WgS@w^NA(<
zCsHufha-!eQOWAsB)DW$kD1^_KB=@<W#h2~f_iOV4<Bsm@|0I-OJl{et$pZ_G;Xcr
z^&+48cxPZS{5?QJF%iDU<;Cqqe?=lQ>?nGAamD$;@^C5b^=Jwhx0(1AthE2vWOZg?
ziOHjQXtRWO_#W2<_R!fhMsx5TNUhN;30E{vCe)2){AYaGWBE`7GDj%3>lm|NPv4!_
znSKCZpOfpKdL?4@a4Oe`4{Z5OmebyJ<SEpD!rNh4iIHNl-zJm7$&HESF3Yq>!8vv_
zrm;}S9IW1Ja}U2UWweVZoQK|fi}wb;T_HdsnS4&+dM6p}#*meB7}E6D;#{!l4?2?_
z&r9K+4pn-54V`z6$JN5OAuBaiy%0M6eI2t;5u|MBNv|!g@X;1}6VG(_JG1~k%TuTJ
z=q&MMl4mlvw^3!Jf!HjspxNGvIVIQM;GRnJHb=_U(GGTLtRW0)3kOQy-CePA=E+)M
zn>bc@zHi!cNQscbP}ji+Oexo#r76dKfFvUZtT4)6jmec{LX?WynKfD5GJm2xy;86$
zio}EJl^^H!_Dt+*8^Jd^<I9?}9>2%j!B1n0i-N$|hie@X&vKC@=CSIDpB;M?M{;L|
zq;E^iz&aDz8V0!Ql&&ThsY6ZB+2ecLJ9d0>{9H+UI{;M?a$^brFy3T~N%_Z*HRV;{
zx;z}d$x4iS_Xk>MQ2z3V%VjQ0eq$r64m7LizQ!blmNRQJY0?ITPvc%pOn;AOrM#;N
z_gfyQHLNrh&w+cHXVk62F2Pj_gS^dT(8bZ=*06i}BIB$92*R-RyN;X<#~})Q7oK*P
zpN6dkOM{irF~hpBt{P_?Yr$)*b!iXhUV+$r;u`KgDZna^H20+_FvR8B#P96|T_qR$
zX-_^FM6)->t^Hk(WFVfRuA^T@ZBjD+<W<_9+kKWQcaaU-EYgE%(Aa~fcXm{9)(a~h
zw?t4N(VIhZi9sU#PwQ||Jqw~iSI@<-jKI+L6eIYgTGbWn9ELoR@^Ca~cxDV+^zsIK
zTeyA`0;86pDK_bVCNs+u)mytsu6ChPvHsN!$D?}F_P7%u9X>`K0||(fMo1Sc;!)oQ
z+xLQCCY*7(iyh$;LkU@fm%aCVtc_7#PQ=F_@d!QIEg(ft;yVk`jW>N<hetsv_HRu>
z<4!PyVZ{7?iXJhoNOWx8PoJ{Ej&(vWHN`W^Z!FAOb8*U;Z)j{~w-NM^YPPK3u@v1+
zA)0AXpV=v7tUyF2Y(NH?qh>wOAkihBN?I^S4w8#O_#;>MJ<PxrI?xu>eYzkg*yR>#
z4DASXPbDV#^2zL=D!-tM-_x&#Y}D;zsFDtresbfsmPC0gBuqFIWxnh~044ywxsR3^
z<teHa9DD|in#f-iN%RvZ1^K%0xU(cVUaXfzDj4T^4lK?0W8%vk^Z9)7U7!`~U3TSZ
zHHiR(3oxkdBYO*X(PfIDu5h$UnDNJlppkI(m8P;o4=<jZ=SnCu)Q_||!bu!?oFg0;
zTO?m4h)XeYq-2=1q9Z!>L|us#M&TKD7si6?A7qK+eN4>hUCF1cv&yxRgrOpT52FRP
zi;g9t2lQEbnPp3m#GbB9LPjO*l%uod^Lr&TtjkS|tOEFsfN0rEC&UfkWN?b+R(XXk
z>y+0PXO?&7`bJ#!+(oig;UZ7a$2ed6t2SF1VbHicnan)?rs8Xhw)N194BNv*;d1pm
z%QBNO3S{WPnrVVQ>NTf$!8PJ9QkfX<r74*zp#qJSH<Qo%MbK+Hl65hlm0F<|?EYOf
zIrFQ98^jx?$4hLf#=Bij?k#?%g3CYCR>6E5?wR#oU&3_iji6BprdRAmJ}XhqeLNb-
zXZ+BTnoZZcD=0SCwC^MPBZ$WN@Wxrgsx5WCqw+DEoYC7SZOLsAtBb<1q+mNsMb5c3
zXhxXFaREG*cAc`e;r^?S#uM$}P`dR*g`{Y#mVecnC1X1@UwCbemE#kn;Fy+O9nP(w
z7YG}aH*M%R2NJX^tgUUje5}|diGt{m7+UN2jAa)|@fvo7&!ty9%l)(+Rpl(kB-gd?
z_*Ib&NxoocyRc&!wi}_N*+GOi*!6T{XXl<-TD4=f=FRP9jM(lUw|>mRYVnpob#s}y
zU8N|#)~hQtv#xVZ{-{FQQWcC}1aCzKC4@)^NR`hPVO8RPcH-O3OwBgBU3~+V2)Hle
zvurEgzvVziIazP!j6+=>onDkx_KC)p)sQZ5Vd}@#;FUX>b?&nZe604>z3c$!qb)pE
z@#e#m>DCuC8`>mBZkS}h%3+GgS)Pq6nC-xtWeXdy;I0M7<(FktFD2!{>FJ6V`93)c
zhOE8dZhnePB&<)jE-xc=ObNsF@-79-snR1?Z_jNJ1FS)Md)hLY?)0K=4_ubs*FQ4s
z;2A~?Igepp00=x)2pXScGANSFc5N?5SFFT64~lE*(5Oo?9)RZXZ-xH!%-E-o_4G05
zxEwtsed1@h1>fY@MKDe=rGjnjE6JmUTd*Yo2V+i})<xshp=<A-kM+lwX=u?yodh44
z)aKAO!MGJ|d%j?H$6m$@YTQjtyAZDNmGEBEHd$Pt{Ao{?<~(GV>$>n7dNzv8RR&_s
z*&mu<jOc24_nNb}jG<;PQZ3Q+34e}*o1UVNAlC}|{!8kY9oS&-;GlEfoepsPD7#<e
za^JFXrbl?JX~t8Nh-l!&)b3JEDKXs&Gj(pE^AuA{BYl5Q){S?kbZ4O#s?tRM2Q_}(
z`=o=MW*r|#wJOiLvZNozKcm(VY$<@py^<Lrs_j3TL{3hdD%7_~D;rxbO6MIA(DV77
zMXy8jUy#!T(3>^a9Zqgg_>8INEW#}F=2=1JGC2`N^+O@FqNO;)E5d6v2A|Wa?a`i)
z2VtgR`0gM{Z=7iTbq+9V3WvTPeI4iF4^rtqEqW#tdHf>bRkNfS<KhMLT=lW{^*2}`
z9NPI{fm-|{oG@2!33N!RiZQ2XpptFm*^P`Nwum`Cy(LdJNKc*+_Y8c)+f3mk+vZ_%
zSTxjhe0i>PV0!Pt>HN2{pKG_U`RY6$=Em5|KqZm^86T-12sc)AldIQ(ruTWe9Zkw{
zX+@sb8|^^2$)3Zh;J6Mo{Z#{ioVKW-f~$zJPL<<3eh+~(=@@?{{gefo>~0R$^cKr@
z<*9fIJ>GSHlBR{yWFQx98;R$Eyvyt7oI@YA=6YHf1aEdM`N={x*_=Mkt#|-s7o4%#
z^Ik&9D`%Utm}f_Vw$bIOa3P@=!<|b7lX9etgIX1ZSUt*X1p_m`eX1VRD*j7DMLuqv
z!&#O?Ft06<L*Wc@x(hnDR6}L^iAJncjB_wXCsfvSz_pADQz1LoXG8i#6>rnP9G_~$
zp)SI`?#)x!kRn7En|bUB^^nju6A1r-ZZ|PbFfKPdbg~0yemR;nj(m$vV(C+DA-n|^
zne~2pvqua)d(oGQ@_O&bVXGwl)_`UonoEb0Irj~-Rd<RmKiOMWKwXPgd{n>}X7yuD
z>}JbX;m3ww)pzp7)n-J!(06XcnPIu>=Y6`)1l*tRNI2>_R>H`|bw}BsEgQD0x?!JZ
z)bR0Zr{1k{6Z>JIw%fmN70UVz_sA%G+MmlHdeW3wX5DIbDZrLDM&odM3SicVA+piL
zBGocmFjb$zYvas3iBwJL+m0oTQTM;QJx;25NJ;)lHJrV?M#Zp4eRyXqygh5>0*mf-
z{ZDUk`>@2v&O4c{kh!Hat%fn3l7m6LXN~{rLO(D{XLvll$NA*p|9<y7Q>_a;!>Zwp
z0?R4>^ZjTzNsr9QQ8Alx9z4ouNS&d)S}uSe_gdMSq^$F@4B#x@U;|u1b^C}E>wkou
zKSsPe>^~xErH;;PN&c5aRJ>0O=%IDUtHQs<=YN%|J$^tVx^sM%^Ui-uN8W(^w1>e4
z#{G7v{6~EP{Esnb^tSglDP_0*Ijip5A3Ua8my7|bQY3gt`t8`OXTx}2fcIt`TXBr<
z77Xcyue-VfVB=>1y{RqJ(J#`j)G5ldWMyxGmd4J0;QXf{*<X0-zKipKTw?byp4X&$
z6d;Zscpr{qG1j$f7wXsDib|7Dju!T!5Vb8n2Te?leB!4#lmRftzC2GM_ir=6vZVyq
z9<kpNm8EgskV8}8RT1A~*deaS7s8`oSmseX!zkkPOV)di$LwdnVmK2ZgV3DHFlU4B
z{oBfO8*&wX_--20Bs;!M=Ga+cr~4tK!T-WuX)^IjL)ldpN#<f3z=pne#X~LN-^X*6
zq&0*IN^b`H4&SfAmK#Is%31Cw-UlRuOpVwVU}?N%3`X=tGnse8Wz**~t-<O~Dh}(c
zx~|7d!@b&Pma>v7)+cMmpC~h0g|mY$wQ;?*Nrn&Kf$u&+3pH4L5o7=SZqoOJxOb|V
z#0Xfd&W3|2uv|Vnh++Fl=QhTagtrvp?V5jBeoNOfr+UZ9YOP_`5Xl!(Uc1FJAu`f~
zIrbxkSGN|rV=Z3ryRVM^@&#lkgOg+8S_U6H2M1^=EW8|4i=4o8_T{ds^uLeemnXFW
zKzO!K0aBY|yDEAQkU+|d;HV_;^{PPro58OEqSF3U=O_S(`m5$Bj<~&jKT6n-B+vQS
zd1i^-K7}T)tcN|1Sl^-IMSC?Rx0;z#3+wibyzyOTnBt4-b3UsUOr>D>vQFmAY?<Z?
z0I`B6U(W<rxUCG&GQR7RIi8UjLmsan=Y7O00XBclWWy^uqasUI;9x7n*P-o>x5M_O
zD}~j|+`nZw<UtFcLq`}JOFlSRy25Ener2-8<4*K>vRAZ#s;wM)kLh1kwK$xlENUqp
zdz7gf)2^C8J85rrXoR-?`0j&}nUK-Wpbq#a1TkrSOMpNaLEcgF!{B>7u7?ZX#(Hnm
z;f0V5Z%Koed=-Ky%2$ez80+37Mx{i|W}xWk=bH~3v$fS~?a-Oe>%j7BVd}i(sjE@O
zj^F3HqQ`Ay4u5JDl7vmnqv92A`T~q<f$KsKd)J#=7Y+gB2?ais`yL{EFSE*@%6#%i
zP~XGxJwR`jxSe&a0=F^}bPytQT$$*#oU;dzc4N&SXcQ85f$*#Uu1PadJa$xdmL-as
zv0ftKjhW>itJH4^+0R7d2jKQQk}I6Qo8dm;+&1T{eB1dkDl0O8KfrgICfPRo0~ncC
z#ZNXR9fzixSGxPsk@@bsL=TLoXUygNUkiHME;95A4NyR05~i1^LQ+WY#P+`9kMuoU
zLj>_N1#}W88qH7_G?J9en}R4Qr=)}V_dQr>k6`I}?mH;ag=5}|m#6fA!su5Pg_pef
zFQrp;bxd^Ut)flzTvH<2_T8QdC$ryZoRC#oKWP=M7dYTT0WW7hZfpa6+5W}5w?7K+
zYB9;+c>Ysw;dc)$wkNl}6+66~E>oav1jtvWw!KMG44EYb2H)?--1K;2ZfD7^I7~>4
zu3NR5DvMFR#OGt*IhkjQ<38MuM&8cfq-(<LW{S>b6>LALGFpg87^X7uTFRKxUHKS>
z#(-S}KlyxNK&WW4%9$NB(yz9&hFnRL6LfH%i_{N%!d+lU0H_C>mmV&+BE0||lt~j>
zITgrHh-};~5IPlZ8*PVJf^NSEV)A({5Mx31it}vdtQ)7M;Q!3T5Sp*%q#u%JPi0+d
zM!{^Sg+z})H*urnv?X_=__QStg1V-^{aBgZ6xgmzPeoJd)|ktwT($EYlo&7OYTa(J
zJ=-y#rsipo2P=!p`N^h06GzRNg;R@D;)rh6ebgbXDX}J`W7q+R@xr%X`f`JQ+PhDO
zC5-VjL??V{xk&0aDF-+fBsg_0{u?#g$r4;TxrSdBgn~IPUA%TGaa>e?WrU7Uim-em
z$0{U4TmnP3rduRXz%x9`fCIDXcR+IC%ZI;&Dv{oK{Y&Ht`u*4C2U($l1s-AHbaiWD
z1r1?3-k7}#MEOk<J>o~rG_^<ntZ9jJ`6u+9PU%7r(77c*WUuYmY%uYdq<hgth%Y)3
zh&>Y>eshyX^AU?dhy<YHH<6)Fsb;F-;Wpo+Hs4WY>FrQSHNmUvD>?plF0u2xu7VHh
zS$TuS%Q=FTaw`z3Mcr}qjO@*ygdSmrNZePKu|wr7zW+`ITIT1B;%8b}{GY4cs0UI;
zAmNqzP`{J7F$(Aigg{~#AVy=~Wfx=)WJs2Ago(69hPM;?Lwqd97`UpYb*n12Rkw`c
zU7aQ+Mp;~e)NYDdT;75_>w$Mx0c2GU_zYOyOBt>n4n)`MevV_Zmx>&=n_@2JAb-AV
z4j#yI_@C=wcA9h>`I)Nt$scTlh){|vyVzcU5q{4GIpB7ka%qtY@mHQw(Am_kG@i1j
zQvVqBS$OeL3wrCzqhLb%RjYD+?NanB*)`S-c>KM0VL48acZY!WK}ea>oB!$!e&(3V
z^z?uo7MKaqNq50j|IG2aVQ-Yo?mZvCPI_P=)Fg4dS)ue|!9r{+9*%($2VC`gf@+#+
zN*}{TQX*e-yK+$m*zb&`9<D)s?N5WcYf;5^2W#YQ7!a8$Sbitmb2YReB?jsJs@?z{
z(1ipcyRbT30kr%y!47^s`K%HYE6Aou*~%IgDH&W@x2VY1+4ShmkM&dhG6_o9{--}=
z3!RPa8#Xi6yvPLe&7_*!?&3oLJ4gWgR09<dAOpEin1k<kj3p|W!({HFjW|AJ>kZEc
z#ielp3`VG!<A?NcO>r)VOFU;e{4#^BMI9$@h%`g;93cUAG)A$Pkqb%QtBf13gX|_F
zmeXA3%C4)Wf#a$<d?A&2T!Df&Qm%U9vih?u<-l7lo%?Pt^9&l9i`B{b8_U$U!o>a^
zEAL4t9(}`EL?6Lv48oTj4L_l2C4=klal9p?zD}(qnCaB@05QtwF>$SDj?Xzo(lTW|
z#P`TTC8|>mORYd{QcvzcHlh;wIDAi``j`LZ)$eV0N<HdUOjzz0e9(@Y)s|j*hV9^k
zcL51Jg$XOD&U>F?n&$)CO*T}?%$YMZCaRC+bRGMW)NB&nqEatrRj3}=Rhv`$sow91
z`=*4k43w(U)%)(q^%+<}#(gfajCH-RGXeI$Oi1E^Z%9J-GzX+Lf*9Rnf^UntWC;%6
z%DMT_I%fE`9jl??<T%}_U+40iN<?{9eaV$<J5TBWQYM%aRcKAB=`6V)BVcVBd-9_B
zzim+53g2*}PF8VXh5vQ3)At%dBg-FI%0lvAm^1qk5Sv^0&cp%e@HdwI1FQZX`}aBg
z?GJy)1=ZjA;m^GI_c{E14*!6*(>VFJKm6?vfBVB<Joy(_|C>(y%^CjY41aTmzd6HS
zZ1kV?WdGkW;;$2gS<vG%XU>o{6A<iY$$f6MP@F$|&iQN*m-HDNITf?)n=@yD?Z2oF
z&QYKdq5t!lnTp;iX8OEV@}HkikMraE#Sdp7|9$wM|NDQ~%z4&im9YzjvL3*-pHWrR
Ld|W91-2eXow;T(O

literal 0
HcmV?d00001

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts
new file mode 100644
index 000000000..29b05f6c6
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts
@@ -0,0 +1,175 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import * as defaults from "@aws-solutions-constructs/core";
+import * as elb from "@aws-cdk/aws-elasticloadbalancingv2";
+import * as s3 from "@aws-cdk/aws-s3";
+import * as r53 from "@aws-cdk/aws-route53";
+import * as r53t from '@aws-cdk/aws-route53-targets';
+// Note: To ensure CDKv2 compatibility, keep the import statement for Construct separate
+import { Construct } from '@aws-cdk/core';
+import * as ec2 from '@aws-cdk/aws-ec2';
+
+export interface Route53ToAlbProps {
+  /**
+   * Custom properties for a new Private Hosted Zone. Cannot be specified for a
+   * public API. Cannot specify a VPC
+   *
+   * @default - None
+   */
+  readonly privateHostedZoneProps?: r53.PrivateHostedZoneProps | any,
+  /**
+   * Existing Public or Private Hosted Zone. If a Private Hosted Zone, must
+   * exist in the same VPC specified in existingVpc
+   *
+   * @default - None
+   */
+  readonly existingHostedZoneInterface?: r53.IHostedZone,
+  /**
+   * Custom properties for a new ALB. Providing both this and existingLoadBalancerObj
+   * is an error. These properties cannot include a VPC.
+   *
+   * @default - None
+   */
+  readonly loadBalancerProps?: elb.ApplicationLoadBalancerProps | any,
+  /**
+   * An existing Application Load Balancer. Providing both this and loadBalancerProps
+   * is an error. This ALB must exist in the same VPC specified in existingVPC
+   *
+   * @default - None
+   */
+  readonly existingLoadBalancerObj?: elb.ApplicationLoadBalancer,
+  /**
+   * Whether to turn on Access Logs for the Application Load Balancer. Uses an S3 bucket
+   * with associated storage costs. Enabling Access Logging is a best practice.
+   *
+   * @default - true
+   */
+  readonly logAccessLogs?: boolean,
+  /**
+   * Optional properties to customize the bucket used to store the ALB Access
+   * Logs. Supplying this and setting logAccessLogs to false is an error.
+   *
+   * @default - none
+   */
+  readonly loggingBucketProps?: s3.BucketProps,
+  /**
+   * Custom properties for a new VPC. Providing both this and existingVpc is
+   * an error. If an existingAlb or existing Private Hosted Zone is provided, those
+   * already exist in a VPC so this value cannot be provided.
+   *
+   * @default - None
+   */
+  readonly vpcProps?: ec2.VpcProps,
+  /**
+   * An existing VPC. Providing both this and vpcProps is an error. If an existingAlb or existing
+   * Private Hosted Zone is provided, this value must be the VPC associated with those resources.
+   *
+   * @default - None
+   */
+  readonly existingVpc?: ec2.IVpc,
+  /**
+   * Whether to create a public or private API. This value has implications
+   * for the VPC, the type of Hosted Zone and the Application Load Balancer
+   *
+   * @default - None
+   */
+  readonly publicApi: boolean
+}
+
+/**
+ * @summary Configures a Route53 Hosted Zone to route to an Application Load Balancer
+ */
+export class Route53ToAlb extends Construct {
+  public readonly hostedZone: r53.IHostedZone;
+  public readonly vpc: ec2.IVpc;
+  public readonly loadBalancer: elb.ApplicationLoadBalancer;
+
+  /**
+   * @summary Constructs a new instance of the LambdaToStepfunctionsProps class.
+   * @param {cdk.App} scope - represents the scope for all the resources.
+   * @param {string} id - this is a a scope-unique id.
+   * @param {Route53ToAlbProps} props - user provided props for the construct.
+   * @access public
+   */
+  constructor(scope: Construct, id: string, props: Route53ToAlbProps) {
+    super(scope, id);
+    defaults.CheckProps(props);
+
+    if ((props?.logAccessLogs === false) && (props.loggingBucketProps)) {
+      throw new Error('If logAccessLogs is false, supplying loggingBucketProps is invalid.');
+    }
+
+    if (props?.loadBalancerProps?.vpc) {
+      throw new Error('Specify any existing VPC at the construct level, not within loadBalancerProps.');
+    }
+
+    if (props.existingLoadBalancerObj && !props.existingVpc) {
+      throw new Error('An existing ALB already exists in a VPC, so that VPC must be passed to the construct in props.existingVpc');
+    }
+
+    if (props.existingHostedZoneInterface && !props.publicApi && !props.existingVpc) {
+      throw new Error('An existing Private Hosted Zone already exists in a VPC, so that VPC must be passed to the construct in props.existingVpc');
+    }
+
+    if (props.existingVpc) {
+      this.vpc = props.existingVpc;
+    } else {
+      this.vpc = defaults.buildVpc(scope, {
+        defaultVpcProps: props.publicApi ?
+          defaults.DefaultPublicPrivateVpcProps() :
+          // If this is an internal app, we're going to turn on DNS
+          // by default to allow gateway and interface service endpoints
+          defaults.overrideProps(defaults.DefaultIsolatedVpcProps(), { enableDnsHostnames: true, enableDnsSupport: true, }),
+        userVpcProps: props.vpcProps,
+      });
+    }
+
+    if (props.existingHostedZoneInterface) {
+      this.hostedZone = props.existingHostedZoneInterface;
+    } else {
+      if (props.publicApi) {
+        throw new Error('Public APIs require an existingHostedZone be passed in the Props object.');
+      } else {
+        if (!props.privateHostedZoneProps) {
+          throw new Error('Must supply privateHostedZoneProps to create a private API');
+        }
+        if (props.privateHostedZoneProps.vpc) {
+          throw new Error('All VPC specs must be provided at the Construct level in Route53ToAlbProps');
+        }
+        const manufacturedProps: r53.PrivateHostedZoneProps = defaults.overrideProps(props.privateHostedZoneProps, { vpc: this.vpc });
+        this.hostedZone = new r53.PrivateHostedZone(this, `${id}-zone`, manufacturedProps);
+      }
+    }
+
+    this.loadBalancer = defaults.ObtainAlb(
+      this,
+      id,
+      this.vpc,
+      props.publicApi,
+      props.existingLoadBalancerObj,
+      props.loadBalancerProps,
+      props.logAccessLogs,
+      props.loggingBucketProps
+    );
+
+    // Add the ALB to the HostedZone as a target
+    const hostedZoneTarget = new r53t.LoadBalancerTarget(this.loadBalancer);
+
+    new r53.ARecord(this, `${id}-alias`, {
+      target: { aliasTarget: hostedZoneTarget },
+      zone: this.hostedZone
+    });
+  }
+}
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/package.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/package.json
new file mode 100644
index 000000000..43f2be976
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/package.json
@@ -0,0 +1,109 @@
+{
+  "name": "@aws-solutions-constructs/aws-route53-alb",
+  "version": "0.0.0",
+  "description": "CDK constructs for defining an interaction between an Amazon Route53 domain and an Application Load Balancer.",
+  "main": "lib/index.js",
+  "types": "lib/index.d.ts",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/awslabs/aws-solutions-constructs.git",
+    "directory": "source/patterns/@aws-solutions-constructs/aws-route53-alb"
+  },
+  "author": {
+    "name": "Amazon Web Services",
+    "url": "https://aws.amazon.com",
+    "organization": true
+  },
+  "license": "Apache-2.0",
+  "scripts": {
+    "build": "tsc -b .",
+    "lint": "eslint -c ../eslintrc.yml --ext=.js,.ts . && tslint --project .",
+    "lint-fix": "eslint -c ../eslintrc.yml --ext=.js,.ts --fix .",
+    "test": "jest --coverage",
+    "clean": "tsc -b --clean",
+    "watch": "tsc -b -w",
+    "integ": "cdk-integ",
+    "integ-assert": "cdk-integ-assert",
+    "integ-no-clean": "cdk-integ --no-clean",
+    "jsii": "jsii",
+    "jsii-pacmak": "jsii-pacmak",
+    "build+lint+test": "npm run jsii && npm run lint && npm test && npm run integ-assert",
+    "snapshot-update": "npm run jsii && npm test -- -u && npm run integ-assert"
+  },
+  "jsii": {
+    "outdir": "dist",
+    "targets": {
+      "java": {
+        "package": "software.amazon.awsconstructs.services.route53alb",
+        "maven": {
+          "groupId": "software.amazon.awsconstructs",
+          "artifactId": "route53alb"
+        }
+      },
+      "dotnet": {
+        "namespace": "Amazon.Constructs.AWS.Route53Alb",
+        "packageId": "Amazon.Constructs.AWS.Route53Alb",
+        "signAssembly": true,
+        "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png"
+      },
+      "python": {
+        "distName": "aws-solutions-constructs.aws_route53_alb",
+        "module": "aws_solutions_constructs.aws_route53_alb"
+      }
+    }
+  },
+  "dependencies": {
+    "@aws-cdk/aws-ec2": "0.0.0",
+    "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0",
+    "@aws-cdk/aws-route53": "0.0.0",
+    "@aws-cdk/aws-route53-targets": "0.0.0",
+    "@aws-cdk/aws-s3": "0.0.0",
+    "@aws-cdk/core": "0.0.0",
+    "@aws-solutions-constructs/core": "0.0.0",
+    "constructs": "^3.2.0"
+  },
+  "devDependencies": {
+    "@aws-cdk/assert": "0.0.0",
+    "@types/jest": "^26.0.22",
+    "@aws-cdk/aws-ec2": "0.0.0",
+    "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0",
+    "@aws-cdk/aws-route53": "0.0.0",
+    "@aws-cdk/aws-route53-targets": "0.0.0",
+    "@aws-cdk/aws-s3": "0.0.0",
+    "@aws-cdk/core": "0.0.0",
+    "@aws-solutions-constructs/core": "0.0.0",
+    "constructs": "3.2.0",
+    "@types/node": "^10.3.0"
+  },
+  "jest": {
+    "moduleFileExtensions": [
+      "js"
+    ],
+    "coverageReporters": [
+      "text",
+      [
+        "lcov",
+        {
+          "projectRoot": "../../../../"
+        }
+      ]
+    ]
+  },
+  "peerDependencies": {
+    "@aws-cdk/aws-ec2": "0.0.0",
+    "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0",
+    "@aws-cdk/aws-route53": "0.0.0",
+    "@aws-cdk/aws-route53-targets": "0.0.0",
+    "@aws-cdk/core": "0.0.0",
+    "@aws-solutions-constructs/core": "0.0.0",
+    "constructs": "^3.2.0"
+  },
+  "keywords": [
+    "aws",
+    "cdk",
+    "awscdk",
+    "AWS Solutions Constructs",
+    "Amazon Route53",
+    "Application Load Balancing"
+  ]
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
new file mode 100644
index 000000000..87aea31e4
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
@@ -0,0 +1,551 @@
+{
+  "Description": "Integration Test for aws-route53-alb",
+  "Resources": {
+    "testroute53albtestroute53albzone04BEDFE6": {
+      "Type": "AWS::Route53::HostedZone",
+      "Properties": {
+        "Name": "www.example.com.",
+        "VPCs": [
+          {
+            "VPCId": {
+              "Ref": "Vpc8378EB38"
+            },
+            "VPCRegion": "us-east-1"
+          }
+        ]
+      }
+    },
+    "testroute53albtestroute53albalb7C171F50": {
+      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
+      "Properties": {
+        "LoadBalancerAttributes": [
+          {
+            "Key": "deletion_protection.enabled",
+            "Value": "false"
+          },
+          {
+            "Key": "access_logs.s3.enabled",
+            "Value": "true"
+          },
+          {
+            "Key": "access_logs.s3.bucket",
+            "Value": {
+              "Ref": "testroute53albAC463A50"
+            }
+          },
+          {
+            "Key": "access_logs.s3.prefix",
+            "Value": ""
+          }
+        ],
+        "Scheme": "internal",
+        "SecurityGroups": [
+          {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "GroupId"
+            ]
+          }
+        ],
+        "Subnets": [
+          {
+            "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
+          },
+          {
+            "Ref": "VpcisolatedSubnet2Subnet39217055"
+          },
+          {
+            "Ref": "VpcisolatedSubnet3Subnet44F2537D"
+          }
+        ],
+        "Type": "application"
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50"
+      ]
+    },
+    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApitestroute53albtestroute53albalb1145D1AD",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50"
+      ]
+    },
+    "testroute53albAC463A50": {
+      "Type": "AWS::S3::Bucket",
+      "Properties": {
+        "BucketEncryption": {
+          "ServerSideEncryptionConfiguration": [
+            {
+              "ServerSideEncryptionByDefault": {
+                "SSEAlgorithm": "AES256"
+              }
+            }
+          ]
+        },
+        "PublicAccessBlockConfiguration": {
+          "BlockPublicAcls": true,
+          "BlockPublicPolicy": true,
+          "IgnorePublicAcls": true,
+          "RestrictPublicBuckets": true
+        },
+        "VersioningConfiguration": {
+          "Status": "Enabled"
+        }
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W35",
+              "reason": "This is a log bucket for an Application Load Balancer"
+            }
+          ]
+        }
+      }
+    },
+    "testroute53albPolicy478FC0AF": {
+      "Type": "AWS::S3::BucketPolicy",
+      "Properties": {
+        "Bucket": {
+          "Ref": "testroute53albAC463A50"
+        },
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "*",
+              "Condition": {
+                "Bool": {
+                  "aws:SecureTransport": "false"
+                }
+              },
+              "Effect": "Deny",
+              "Principal": {
+                "AWS": "*"
+              },
+              "Resource": [
+                {
+                  "Fn::Join": [
+                    "",
+                    [
+                      {
+                        "Fn::GetAtt": [
+                          "testroute53albAC463A50",
+                          "Arn"
+                        ]
+                      },
+                      "/*"
+                    ]
+                  ]
+                },
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albAC463A50",
+                    "Arn"
+                  ]
+                }
+              ],
+              "Sid": "HttpsOnly"
+            },
+            {
+              "Action": [
+                "s3:PutObject",
+                "s3:Abort*"
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "AWS": {
+                  "Fn::Join": [
+                    "",
+                    [
+                      "arn:",
+                      {
+                        "Ref": "AWS::Partition"
+                      },
+                      ":iam::127311923021:root"
+                    ]
+                  ]
+                }
+              },
+              "Resource": {
+                "Fn::Join": [
+                  "",
+                  [
+                    {
+                      "Fn::GetAtt": [
+                        "testroute53albAC463A50",
+                        "Arn"
+                      ]
+                    },
+                    "/AWSLogs/",
+                    {
+                      "Ref": "AWS::AccountId"
+                    },
+                    "/*"
+                  ]
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        }
+      }
+    },
+    "testroute53albtestroute53albaliasCCC6DDF3": {
+      "Type": "AWS::Route53::RecordSet",
+      "Properties": {
+        "Name": "www.example.com.",
+        "Type": "A",
+        "AliasTarget": {
+          "DNSName": {
+            "Fn::Join": [
+              "",
+              [
+                "dualstack.",
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albtestroute53albalb7C171F50",
+                    "DNSName"
+                  ]
+                }
+              ]
+            ]
+          },
+          "HostedZoneId": {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalb7C171F50",
+              "CanonicalHostedZoneID"
+            ]
+          }
+        },
+        "HostedZoneId": {
+          "Ref": "testroute53albtestroute53albzone04BEDFE6"
+        }
+      }
+    },
+    "Vpc8378EB38": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "10.0.0.0/16",
+        "EnableDnsHostnames": true,
+        "EnableDnsSupport": true,
+        "InstanceTenancy": "default",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet1SubnetE62B1B9B": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "10.0.0.0/18",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "isolated"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Isolated"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc/isolatedSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet1RouteTableE442650B": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc/isolatedSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet1RouteTableAssociationD259E31A": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcisolatedSubnet1RouteTableE442650B"
+        },
+        "SubnetId": {
+          "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
+        }
+      }
+    },
+    "VpcisolatedSubnet2Subnet39217055": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "10.0.64.0/18",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "isolated"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Isolated"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc/isolatedSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet2RouteTable334F9764": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc/isolatedSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet2RouteTableAssociation25A4716F": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcisolatedSubnet2RouteTable334F9764"
+        },
+        "SubnetId": {
+          "Ref": "VpcisolatedSubnet2Subnet39217055"
+        }
+      }
+    },
+    "VpcisolatedSubnet3Subnet44F2537D": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "10.0.128.0/18",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "isolated"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Isolated"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc/isolatedSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet3RouteTableA2F6BBC0": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc/isolatedSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet3RouteTableAssociationDC010BEB": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
+        },
+        "SubnetId": {
+          "Ref": "VpcisolatedSubnet3Subnet44F2537D"
+        }
+      }
+    },
+    "VpcFlowLogIAMRole6A475D41": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sts:AssumeRole",
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "vpc-flow-logs.amazonaws.com"
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
+      "Type": "AWS::IAM::Policy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": [
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "logs:DescribeLogStreams"
+              ],
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogLogGroup7B5C56B9",
+                  "Arn"
+                ]
+              }
+            },
+            {
+              "Action": "iam:PassRole",
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogIAMRole6A475D41",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
+        "Roles": [
+          {
+            "Ref": "VpcFlowLogIAMRole6A475D41"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogLogGroup7B5C56B9": {
+      "Type": "AWS::Logs::LogGroup",
+      "Properties": {
+        "RetentionInDays": 731
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W84",
+              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
+            }
+          ]
+        }
+      }
+    },
+    "VpcFlowLog8FF33A73": {
+      "Type": "AWS::EC2::FlowLog",
+      "Properties": {
+        "ResourceId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "ResourceType": "VPC",
+        "TrafficType": "ALL",
+        "DeliverLogsPermissionArn": {
+          "Fn::GetAtt": [
+            "VpcFlowLogIAMRole6A475D41",
+            "Arn"
+          ]
+        },
+        "LogDestinationType": "cloud-watch-logs",
+        "LogGroupName": {
+          "Ref": "VpcFlowLogLogGroup7B5C56B9"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApi/Vpc"
+          }
+        ]
+      }
+    }
+  },
+  "Parameters": {
+    "BootstrapVersion": {
+      "Type": "AWS::SSM::Parameter::Value<String>",
+      "Default": "/cdk-bootstrap/hnb659fds/version",
+      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store."
+    }
+  },
+  "Rules": {
+    "CheckBootstrapVersion": {
+      "Assertions": [
+        {
+          "Assert": {
+            "Fn::Not": [
+              {
+                "Fn::Contains": [
+                  [
+                    "1",
+                    "2",
+                    "3",
+                    "4",
+                    "5"
+                  ],
+                  {
+                    "Ref": "BootstrapVersion"
+                  }
+                ]
+              }
+            ]
+          },
+          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
new file mode 100644
index 000000000..c3202b758
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
@@ -0,0 +1,37 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import { App, Stack, Aws } from "@aws-cdk/core";
+import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { generateIntegStackName } from '@aws-solutions-constructs/core';
+
+// Setup
+const app = new App();
+const stack = new Stack(app, generateIntegStackName(__filename), {
+  env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
+});
+stack.templateOptions.description = 'Integration Test for aws-route53-alb';
+
+// Definitions
+const props: Route53ToAlbProps = {
+  publicApi: false,
+  privateHostedZoneProps: {
+    zoneName: 'www.example.com'
+  }
+};
+
+new Route53ToAlb(stack, 'test-route53-alb', props);
+
+// Synth
+app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json
new file mode 100644
index 000000000..f8d9f5a95
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json
@@ -0,0 +1,930 @@
+{
+  "Description": "Integration Test for aws-route53-alb",
+  "Resources": {
+    "Vpc8378EB38": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "172.168.0.0/16",
+        "EnableDnsHostnames": true,
+        "EnableDnsSupport": true,
+        "InstanceTenancy": "default",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1Subnet5C2D37C4": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.0.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet1"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet1RouteTable6C95E38E": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1RouteTableAssociation97140677": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+        }
+      }
+    },
+    "VpcPublicSubnet1DefaultRoute3DA9E72A": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet1EIPD7E02669": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1NATGateway4D7517AA": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet1EIPD7E02669",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2Subnet691E08A3": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.32.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet2"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet2RouteTable94F7E489": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet2RouteTable94F7E489"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet2Subnet691E08A3"
+        }
+      }
+    },
+    "VpcPublicSubnet2DefaultRoute97F91067": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet2RouteTable94F7E489"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet2EIP3C605A87": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2NATGateway9182C01D": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet2Subnet691E08A3"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet2EIP3C605A87",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3SubnetBE12F0B6": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.64.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet3"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet3RouteTable93458DBB": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet3RouteTable93458DBB"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+        }
+      }
+    },
+    "VpcPublicSubnet3DefaultRoute4697774F": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet3RouteTable93458DBB"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet3EIP3A666A23": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3NATGateway7640CD1D": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet3EIP3A666A23",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1Subnet536B997A": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.96.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PrivateSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1RouteTableB2C5B500": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PrivateSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet1Subnet536B997A"
+        }
+      }
+    },
+    "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+        }
+      }
+    },
+    "VpcPrivateSubnet2Subnet3788AAA1": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.128.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PrivateSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet2RouteTableA678073B": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PrivateSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet2RouteTableA678073B"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
+        }
+      }
+    },
+    "VpcPrivateSubnet2DefaultRoute060D2087": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet2RouteTableA678073B"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet2NATGateway9182C01D"
+        }
+      }
+    },
+    "VpcPrivateSubnet3SubnetF258B56E": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.160.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PrivateSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet3RouteTableD98824C7": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc/PrivateSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet3SubnetF258B56E"
+        }
+      }
+    },
+    "VpcPrivateSubnet3DefaultRoute94B74F0D": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
+        }
+      }
+    },
+    "VpcIGWD7BA715C": {
+      "Type": "AWS::EC2::InternetGateway",
+      "Properties": {
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcVPCGWBF912B6E": {
+      "Type": "AWS::EC2::VPCGatewayAttachment",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "InternetGatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      }
+    },
+    "VpcFlowLogIAMRole6A475D41": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sts:AssumeRole",
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "vpc-flow-logs.amazonaws.com"
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
+      "Type": "AWS::IAM::Policy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": [
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "logs:DescribeLogStreams"
+              ],
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogLogGroup7B5C56B9",
+                  "Arn"
+                ]
+              }
+            },
+            {
+              "Action": "iam:PassRole",
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogIAMRole6A475D41",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
+        "Roles": [
+          {
+            "Ref": "VpcFlowLogIAMRole6A475D41"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogLogGroup7B5C56B9": {
+      "Type": "AWS::Logs::LogGroup",
+      "Properties": {
+        "RetentionInDays": 731
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W84",
+              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
+            }
+          ]
+        }
+      }
+    },
+    "VpcFlowLog8FF33A73": {
+      "Type": "AWS::EC2::FlowLog",
+      "Properties": {
+        "ResourceId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "ResourceType": "VPC",
+        "TrafficType": "ALL",
+        "DeliverLogsPermissionArn": {
+          "Fn::GetAtt": [
+            "VpcFlowLogIAMRole6A475D41",
+            "Arn"
+          ]
+        },
+        "LogDestinationType": "cloud-watch-logs",
+        "LogGroupName": {
+          "Ref": "VpcFlowLogLogGroup7B5C56B9"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPrivateApiExistingZone/Vpc"
+          }
+        ]
+      }
+    },
+    "newzone1D011936": {
+      "Type": "AWS::Route53::HostedZone",
+      "Properties": {
+        "Name": "www.test-example.com.",
+        "VPCs": [
+          {
+            "VPCId": {
+              "Ref": "Vpc8378EB38"
+            },
+            "VPCRegion": "us-east-1"
+          }
+        ]
+      }
+    },
+    "testroute53albtestroute53albalb7C171F50": {
+      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
+      "Properties": {
+        "LoadBalancerAttributes": [
+          {
+            "Key": "deletion_protection.enabled",
+            "Value": "false"
+          },
+          {
+            "Key": "access_logs.s3.enabled",
+            "Value": "true"
+          },
+          {
+            "Key": "access_logs.s3.bucket",
+            "Value": {
+              "Ref": "testroute53albAC463A50"
+            }
+          },
+          {
+            "Key": "access_logs.s3.prefix",
+            "Value": ""
+          }
+        ],
+        "Scheme": "internal",
+        "SecurityGroups": [
+          {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "GroupId"
+            ]
+          }
+        ],
+        "Subnets": [
+          {
+            "Ref": "VpcPrivateSubnet1Subnet536B997A"
+          },
+          {
+            "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
+          },
+          {
+            "Ref": "VpcPrivateSubnet3SubnetF258B56E"
+          }
+        ],
+        "Type": "application"
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50"
+      ]
+    },
+    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApiExistingZonetestroute53albtestroute53albalb73DF0A20",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50"
+      ]
+    },
+    "testroute53albAC463A50": {
+      "Type": "AWS::S3::Bucket",
+      "Properties": {
+        "BucketEncryption": {
+          "ServerSideEncryptionConfiguration": [
+            {
+              "ServerSideEncryptionByDefault": {
+                "SSEAlgorithm": "AES256"
+              }
+            }
+          ]
+        },
+        "PublicAccessBlockConfiguration": {
+          "BlockPublicAcls": true,
+          "BlockPublicPolicy": true,
+          "IgnorePublicAcls": true,
+          "RestrictPublicBuckets": true
+        },
+        "VersioningConfiguration": {
+          "Status": "Enabled"
+        }
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W35",
+              "reason": "This is a log bucket for an Application Load Balancer"
+            }
+          ]
+        }
+      }
+    },
+    "testroute53albPolicy478FC0AF": {
+      "Type": "AWS::S3::BucketPolicy",
+      "Properties": {
+        "Bucket": {
+          "Ref": "testroute53albAC463A50"
+        },
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "*",
+              "Condition": {
+                "Bool": {
+                  "aws:SecureTransport": "false"
+                }
+              },
+              "Effect": "Deny",
+              "Principal": {
+                "AWS": "*"
+              },
+              "Resource": [
+                {
+                  "Fn::Join": [
+                    "",
+                    [
+                      {
+                        "Fn::GetAtt": [
+                          "testroute53albAC463A50",
+                          "Arn"
+                        ]
+                      },
+                      "/*"
+                    ]
+                  ]
+                },
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albAC463A50",
+                    "Arn"
+                  ]
+                }
+              ],
+              "Sid": "HttpsOnly"
+            },
+            {
+              "Action": [
+                "s3:PutObject",
+                "s3:Abort*"
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "AWS": {
+                  "Fn::Join": [
+                    "",
+                    [
+                      "arn:",
+                      {
+                        "Ref": "AWS::Partition"
+                      },
+                      ":iam::127311923021:root"
+                    ]
+                  ]
+                }
+              },
+              "Resource": {
+                "Fn::Join": [
+                  "",
+                  [
+                    {
+                      "Fn::GetAtt": [
+                        "testroute53albAC463A50",
+                        "Arn"
+                      ]
+                    },
+                    "/AWSLogs/",
+                    {
+                      "Ref": "AWS::AccountId"
+                    },
+                    "/*"
+                  ]
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        }
+      }
+    },
+    "testroute53albtestroute53albaliasCCC6DDF3": {
+      "Type": "AWS::Route53::RecordSet",
+      "Properties": {
+        "Name": "www.test-example.com.",
+        "Type": "A",
+        "AliasTarget": {
+          "DNSName": {
+            "Fn::Join": [
+              "",
+              [
+                "dualstack.",
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albtestroute53albalb7C171F50",
+                    "DNSName"
+                  ]
+                }
+              ]
+            ]
+          },
+          "HostedZoneId": {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalb7C171F50",
+              "CanonicalHostedZoneID"
+            ]
+          }
+        },
+        "HostedZoneId": {
+          "Ref": "newzone1D011936"
+        }
+      }
+    }
+  },
+  "Parameters": {
+    "BootstrapVersion": {
+      "Type": "AWS::SSM::Parameter::Value<String>",
+      "Default": "/cdk-bootstrap/hnb659fds/version",
+      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store."
+    }
+  },
+  "Rules": {
+    "CheckBootstrapVersion": {
+      "Assertions": [
+        {
+          "Assert": {
+            "Fn::Not": [
+              {
+                "Fn::Contains": [
+                  [
+                    "1",
+                    "2",
+                    "3",
+                    "4",
+                    "5"
+                  ],
+                  {
+                    "Ref": "BootstrapVersion"
+                  }
+                ]
+              }
+            ]
+          },
+          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
new file mode 100644
index 000000000..9dc2598ab
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
@@ -0,0 +1,52 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import { App, Stack, Aws } from "@aws-cdk/core";
+import * as defaults from '@aws-solutions-constructs/core';
+import { PrivateHostedZone } from "@aws-cdk/aws-route53";
+import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { generateIntegStackName } from '@aws-solutions-constructs/core';
+
+// Setup
+const app = new App();
+const stack = new Stack(app, generateIntegStackName(__filename), {
+  env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
+});
+stack.templateOptions.description = 'Integration Test for aws-route53-alb';
+
+const newVpc = defaults.buildVpc(stack, {
+  defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  constructVpcProps: {
+    enableDnsHostnames: true,
+    enableDnsSupport: true,
+    cidr: '172.168.0.0/16',
+  },
+});
+
+const newZone = new PrivateHostedZone(stack, 'new-zone', {
+  zoneName: 'www.test-example.com',
+  vpc: newVpc,
+});
+
+// Definitions
+const props: Route53ToAlbProps = {
+  publicApi: false,
+  existingHostedZoneInterface: newZone,
+  existingVpc: newVpc,
+};
+
+new Route53ToAlb(stack, 'test-route53-alb', props);
+
+// Synth
+app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
new file mode 100644
index 000000000..930c86d4d
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
@@ -0,0 +1,779 @@
+{
+  "Description": "Integration Test for aws-route53-alb",
+  "Resources": {
+    "Vpc8378EB38": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "172.168.0.0/16",
+        "EnableDnsHostnames": true,
+        "EnableDnsSupport": true,
+        "InstanceTenancy": "default",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1Subnet5C2D37C4": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.0.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet1RouteTable6C95E38E": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1RouteTableAssociation97140677": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+        }
+      }
+    },
+    "VpcPublicSubnet1DefaultRoute3DA9E72A": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet1EIPD7E02669": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1NATGateway4D7517AA": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet1EIPD7E02669",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2Subnet691E08A3": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.32.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet2RouteTable94F7E489": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet2RouteTable94F7E489"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet2Subnet691E08A3"
+        }
+      }
+    },
+    "VpcPublicSubnet2DefaultRoute97F91067": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet2RouteTable94F7E489"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet2EIP3C605A87": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2NATGateway9182C01D": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet2Subnet691E08A3"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet2EIP3C605A87",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3SubnetBE12F0B6": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.64.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet3RouteTable93458DBB": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet3RouteTable93458DBB"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+        }
+      }
+    },
+    "VpcPublicSubnet3DefaultRoute4697774F": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet3RouteTable93458DBB"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet3EIP3A666A23": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3NATGateway7640CD1D": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet3EIP3A666A23",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1Subnet536B997A": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.96.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PrivateSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1RouteTableB2C5B500": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PrivateSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet1Subnet536B997A"
+        }
+      }
+    },
+    "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+        }
+      }
+    },
+    "VpcPrivateSubnet2Subnet3788AAA1": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.128.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PrivateSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet2RouteTableA678073B": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PrivateSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet2RouteTableA678073B"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
+        }
+      }
+    },
+    "VpcPrivateSubnet2DefaultRoute060D2087": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet2RouteTableA678073B"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet2NATGateway9182C01D"
+        }
+      }
+    },
+    "VpcPrivateSubnet3SubnetF258B56E": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.160.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PrivateSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet3RouteTableD98824C7": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc/PrivateSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet3SubnetF258B56E"
+        }
+      }
+    },
+    "VpcPrivateSubnet3DefaultRoute94B74F0D": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
+        }
+      }
+    },
+    "VpcIGWD7BA715C": {
+      "Type": "AWS::EC2::InternetGateway",
+      "Properties": {
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcVPCGWBF912B6E": {
+      "Type": "AWS::EC2::VPCGatewayAttachment",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "InternetGatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      }
+    },
+    "VpcFlowLogIAMRole6A475D41": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sts:AssumeRole",
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "vpc-flow-logs.amazonaws.com"
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
+      "Type": "AWS::IAM::Policy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": [
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "logs:DescribeLogStreams"
+              ],
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogLogGroup7B5C56B9",
+                  "Arn"
+                ]
+              }
+            },
+            {
+              "Action": "iam:PassRole",
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogIAMRole6A475D41",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
+        "Roles": [
+          {
+            "Ref": "VpcFlowLogIAMRole6A475D41"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogLogGroup7B5C56B9": {
+      "Type": "AWS::Logs::LogGroup",
+      "Properties": {
+        "RetentionInDays": 731
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W84",
+              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
+            }
+          ]
+        }
+      }
+    },
+    "VpcFlowLog8FF33A73": {
+      "Type": "AWS::EC2::FlowLog",
+      "Properties": {
+        "ResourceId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "ResourceType": "VPC",
+        "TrafficType": "ALL",
+        "DeliverLogsPermissionArn": {
+          "Fn::GetAtt": [
+            "VpcFlowLogIAMRole6A475D41",
+            "Arn"
+          ]
+        },
+        "LogDestinationType": "cloud-watch-logs",
+        "LogGroupName": {
+          "Ref": "VpcFlowLogLogGroup7B5C56B9"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiExistingAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "newzone1D011936": {
+      "Type": "AWS::Route53::HostedZone",
+      "Properties": {
+        "Name": "www.test-example.com."
+      }
+    },
+    "testalb9AFCD824": {
+      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
+      "Properties": {
+        "LoadBalancerAttributes": [
+          {
+            "Key": "deletion_protection.enabled",
+            "Value": "false"
+          }
+        ],
+        "Name": "find-this-name",
+        "Scheme": "internal",
+        "SecurityGroups": [
+          {
+            "Fn::GetAtt": [
+              "testalbSecurityGroup0C84CDF9",
+              "GroupId"
+            ]
+          }
+        ],
+        "Subnets": [
+          {
+            "Ref": "VpcPrivateSubnet1Subnet536B997A"
+          },
+          {
+            "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
+          },
+          {
+            "Ref": "VpcPrivateSubnet3SubnetF258B56E"
+          }
+        ],
+        "Type": "application"
+      }
+    },
+    "testalbSecurityGroup0C84CDF9": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiExistingAlbtestalb700DF81E",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      }
+    },
+    "testroute53albtestroute53albaliasCCC6DDF3": {
+      "Type": "AWS::Route53::RecordSet",
+      "Properties": {
+        "Name": "www.test-example.com.",
+        "Type": "A",
+        "AliasTarget": {
+          "DNSName": {
+            "Fn::Join": [
+              "",
+              [
+                "dualstack.",
+                {
+                  "Fn::GetAtt": [
+                    "testalb9AFCD824",
+                    "DNSName"
+                  ]
+                }
+              ]
+            ]
+          },
+          "HostedZoneId": {
+            "Fn::GetAtt": [
+              "testalb9AFCD824",
+              "CanonicalHostedZoneID"
+            ]
+          }
+        },
+        "HostedZoneId": {
+          "Ref": "newzone1D011936"
+        }
+      }
+    }
+  },
+  "Parameters": {
+    "BootstrapVersion": {
+      "Type": "AWS::SSM::Parameter::Value<String>",
+      "Default": "/cdk-bootstrap/hnb659fds/version",
+      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store."
+    }
+  },
+  "Rules": {
+    "CheckBootstrapVersion": {
+      "Assertions": [
+        {
+          "Assert": {
+            "Fn::Not": [
+              {
+                "Fn::Contains": [
+                  [
+                    "1",
+                    "2",
+                    "3",
+                    "4",
+                    "5"
+                  ],
+                  {
+                    "Ref": "BootstrapVersion"
+                  }
+                ]
+              }
+            ]
+          },
+          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
new file mode 100644
index 000000000..55a13d732
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
@@ -0,0 +1,58 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import { App, Stack, Aws } from "@aws-cdk/core";
+import * as defaults from '@aws-solutions-constructs/core';
+import { ApplicationLoadBalancer } from "@aws-cdk/aws-elasticloadbalancingv2";
+import { PublicHostedZone } from "@aws-cdk/aws-route53";
+import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { generateIntegStackName } from '@aws-solutions-constructs/core';
+
+// Setup
+const app = new App();
+const stack = new Stack(app, generateIntegStackName(__filename), {
+  env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
+});
+stack.templateOptions.description = 'Integration Test for aws-route53-alb';
+
+const newVpc = defaults.buildVpc(stack, {
+  defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  constructVpcProps: {
+    enableDnsHostnames: true,
+    enableDnsSupport: true,
+    cidr: '172.168.0.0/16',
+  },
+});
+
+const newZone = new PublicHostedZone(stack, 'new-zone', {
+  zoneName: 'www.test-example.com',
+});
+
+const existingAlb = new ApplicationLoadBalancer(stack, 'test-alb', {
+  vpc: newVpc,
+  loadBalancerName: 'find-this-name'
+});
+
+// Definitions
+const props: Route53ToAlbProps = {
+  publicApi: true,
+  existingHostedZoneInterface: newZone,
+  existingVpc: newVpc,
+  existingLoadBalancerObj: existingAlb,
+};
+
+new Route53ToAlb(stack, 'test-route53-alb', props);
+
+// Synth
+app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
new file mode 100644
index 000000000..a428bb0f6
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -0,0 +1,926 @@
+{
+  "Description": "Integration Test for aws-route53-alb",
+  "Resources": {
+    "Vpc8378EB38": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "172.168.0.0/16",
+        "EnableDnsHostnames": true,
+        "EnableDnsSupport": true,
+        "InstanceTenancy": "default",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1Subnet5C2D37C4": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.0.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet1RouteTable6C95E38E": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1RouteTableAssociation97140677": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+        }
+      }
+    },
+    "VpcPublicSubnet1DefaultRoute3DA9E72A": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet1EIPD7E02669": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet1NATGateway4D7517AA": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet1EIPD7E02669",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2Subnet691E08A3": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.32.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet2RouteTable94F7E489": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet2RouteTable94F7E489"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet2Subnet691E08A3"
+        }
+      }
+    },
+    "VpcPublicSubnet2DefaultRoute97F91067": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet2RouteTable94F7E489"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet2EIP3C605A87": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet2NATGateway9182C01D": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet2Subnet691E08A3"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet2EIP3C605A87",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3SubnetBE12F0B6": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.64.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": true,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Public"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Public"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W33",
+              "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
+            }
+          ]
+        }
+      }
+    },
+    "VpcPublicSubnet3RouteTable93458DBB": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet3RouteTable93458DBB"
+        },
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+        }
+      }
+    },
+    "VpcPublicSubnet3DefaultRoute4697774F": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPublicSubnet3RouteTable93458DBB"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      },
+      "DependsOn": [
+        "VpcVPCGWBF912B6E"
+      ]
+    },
+    "VpcPublicSubnet3EIP3A666A23": {
+      "Type": "AWS::EC2::EIP",
+      "Properties": {
+        "Domain": "vpc",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPublicSubnet3NATGateway7640CD1D": {
+      "Type": "AWS::EC2::NatGateway",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+        },
+        "AllocationId": {
+          "Fn::GetAtt": [
+            "VpcPublicSubnet3EIP3A666A23",
+            "AllocationId"
+          ]
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PublicSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1Subnet536B997A": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.96.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PrivateSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1RouteTableB2C5B500": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PrivateSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet1Subnet536B997A"
+        }
+      }
+    },
+    "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+        }
+      }
+    },
+    "VpcPrivateSubnet2Subnet3788AAA1": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.128.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PrivateSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet2RouteTableA678073B": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PrivateSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet2RouteTableA678073B"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
+        }
+      }
+    },
+    "VpcPrivateSubnet2DefaultRoute060D2087": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet2RouteTableA678073B"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet2NATGateway9182C01D"
+        }
+      }
+    },
+    "VpcPrivateSubnet3SubnetF258B56E": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "172.168.160.0/19",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "Private"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Private"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PrivateSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet3RouteTableD98824C7": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc/PrivateSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
+        },
+        "SubnetId": {
+          "Ref": "VpcPrivateSubnet3SubnetF258B56E"
+        }
+      }
+    },
+    "VpcPrivateSubnet3DefaultRoute94B74F0D": {
+      "Type": "AWS::EC2::Route",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "NatGatewayId": {
+          "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
+        }
+      }
+    },
+    "VpcIGWD7BA715C": {
+      "Type": "AWS::EC2::InternetGateway",
+      "Properties": {
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcVPCGWBF912B6E": {
+      "Type": "AWS::EC2::VPCGatewayAttachment",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "InternetGatewayId": {
+          "Ref": "VpcIGWD7BA715C"
+        }
+      }
+    },
+    "VpcFlowLogIAMRole6A475D41": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sts:AssumeRole",
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "vpc-flow-logs.amazonaws.com"
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
+      "Type": "AWS::IAM::Policy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": [
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "logs:DescribeLogStreams"
+              ],
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogLogGroup7B5C56B9",
+                  "Arn"
+                ]
+              }
+            },
+            {
+              "Action": "iam:PassRole",
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogIAMRole6A475D41",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
+        "Roles": [
+          {
+            "Ref": "VpcFlowLogIAMRole6A475D41"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogLogGroup7B5C56B9": {
+      "Type": "AWS::Logs::LogGroup",
+      "Properties": {
+        "RetentionInDays": 731
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W84",
+              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
+            }
+          ]
+        }
+      }
+    },
+    "VpcFlowLog8FF33A73": {
+      "Type": "AWS::EC2::FlowLog",
+      "Properties": {
+        "ResourceId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "ResourceType": "VPC",
+        "TrafficType": "ALL",
+        "DeliverLogsPermissionArn": {
+          "Fn::GetAtt": [
+            "VpcFlowLogIAMRole6A475D41",
+            "Arn"
+          ]
+        },
+        "LogDestinationType": "cloud-watch-logs",
+        "LogGroupName": {
+          "Ref": "VpcFlowLogLogGroup7B5C56B9"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployPublicApiNewAlb/Vpc"
+          }
+        ]
+      }
+    },
+    "newzone1D011936": {
+      "Type": "AWS::Route53::HostedZone",
+      "Properties": {
+        "Name": "www.test-example.com."
+      }
+    },
+    "testroute53albtestroute53albalb7C171F50": {
+      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
+      "Properties": {
+        "LoadBalancerAttributes": [
+          {
+            "Key": "deletion_protection.enabled",
+            "Value": "false"
+          },
+          {
+            "Key": "access_logs.s3.enabled",
+            "Value": "true"
+          },
+          {
+            "Key": "access_logs.s3.bucket",
+            "Value": {
+              "Ref": "testroute53albAC463A50"
+            }
+          },
+          {
+            "Key": "access_logs.s3.prefix",
+            "Value": ""
+          }
+        ],
+        "Name": "new-alb",
+        "Scheme": "internet-facing",
+        "SecurityGroups": [
+          {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "GroupId"
+            ]
+          }
+        ],
+        "Subnets": [
+          {
+            "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+          },
+          {
+            "Ref": "VpcPublicSubnet2Subnet691E08A3"
+          },
+          {
+            "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+          }
+        ],
+        "Type": "application"
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50",
+        "VpcPublicSubnet1DefaultRoute3DA9E72A",
+        "VpcPublicSubnet2DefaultRoute97F91067",
+        "VpcPublicSubnet3DefaultRoute4697774F"
+      ]
+    },
+    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbtestroute53albtestroute53albalbC4C12C26",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50"
+      ]
+    },
+    "testroute53albAC463A50": {
+      "Type": "AWS::S3::Bucket",
+      "Properties": {
+        "BucketEncryption": {
+          "ServerSideEncryptionConfiguration": [
+            {
+              "ServerSideEncryptionByDefault": {
+                "SSEAlgorithm": "AES256"
+              }
+            }
+          ]
+        },
+        "PublicAccessBlockConfiguration": {
+          "BlockPublicAcls": true,
+          "BlockPublicPolicy": true,
+          "IgnorePublicAcls": true,
+          "RestrictPublicBuckets": true
+        },
+        "VersioningConfiguration": {
+          "Status": "Enabled"
+        }
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W35",
+              "reason": "This is a log bucket for an Application Load Balancer"
+            }
+          ]
+        }
+      }
+    },
+    "testroute53albPolicy478FC0AF": {
+      "Type": "AWS::S3::BucketPolicy",
+      "Properties": {
+        "Bucket": {
+          "Ref": "testroute53albAC463A50"
+        },
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "*",
+              "Condition": {
+                "Bool": {
+                  "aws:SecureTransport": "false"
+                }
+              },
+              "Effect": "Deny",
+              "Principal": {
+                "AWS": "*"
+              },
+              "Resource": [
+                {
+                  "Fn::Join": [
+                    "",
+                    [
+                      {
+                        "Fn::GetAtt": [
+                          "testroute53albAC463A50",
+                          "Arn"
+                        ]
+                      },
+                      "/*"
+                    ]
+                  ]
+                },
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albAC463A50",
+                    "Arn"
+                  ]
+                }
+              ],
+              "Sid": "HttpsOnly"
+            },
+            {
+              "Action": [
+                "s3:PutObject",
+                "s3:Abort*"
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "AWS": {
+                  "Fn::Join": [
+                    "",
+                    [
+                      "arn:",
+                      {
+                        "Ref": "AWS::Partition"
+                      },
+                      ":iam::127311923021:root"
+                    ]
+                  ]
+                }
+              },
+              "Resource": {
+                "Fn::Join": [
+                  "",
+                  [
+                    {
+                      "Fn::GetAtt": [
+                        "testroute53albAC463A50",
+                        "Arn"
+                      ]
+                    },
+                    "/AWSLogs/",
+                    {
+                      "Ref": "AWS::AccountId"
+                    },
+                    "/*"
+                  ]
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        }
+      }
+    },
+    "testroute53albtestroute53albaliasCCC6DDF3": {
+      "Type": "AWS::Route53::RecordSet",
+      "Properties": {
+        "Name": "www.test-example.com.",
+        "Type": "A",
+        "AliasTarget": {
+          "DNSName": {
+            "Fn::Join": [
+              "",
+              [
+                "dualstack.",
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albtestroute53albalb7C171F50",
+                    "DNSName"
+                  ]
+                }
+              ]
+            ]
+          },
+          "HostedZoneId": {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalb7C171F50",
+              "CanonicalHostedZoneID"
+            ]
+          }
+        },
+        "HostedZoneId": {
+          "Ref": "newzone1D011936"
+        }
+      }
+    }
+  },
+  "Parameters": {
+    "BootstrapVersion": {
+      "Type": "AWS::SSM::Parameter::Value<String>",
+      "Default": "/cdk-bootstrap/hnb659fds/version",
+      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store."
+    }
+  },
+  "Rules": {
+    "CheckBootstrapVersion": {
+      "Assertions": [
+        {
+          "Assert": {
+            "Fn::Not": [
+              {
+                "Fn::Contains": [
+                  [
+                    "1",
+                    "2",
+                    "3",
+                    "4",
+                    "5"
+                  ],
+                  {
+                    "Ref": "BootstrapVersion"
+                  }
+                ]
+              }
+            ]
+          },
+          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
new file mode 100644
index 000000000..9a51b32ba
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -0,0 +1,54 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import { App, Stack, Aws } from "@aws-cdk/core";
+import * as defaults from '@aws-solutions-constructs/core';
+import { PublicHostedZone } from "@aws-cdk/aws-route53";
+import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { generateIntegStackName } from '@aws-solutions-constructs/core';
+
+// Setup
+const app = new App();
+const stack = new Stack(app, generateIntegStackName(__filename), {
+  env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
+});
+stack.templateOptions.description = 'Integration Test for aws-route53-alb';
+
+const newVpc = defaults.buildVpc(stack, {
+  defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  constructVpcProps: {
+    enableDnsHostnames: true,
+    enableDnsSupport: true,
+    cidr: '172.168.0.0/16',
+  },
+});
+
+const newZone = new PublicHostedZone(stack, 'new-zone', {
+  zoneName: 'www.test-example.com',
+});
+
+// Definitions
+const props: Route53ToAlbProps = {
+  publicApi: true,
+  existingHostedZoneInterface: newZone,
+  existingVpc: newVpc,
+  loadBalancerProps: {
+    loadBalancerName: 'new-alb',
+  }
+};
+
+new Route53ToAlb(stack, 'test-route53-alb', props);
+
+// Synth
+app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
new file mode 100644
index 000000000..b94a3d612
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
@@ -0,0 +1,407 @@
+{
+  "Description": "Integration Test for aws-route53-alb",
+  "Resources": {
+    "testroute53albtestroute53albzone04BEDFE6": {
+      "Type": "AWS::Route53::HostedZone",
+      "Properties": {
+        "Name": "www.example.com.",
+        "VPCs": [
+          {
+            "VPCId": {
+              "Ref": "Vpc8378EB38"
+            },
+            "VPCRegion": "us-east-1"
+          }
+        ]
+      }
+    },
+    "testroute53albtestroute53albalb7C171F50": {
+      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
+      "Properties": {
+        "LoadBalancerAttributes": [
+          {
+            "Key": "deletion_protection.enabled",
+            "Value": "false"
+          }
+        ],
+        "Scheme": "internal",
+        "SecurityGroups": [
+          {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "GroupId"
+            ]
+          }
+        ],
+        "Subnets": [
+          {
+            "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
+          },
+          {
+            "Ref": "VpcisolatedSubnet2Subnet39217055"
+          },
+          {
+            "Ref": "VpcisolatedSubnet3Subnet44F2537D"
+          }
+        ],
+        "Type": "application"
+      }
+    },
+    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployWithoutLoggingtestroute53albtestroute53albalbF6630861",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      }
+    },
+    "testroute53albtestroute53albaliasCCC6DDF3": {
+      "Type": "AWS::Route53::RecordSet",
+      "Properties": {
+        "Name": "www.example.com.",
+        "Type": "A",
+        "AliasTarget": {
+          "DNSName": {
+            "Fn::Join": [
+              "",
+              [
+                "dualstack.",
+                {
+                  "Fn::GetAtt": [
+                    "testroute53albtestroute53albalb7C171F50",
+                    "DNSName"
+                  ]
+                }
+              ]
+            ]
+          },
+          "HostedZoneId": {
+            "Fn::GetAtt": [
+              "testroute53albtestroute53albalb7C171F50",
+              "CanonicalHostedZoneID"
+            ]
+          }
+        },
+        "HostedZoneId": {
+          "Ref": "testroute53albtestroute53albzone04BEDFE6"
+        }
+      }
+    },
+    "Vpc8378EB38": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "10.0.0.0/16",
+        "EnableDnsHostnames": true,
+        "EnableDnsSupport": true,
+        "InstanceTenancy": "default",
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet1SubnetE62B1B9B": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "10.0.0.0/18",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1a",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "isolated"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Isolated"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc/isolatedSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet1RouteTableE442650B": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc/isolatedSubnet1"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet1RouteTableAssociationD259E31A": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcisolatedSubnet1RouteTableE442650B"
+        },
+        "SubnetId": {
+          "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
+        }
+      }
+    },
+    "VpcisolatedSubnet2Subnet39217055": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "10.0.64.0/18",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1b",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "isolated"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Isolated"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc/isolatedSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet2RouteTable334F9764": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc/isolatedSubnet2"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet2RouteTableAssociation25A4716F": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcisolatedSubnet2RouteTable334F9764"
+        },
+        "SubnetId": {
+          "Ref": "VpcisolatedSubnet2Subnet39217055"
+        }
+      }
+    },
+    "VpcisolatedSubnet3Subnet44F2537D": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "CidrBlock": "10.0.128.0/18",
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "AvailabilityZone": "test-region-1c",
+        "MapPublicIpOnLaunch": false,
+        "Tags": [
+          {
+            "Key": "aws-cdk:subnet-name",
+            "Value": "isolated"
+          },
+          {
+            "Key": "aws-cdk:subnet-type",
+            "Value": "Isolated"
+          },
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc/isolatedSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet3RouteTableA2F6BBC0": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc/isolatedSubnet3"
+          }
+        ]
+      }
+    },
+    "VpcisolatedSubnet3RouteTableAssociationDC010BEB": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
+        },
+        "SubnetId": {
+          "Ref": "VpcisolatedSubnet3Subnet44F2537D"
+        }
+      }
+    },
+    "VpcFlowLogIAMRole6A475D41": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sts:AssumeRole",
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "vpc-flow-logs.amazonaws.com"
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
+      "Type": "AWS::IAM::Policy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": [
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "logs:DescribeLogStreams"
+              ],
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogLogGroup7B5C56B9",
+                  "Arn"
+                ]
+              }
+            },
+            {
+              "Action": "iam:PassRole",
+              "Effect": "Allow",
+              "Resource": {
+                "Fn::GetAtt": [
+                  "VpcFlowLogIAMRole6A475D41",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
+        "Roles": [
+          {
+            "Ref": "VpcFlowLogIAMRole6A475D41"
+          }
+        ]
+      }
+    },
+    "VpcFlowLogLogGroup7B5C56B9": {
+      "Type": "AWS::Logs::LogGroup",
+      "Properties": {
+        "RetentionInDays": 731
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W84",
+              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
+            }
+          ]
+        }
+      }
+    },
+    "VpcFlowLog8FF33A73": {
+      "Type": "AWS::EC2::FlowLog",
+      "Properties": {
+        "ResourceId": {
+          "Ref": "Vpc8378EB38"
+        },
+        "ResourceType": "VPC",
+        "TrafficType": "ALL",
+        "DeliverLogsPermissionArn": {
+          "Fn::GetAtt": [
+            "VpcFlowLogIAMRole6A475D41",
+            "Arn"
+          ]
+        },
+        "LogDestinationType": "cloud-watch-logs",
+        "LogGroupName": {
+          "Ref": "VpcFlowLogLogGroup7B5C56B9"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": "deployWithoutLogging/Vpc"
+          }
+        ]
+      }
+    }
+  },
+  "Parameters": {
+    "BootstrapVersion": {
+      "Type": "AWS::SSM::Parameter::Value<String>",
+      "Default": "/cdk-bootstrap/hnb659fds/version",
+      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store."
+    }
+  },
+  "Rules": {
+    "CheckBootstrapVersion": {
+      "Assertions": [
+        {
+          "Assert": {
+            "Fn::Not": [
+              {
+                "Fn::Contains": [
+                  [
+                    "1",
+                    "2",
+                    "3",
+                    "4",
+                    "5"
+                  ],
+                  {
+                    "Ref": "BootstrapVersion"
+                  }
+                ]
+              }
+            ]
+          },
+          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
new file mode 100644
index 000000000..8afda2608
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
@@ -0,0 +1,38 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import { App, Stack, Aws } from "@aws-cdk/core";
+import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { generateIntegStackName } from '@aws-solutions-constructs/core';
+
+// Setup
+const app = new App();
+const stack = new Stack(app, generateIntegStackName(__filename), {
+  env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
+});
+stack.templateOptions.description = 'Integration Test for aws-route53-alb';
+
+// Definitions
+const props: Route53ToAlbProps = {
+  publicApi: false,
+  privateHostedZoneProps: {
+    zoneName: 'www.example.com'
+  },
+  logAccessLogs: false,
+};
+
+new Route53ToAlb(stack, 'test-route53-alb', props);
+
+// Synth
+app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
new file mode 100644
index 000000000..e3fb1596b
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
@@ -0,0 +1,384 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import { Stack } from "@aws-cdk/core";
+import { Route53ToAlb, Route53ToAlbProps } from '../lib';
+import * as r53 from '@aws-cdk/aws-route53';
+import * as elb from '@aws-cdk/aws-elasticloadbalancingv2';
+import '@aws-cdk/assert/jest';
+import * as defaults from '@aws-solutions-constructs/core';
+
+// Helper Functions
+
+function getTestVpc(stack: Stack) {
+  return defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+    constructVpcProps: {
+      enableDnsHostnames: true,
+      enableDnsSupport: true,
+      cidr: '172.168.0.0/16',
+    },
+  });
+}
+
+test('Test Public API, new VPC', () => {
+  // Initial Setup
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+
+  const newZone = new r53.PublicHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com'
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: true,
+    existingHostedZoneInterface: newZone,
+  };
+
+  new Route53ToAlb(stack, 'test-route53-alb', props);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: 'internet-facing'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::EC2::VPC', {
+    EnableDnsHostnames: true,
+    EnableDnsSupport: true,
+    InstanceTenancy: "default",
+  });
+
+  expect(stack).toHaveResourceLike('AWS::Route53::RecordSet', {
+    Name: 'www.example-test.com.',
+    Type: 'A'
+  });
+
+});
+
+test('Test Private API, existing VPC', () => {
+  // Initial Setup
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const newZone = new r53.PrivateHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com',
+    vpc: testExistingVpc
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingHostedZoneInterface: newZone,
+    existingVpc: testExistingVpc
+  };
+
+  new Route53ToAlb(stack, 'test-route53-alb', props);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: 'internal'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::EC2::VPC', {
+    EnableDnsHostnames: true,
+    EnableDnsSupport: true,
+    InstanceTenancy: "default",
+  });
+
+  expect(stack).toHaveResourceLike('AWS::Route53::RecordSet', {
+    Name: 'www.example-test.com.',
+    Type: 'A'
+  });
+
+});
+
+test('Check publicApi and zone props is an error', () => {
+  // Initial Setup
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const props: Route53ToAlbProps = {
+    publicApi: true,
+    existingVpc: testExistingVpc,
+    privateHostedZoneProps: {
+      zoneName: 'www.example-test.com',
+    }
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+});
+
+test('Check no Zone props and no existing zone interface is an error', () => {
+  // Initial Setup
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingVpc: testExistingVpc,
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+});
+
+test('Check Zone props with VPC is an error', () => {
+  // Initial Setup
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingVpc: testExistingVpc,
+    privateHostedZoneProps: {
+      zoneName: 'www.example-test.com',
+      vpc: testExistingVpc
+    }
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+
+});
+
+test('Test with privateHostedZoneProps', () => {
+  // Initial Setup
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingVpc: testExistingVpc,
+    privateHostedZoneProps: {
+      zoneName: 'www.example-test.com',
+    }
+  };
+
+  new Route53ToAlb(stack, 'test-error', props);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: 'internal'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::EC2::VPC', {
+    EnableDnsHostnames: true,
+    EnableDnsSupport: true,
+    InstanceTenancy: "default",
+  });
+
+  expect(stack).toHaveResourceLike('AWS::Route53::RecordSet', {
+    Name: 'www.example-test.com.',
+    Type: 'A'
+  });
+});
+
+test('Check that passing an existing hosted Zone without passing an existingVPC is an error', () => {
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const newZone = new r53.PrivateHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com',
+    vpc: testExistingVpc
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingHostedZoneInterface: newZone,
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+
+});
+
+test('Check that passing an existing Load Balancer without passing an existingVPC is an error', () => {
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const existingAlb = new elb.ApplicationLoadBalancer(stack, 'test-alb', {
+    vpc: testExistingVpc
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingLoadBalancerObj: existingAlb,
+    privateHostedZoneProps: {
+      zoneName: 'www.example-test.com',
+    }
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+
+});
+
+test('Check that passing an existing ALB without passing an existingVPC is an error', () => {
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const newZone = new r53.PrivateHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com',
+    vpc: testExistingVpc
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingHostedZoneInterface: newZone,
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+
+});
+
+test('Check that passing loadBalancerProps with a vpc is an error', () => {
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const newZone = new r53.PrivateHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com',
+    vpc: testExistingVpc
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingHostedZoneInterface: newZone,
+    loadBalancerProps: {
+      loadBalancerName: 'my-alb',
+      vpc: testExistingVpc,
+    }
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+
+});
+
+test('Test providing loadBalancerProps', () => {
+  // Initial Setup
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const newZone = new r53.PrivateHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com',
+    vpc: testExistingVpc
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingHostedZoneInterface: newZone,
+    existingVpc: testExistingVpc,
+    loadBalancerProps: {
+      loadBalancerName: 'find-this-name'
+    },
+  };
+
+  new Route53ToAlb(stack, 'test-route53-alb', props);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: 'internal',
+    Name: 'find-this-name'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::EC2::VPC', {
+    EnableDnsHostnames: true,
+    EnableDnsSupport: true,
+    InstanceTenancy: "default",
+  });
+
+  expect(stack).toHaveResourceLike('AWS::Route53::RecordSet', {
+    Name: 'www.example-test.com.',
+    Type: 'A'
+  });
+
+});
+
+test('Test providing an existingLoadBalancer', () => {
+  // Initial Setup
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const newZone = new r53.PrivateHostedZone(stack, 'test-zone', {
+    zoneName: 'www.example-test.com',
+    vpc: testExistingVpc
+  });
+
+  const existingAlb = new elb.ApplicationLoadBalancer(stack, 'test-alb', {
+    vpc: testExistingVpc,
+    loadBalancerName: 'find-this-name'
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    existingHostedZoneInterface: newZone,
+    existingVpc: testExistingVpc,
+    existingLoadBalancerObj: existingAlb,
+  };
+
+  new Route53ToAlb(stack, 'test-route53-alb', props);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: 'internal',
+    Name: 'find-this-name'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::EC2::VPC', {
+    EnableDnsHostnames: true,
+    EnableDnsSupport: true,
+    InstanceTenancy: "default",
+  });
+
+  expect(stack).toHaveResourceLike('AWS::Route53::RecordSet', {
+    Name: 'www.example-test.com.',
+    Type: 'A'
+  });
+
+});
diff --git a/source/patterns/@aws-solutions-constructs/core/index.ts b/source/patterns/@aws-solutions-constructs/core/index.ts
index 1a22a80fc..2d4b451df 100644
--- a/source/patterns/@aws-solutions-constructs/core/index.ts
+++ b/source/patterns/@aws-solutions-constructs/core/index.ts
@@ -11,6 +11,8 @@
  *  and limitations under the License.
  */
 
+export * from './lib/alb-defaults';
+export * from './lib/alb-helper';
 export * from './lib/apigateway-defaults';
 export * from './lib/apigateway-helper';
 export * from './lib/dynamodb-table-defaults';
diff --git a/source/patterns/@aws-solutions-constructs/core/lib/alb-defaults.ts b/source/patterns/@aws-solutions-constructs/core/lib/alb-defaults.ts
new file mode 100644
index 000000000..5659e534f
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/core/lib/alb-defaults.ts
@@ -0,0 +1,21 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+import * as elb from "@aws-cdk/aws-elasticloadbalancingv2";
+
+export function DefaultListenerProps(loadBalancer: elb.ApplicationLoadBalancer): elb.ApplicationListenerProps {
+  return {
+    loadBalancer,
+    protocol: elb.ApplicationProtocol.HTTPS,
+  };
+}
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts
new file mode 100644
index 000000000..7ac21d40c
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts
@@ -0,0 +1,152 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+import * as elb from "@aws-cdk/aws-elasticloadbalancingv2";
+import { Construct } from "@aws-cdk/core";
+import * as ec2 from "@aws-cdk/aws-ec2";
+import * as s3 from "@aws-cdk/aws-s3";
+import * as lambda from "@aws-cdk/aws-lambda";
+import { ApplicationProtocol, ListenerAction, } from "@aws-cdk/aws-elasticloadbalancingv2";
+import * as elbt from "@aws-cdk/aws-elasticloadbalancingv2-targets";
+import { overrideProps, printWarning } from "./utils";
+import { DefaultListenerProps } from "./alb-defaults";
+import { createAlbLoggingBucket } from "./s3-bucket-helper";
+import { DefaultLoggingBucketProps } from "./s3-bucket-defaults";
+
+//  Returns the correct ALB Load Balancer to use in this construct, either an existing
+//  one provided as an argument or create  new one otherwise.
+export function ObtainAlb(
+  scope: Construct,
+  id: string,
+  vpc: ec2.IVpc,
+  publicApi: boolean,
+  existingLoadBalancerInterface?: elb.ApplicationLoadBalancer,
+  loadBalancerProps?: elb.ApplicationLoadBalancerProps | any,
+  logAccessLogs?: boolean,
+  loggingBucketProps?: s3.BucketProps
+): elb.ApplicationLoadBalancer {
+  let loadBalancer: elb.ApplicationLoadBalancer;
+
+  if (existingLoadBalancerInterface) {
+    loadBalancer = existingLoadBalancerInterface;
+  } else {
+    const consolidatedProps = loadBalancerProps
+      ? overrideProps(loadBalancerProps, { vpc, internetFacing: publicApi })
+      : { vpc, internetFacing: publicApi };
+    loadBalancer = new elb.ApplicationLoadBalancer(
+      scope,
+      `${id}-alb`,
+      consolidatedProps
+    );
+    if (logAccessLogs === undefined || logAccessLogs === true) {
+      const consolidatedLoggingBucketProps = loggingBucketProps
+        ? overrideProps(DefaultLoggingBucketProps(), loggingBucketProps)
+        : DefaultLoggingBucketProps();
+      const loggingBucket = createAlbLoggingBucket(scope, id, consolidatedLoggingBucketProps);
+      loadBalancer.logAccessLogs(loggingBucket);
+    }
+  }
+  return loadBalancer;
+}
+
+export function AddListener(
+  scope: Construct,
+  loadBalancer: elb.ApplicationLoadBalancer,
+  targetGroup: elb.ApplicationTargetGroup,
+  listenerProps: elb.ApplicationListenerProps | any
+): elb.ApplicationListener {
+  let consolidatedListenerProps: elb.ApplicationListenerProps;
+
+  consolidatedListenerProps = overrideProps(
+    DefaultListenerProps(loadBalancer),
+    listenerProps
+  );
+
+  //   create the listener
+  const listener = new elb.ApplicationListener(
+    scope,
+    "listener",
+    consolidatedListenerProps
+  );
+  loadBalancer.listeners.push(listener);
+
+  if (consolidatedListenerProps.protocol === elb.ApplicationProtocol.HTTP) {
+    // This will use core.printWarning in the actual construct
+    printWarning(
+      "AWS recommends encrypting traffic to an Application Load Balancer using HTTPS."
+    );
+    if (listenerProps.certificates?.length > 0) {
+      throw new Error("HTTP listeners cannot use a certificate");
+    }
+  } else {
+    if (!listenerProps.certificates || listenerProps.certificates.length === 0) {
+      throw new Error("A listener using HTTPS protocol requires a certificate");
+    }
+
+    listener.addCertificates("listener-cert-add", listenerProps.certificates);
+  }
+
+  if (consolidatedListenerProps.protocol === elb.ApplicationProtocol.HTTPS) {
+    const opt: elb.RedirectOptions = {
+      port: "443",
+      protocol: "HTTPS",
+    };
+
+    const httpListener = new elb.ApplicationListener(
+      scope,
+      "redirect-listener",
+      {
+        loadBalancer,
+        protocol: ApplicationProtocol.HTTP,
+        defaultAction: ListenerAction.redirect(opt),
+      }
+    );
+    loadBalancer.listeners.push(httpListener);
+  }
+
+  AddTarget(scope, targetGroup, listener);
+  return listener;
+}
+
+export function CreateLambdaTargetGroup(
+  scope: Construct,
+  id: string,
+  lambdaFunction: lambda.Function,
+  targetProps?: elb.ApplicationTargetGroupProps
+): elb.ApplicationTargetGroup {
+  const lambdaTarget = new elbt.LambdaTarget(lambdaFunction);
+  return new elb.ApplicationTargetGroup(scope, `${id}-tg`, {
+    targets: [lambdaTarget],
+    targetGroupName: targetProps ? targetProps.targetGroupName : undefined,
+    healthCheck: targetProps ? targetProps.healthCheck : undefined
+  });
+}
+
+export function AddTarget(
+  scope: Construct,
+  targetGroup: elb.ApplicationTargetGroup,
+  listener: elb.ApplicationListener,
+  ruleProps?: elb.AddRuleProps
+) {
+  // AddRuleProps includes conditions and priority, combine that with targetGroups and
+  // we can assemble AddApplicationTargetGroupProps
+  if (ruleProps) {
+    const consolidatedTargetProps = overrideProps(ruleProps, { targetGroups: [targetGroup] });
+    listener.addTargetGroups(`${scope.node.id}-targets`, consolidatedTargetProps);
+  } else {
+    listener.addTargetGroups("targets", {
+      targetGroups: [targetGroup],
+    });
+  }
+  return;
+}
diff --git a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts
index 2ce73bea4..2a7c5c476 100644
--- a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts
+++ b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts
@@ -26,5 +26,14 @@ export function DefaultS3Props(loggingBucket ?: Bucket, lifecycleRules?: s3.Life
   } as BucketProps;
 }
 
+export function DefaultLoggingBucketProps(): s3.BucketProps {
+  return {
+    encryption: s3.BucketEncryption.S3_MANAGED,
+    versioned: true,
+    blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
+    removalPolicy: RemovalPolicy.RETAIN,
+  } as BucketProps;
+}
+
 // Default event types to trigger S3 notifications
 export const defaultS3NotificationEventTypes = [s3.EventType.OBJECT_CREATED];
diff --git a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts
index d65c9ca8e..5c56a15ad 100644
--- a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts
+++ b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts
@@ -100,6 +100,28 @@ export function createLoggingBucket(scope: Construct,
   return loggingBucket;
 }
 
+export function createAlbLoggingBucket(scope: Construct,
+  bucketId: string,
+  loggingBucketProps: s3.BucketProps): s3.Bucket {
+
+  // Create the Logging Bucket
+  const loggingBucket: s3.Bucket = new s3.Bucket(scope, bucketId, loggingBucketProps);
+
+  applySecureBucketPolicy(loggingBucket);
+
+  // Extract the CfnBucket from the loggingBucket
+  const loggingBucketResource = loggingBucket.node.findChild('Resource') as s3.CfnBucket;
+
+  addCfnSuppressRules(loggingBucketResource, [
+    {
+      id: 'W35',
+      reason: "This is a log bucket for an Application Load Balancer"
+    }
+  ]);
+
+  return loggingBucket;
+}
+
 function s3BucketWithLogging(scope: Construct,
   s3BucketProps?: s3.BucketProps,
   bucketId?: string,
diff --git a/source/patterns/@aws-solutions-constructs/core/package.json b/source/patterns/@aws-solutions-constructs/core/package.json
index 689afee3d..a65fab13b 100644
--- a/source/patterns/@aws-solutions-constructs/core/package.json
+++ b/source/patterns/@aws-solutions-constructs/core/package.json
@@ -55,6 +55,8 @@
     "@aws-cdk/aws-cloudfront": "0.0.0",
     "@aws-cdk/aws-cloudfront-origins": "0.0.0",
     "@aws-cdk/aws-dynamodb": "0.0.0",
+    "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0",
+    "@aws-cdk/aws-elasticloadbalancingv2-targets": "0.0.0",
     "@aws-cdk/aws-glue": "0.0.0",
     "@aws-cdk/aws-iot": "0.0.0",
     "@aws-cdk/aws-kinesis": "0.0.0",
diff --git a/source/patterns/@aws-solutions-constructs/core/test/alb-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/alb-helper.test.ts
new file mode 100644
index 000000000..8e8a504cc
--- /dev/null
+++ b/source/patterns/@aws-solutions-constructs/core/test/alb-helper.test.ts
@@ -0,0 +1,390 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+import { Stack } from '@aws-cdk/core';
+import * as elb from "@aws-cdk/aws-elasticloadbalancingv2";
+import * as acm from "@aws-cdk/aws-certificatemanager";
+import * as lambda from "@aws-cdk/aws-lambda";
+import * as defaults from '../index';
+import '@aws-cdk/assert/jest';
+
+test('Test ObtainAlb with existing ALB', () => {
+  const stack = new Stack();
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  defaults.ObtainAlb(stack, 'test', vpc, true, existingLoadBalancer);
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Name: "unique-name",
+  });
+});
+
+test('Test ObtainAlb for new ALB with provided props', () => {
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  defaults.ObtainAlb(stack, 'test', vpc, true, undefined, {
+    loadBalancerName: 'new-loadbalancer',
+    vpc,
+    internetFacing: true
+  });
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Name: "new-loadbalancer",
+    Scheme: "internet-facing",
+  });
+});
+
+test('Test ObtainAlb for new ALB with default props', () => {
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  defaults.ObtainAlb(stack, 'test', vpc, false);
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: "internal",
+  });
+});
+
+test('Test ObtainAlb for new ALB with default props', () => {
+  const stack = new Stack();
+
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::TargetGroup', {
+    TargetType: "lambda"
+  });
+});
+
+test('Test ObtainAlb for new ALB with custom props', () => {
+  const stack = new Stack();
+
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::TargetGroup', {
+    TargetType: "lambda",
+    Name: 'test-target-group'
+  });
+});
+
+test('Test Add Target without ruleProps', () => {
+  const stack = new Stack();
+
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  const targetGroup = defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  const testListener = new elb.ApplicationListener(stack, 'test-listener', {
+    loadBalancer: existingLoadBalancer,
+    protocol: elb.ApplicationProtocol.HTTP
+  });
+
+  defaults.AddTarget(stack, targetGroup, testListener);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::Listener', {
+    DefaultActions: [
+      {
+        TargetGroupArn: {
+          Ref: "testtargettgB2EE41CA"
+        },
+        Type: "forward"
+      }
+    ],
+  });
+});
+
+test('Test Add Target with ruleProps', () => {
+  const stack = new Stack();
+
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  const targetGroup = defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  const secondTargetGroup = defaults.CreateLambdaTargetGroup(stack, 'second-target', testFunction, {
+    targetGroupName: 'second-target-group'
+  });
+
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  const testListener = new elb.ApplicationListener(stack, 'test-listener', {
+    loadBalancer: existingLoadBalancer,
+    protocol: elb.ApplicationProtocol.HTTP
+  });
+
+  // The first target is default and can't have rules, so
+  // we need to add 2 targets
+  defaults.AddTarget(stack, targetGroup, testListener);
+  defaults.AddTarget(stack, secondTargetGroup, testListener, {
+    conditions: [elb.ListenerCondition.pathPatterns(["*admin*"])],
+    priority: 10
+  });
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::ListenerRule', {
+    Actions: [
+      {
+        TargetGroupArn: {
+          Ref: "secondtargettg0CE37E1F"
+        },
+        Type: "forward"
+      }
+    ],
+    Conditions: [
+      {
+        Field: "path-pattern",
+        PathPatternConfig: {
+          Values: [
+            "*admin*"
+          ]
+        }
+      }
+    ]
+  });
+});
+
+test('Test AddListener with defaults', () => {
+  const stack = new Stack();
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  const targetGroup = defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  const cert = acm.Certificate.fromCertificateArn(
+    stack,
+    'not-really-a-cert',
+    "arn:aws:acm:us-east-1:123456789012:certificate/85c52dc8-1b37-4afd-a7aa-f03aac2db0cc"
+  );
+
+  defaults.AddListener(stack, existingLoadBalancer, targetGroup, {
+    certificates: [ cert ],
+  });
+
+  // This should create 2 listeners, HTTPS plus redirect of HTTP
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::Listener', {
+    Protocol: 'HTTPS',
+  });
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::Listener', {
+    Protocol: 'HTTP',
+  });
+});
+
+test('Test AddListener with no cert for an HTTPS listener', () => {
+  const stack = new Stack();
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  const targetGroup = defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  const app = () => {
+    defaults.AddListener(stack, existingLoadBalancer, targetGroup, {});
+  };
+  expect(app).toThrowError();
+});
+
+test('Test AddListener error for HTTP with a cert', () => {
+  const stack = new Stack();
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  const targetGroup = defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  const cert = acm.Certificate.fromCertificateArn(
+    stack,
+    'not-really-a-cert',
+    "arn:aws:acm:us-east-1:123456789012:certificate/85c52dc8-1b37-4afd-a7aa-f03aac2db0cc"
+  );
+
+  const app = () => {
+    defaults.AddListener(stack, existingLoadBalancer, targetGroup, {
+      certificates: [ cert ],
+      protocol: elb.ApplicationProtocol.HTTP,
+    });
+  };
+  expect(app).toThrowError();
+
+});
+
+test('Test AddListener for HTTP Listener', () => {
+  const stack = new Stack();
+  const testFunction = new lambda.Function(stack, 'test-function', {
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+    runtime: lambda.Runtime.NODEJS_14_X,
+    handler: "index.handler",
+  });
+
+  const targetGroup = defaults.CreateLambdaTargetGroup(stack, 'test-target', testFunction, {
+    targetGroupName: 'test-target-group'
+  });
+
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const existingLoadBalancer = new elb.ApplicationLoadBalancer(stack, 'load-balancer', {
+    vpc,
+    internetFacing: true,
+    loadBalancerName: 'unique-name'
+  });
+
+  defaults.AddListener(stack, existingLoadBalancer, targetGroup, {
+    protocol: elb.ApplicationProtocol.HTTP,
+  });
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::Listener', {
+    Protocol: 'HTTP',
+  });
+  expect(stack).not.toHaveResourceLike('AWS::ElasticLoadBalancingV2::Listener', {
+    Protocol: 'HTTPS',
+  });
+});
+
+test('Test with custom logging bucket props', () => {
+  // Creating ALB logging requires a region and account (but
+  // these can be fake in unit tests)
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  const testName = 'test-name';
+
+  defaults.ObtainAlb(stack, 'test', vpc, false, undefined, undefined, true, { bucketName: testName });
+  expect(stack).toHaveResourceLike('AWS::S3::Bucket', {
+    BucketName: testName
+  });
+});
+
+test('Test with no logging', () => {
+  const stack = new Stack();
+  // Build VPC
+  const vpc = defaults.buildVpc(stack, {
+    defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
+  });
+
+  defaults.ObtainAlb(stack, 'test', vpc, false, undefined, undefined, false);
+  expect(stack).not.toHaveResourceLike('AWS::S3::Bucket', {});
+});
diff --git a/source/patterns/@aws-solutions-constructs/core/test/s3-bucket.test.ts b/source/patterns/@aws-solutions-constructs/core/test/s3-bucket.test.ts
index 513fda070..996dc03f3 100644
--- a/source/patterns/@aws-solutions-constructs/core/test/s3-bucket.test.ts
+++ b/source/patterns/@aws-solutions-constructs/core/test/s3-bucket.test.ts
@@ -142,3 +142,15 @@ test('test s3Bucket override serverAccessLogsBucket', () => {
     }
   });
 });
+
+test('test createAlbLoggingBucket()', () => {
+  const stack = new Stack();
+
+  defaults.createAlbLoggingBucket(stack, 'test-bucket', {
+    bucketName: 'test-name'
+  });
+
+  expect(stack).toHaveResource("AWS::S3::Bucket", {
+    BucketName: 'test-name'
+  });
+});

From 223da2f3fa0f2fb6aebbb68be33921a132d8b1aa Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Tue, 5 Oct 2021 17:51:07 -0400
Subject: [PATCH 02/14] Adjust viperlight

---
 .viperlightignore | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.viperlightignore b/.viperlightignore
index 1812d6097..7985dabef 100644
--- a/.viperlightignore
+++ b/.viperlightignore
@@ -140,4 +140,8 @@ source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.depl
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.existingEventBus.expected.json:108
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.existingFunction.expected.json:122
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:28
-source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:339
\ No newline at end of file
+source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:339
+# These are references to the us-east-1 ELBV2 account (publicly known)
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json:183
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json:834
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:830

From 54fc7936adad9054c28b17e2d60ae46269fe1e45 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 09:21:11 -0400
Subject: [PATCH 03/14] Fix first few cfn_nag issues

---
 .../aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
index 55a13d732..831d66ba7 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
@@ -41,9 +41,10 @@ const newZone = new PublicHostedZone(stack, 'new-zone', {
 
 const existingAlb = new ApplicationLoadBalancer(stack, 'test-alb', {
   vpc: newVpc,
-  loadBalancerName: 'find-this-name'
 });
 
+defaults.addCfnSuppressRules(existingAlb, [{ id: 'W52', reason: 'Test ALB only.'}]);
+
 // Definitions
 const props: Route53ToAlbProps = {
   publicApi: true,

From 0df6358df306ac0a5663d5a01451834105db90c5 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 09:56:26 -0400
Subject: [PATCH 04/14] Fix more cfn_nag issues

---
 .../integ.deployPublicApiExistingAlb.expected.json    | 11 ++++++++++-
 .../test/integ.deployWithoutLogging.expected.json     | 10 ++++++++++
 .../test/integ.deployWithoutLogging.ts                |  5 ++++-
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
index 930c86d4d..2348ce232 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
@@ -667,7 +667,6 @@
             "Value": "false"
           }
         ],
-        "Name": "find-this-name",
         "Scheme": "internal",
         "SecurityGroups": [
           {
@@ -689,6 +688,16 @@
           }
         ],
         "Type": "application"
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W52",
+              "reason": "Test ALB only."
+            }
+          ]
+        }
       }
     },
     "testalbSecurityGroup0C84CDF9": {
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
index b94a3d612..e0c64f9de 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
@@ -45,6 +45,16 @@
           }
         ],
         "Type": "application"
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W52",
+              "reason": "This test is explicitly to test the no logging case."
+            }
+          ]
+        }
       }
     },
     "testroute53albtestroute53albalbSecurityGroupC3716E02": {
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
index 8afda2608..59bde9172 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
@@ -15,6 +15,7 @@
 import { App, Stack, Aws } from "@aws-cdk/core";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
 import { generateIntegStackName } from '@aws-solutions-constructs/core';
+import * as defaults from '@aws-solutions-constructs/core';
 
 // Setup
 const app = new App();
@@ -32,7 +33,9 @@ const props: Route53ToAlbProps = {
   logAccessLogs: false,
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'test-route53-alb', props);
+
+defaults.addCfnSuppressRules(testConstruct.loadBalancer, [{ id: 'W52', reason: 'This test is explicitly to test the no logging case.'}]);
 
 // Synth
 app.synth();
\ No newline at end of file

From 5a30ae175caa55e699728cfad021f8551a658601 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 14:18:53 -0400
Subject: [PATCH 05/14] cfn_nag changes

---
 .../integ.deployPublicApiNewAlb.expected.json | 40 ++++++++-----------
 .../test/integ.deployPublicApiNewAlb.ts       |  9 ++++-
 2 files changed, 24 insertions(+), 25 deletions(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
index a428bb0f6..3c859c0de 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -652,6 +652,22 @@
         ]
       }
     },
+    "emptysecuritygroupA4ADE482": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "deployPublicApiNewAlb/empty-security-group",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "0.0.0.0/0",
+            "Description": "Allow all outbound traffic by default",
+            "IpProtocol": "-1"
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      }
+    },
     "newzone1D011936": {
       "Type": "AWS::Route53::HostedZone",
       "Properties": {
@@ -686,7 +702,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "emptysecuritygroupA4ADE482",
               "GroupId"
             ]
           }
@@ -712,28 +728,6 @@
         "VpcPublicSubnet3DefaultRoute4697774F"
       ]
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
-      "Type": "AWS::EC2::SecurityGroup",
-      "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbtestroute53albtestroute53albalbC4C12C26",
-        "SecurityGroupEgress": [
-          {
-            "CidrIp": "255.255.255.255/32",
-            "Description": "Disallow all traffic",
-            "FromPort": 252,
-            "IpProtocol": "icmp",
-            "ToPort": 86
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      },
-      "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
-      ]
-    },
     "testroute53albAC463A50": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
index 9a51b32ba..7e5f9d3f2 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -13,14 +13,14 @@
 
 // Imports
 import { App, Stack, Aws } from "@aws-cdk/core";
+import * as ec2 from '@aws-cdk/aws-ec2';
 import * as defaults from '@aws-solutions-constructs/core';
 import { PublicHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
-import { generateIntegStackName } from '@aws-solutions-constructs/core';
 
 // Setup
 const app = new App();
-const stack = new Stack(app, generateIntegStackName(__filename), {
+const stack = new Stack(app, defaults.generateIntegStackName(__filename), {
   env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
 });
 stack.templateOptions.description = 'Integration Test for aws-route53-alb';
@@ -34,6 +34,10 @@ const newVpc = defaults.buildVpc(stack, {
   },
 });
 
+const emptySecurityGroup = new ec2.SecurityGroup(stack, 'empty-security-group', {
+  vpc: newVpc
+});
+
 const newZone = new PublicHostedZone(stack, 'new-zone', {
   zoneName: 'www.test-example.com',
 });
@@ -45,6 +49,7 @@ const props: Route53ToAlbProps = {
   existingVpc: newVpc,
   loadBalancerProps: {
     loadBalancerName: 'new-alb',
+    securityGroup: emptySecurityGroup,
   }
 };
 

From 31472a6a2acb0dffbd85b324e57aac6374835617 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 15:21:41 -0400
Subject: [PATCH 06/14] Fix more cfn_nag issues

---
 .../integ.deployPublicApiNewAlb.expected.json | 40 +++++++++++--------
 .../test/integ.deployPublicApiNewAlb.ts       |  6 ---
 2 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
index 3c859c0de..a428bb0f6 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -652,22 +652,6 @@
         ]
       }
     },
-    "emptysecuritygroupA4ADE482": {
-      "Type": "AWS::EC2::SecurityGroup",
-      "Properties": {
-        "GroupDescription": "deployPublicApiNewAlb/empty-security-group",
-        "SecurityGroupEgress": [
-          {
-            "CidrIp": "0.0.0.0/0",
-            "Description": "Allow all outbound traffic by default",
-            "IpProtocol": "-1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
     "newzone1D011936": {
       "Type": "AWS::Route53::HostedZone",
       "Properties": {
@@ -702,7 +686,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "emptysecuritygroupA4ADE482",
+              "testroute53albtestroute53albalbSecurityGroupC3716E02",
               "GroupId"
             ]
           }
@@ -728,6 +712,28 @@
         "VpcPublicSubnet3DefaultRoute4697774F"
       ]
     },
+    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbtestroute53albtestroute53albalbC4C12C26",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      },
+      "DependsOn": [
+        "testroute53albPolicy478FC0AF",
+        "testroute53albAC463A50"
+      ]
+    },
     "testroute53albAC463A50": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
index 7e5f9d3f2..90e27504c 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -13,7 +13,6 @@
 
 // Imports
 import { App, Stack, Aws } from "@aws-cdk/core";
-import * as ec2 from '@aws-cdk/aws-ec2';
 import * as defaults from '@aws-solutions-constructs/core';
 import { PublicHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
@@ -34,10 +33,6 @@ const newVpc = defaults.buildVpc(stack, {
   },
 });
 
-const emptySecurityGroup = new ec2.SecurityGroup(stack, 'empty-security-group', {
-  vpc: newVpc
-});
-
 const newZone = new PublicHostedZone(stack, 'new-zone', {
   zoneName: 'www.test-example.com',
 });
@@ -49,7 +44,6 @@ const props: Route53ToAlbProps = {
   existingVpc: newVpc,
   loadBalancerProps: {
     loadBalancerName: 'new-alb',
-    securityGroup: emptySecurityGroup,
   }
 };
 

From 82783b86ff4f6acf63381f923a4185f105dad8e3 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 16:34:59 -0400
Subject: [PATCH 07/14] Fix more cfn_nag issues

---
 .../test/integ.deployPrivateApi.expected.json | 52 +++++++++++--------
 .../test/integ.deployPrivateApi.ts            |  7 ++-
 ...g.deployPublicApiExistingAlb.expected.json | 12 ++++-
 .../test/integ.deployPublicApiExistingAlb.ts  |  6 ++-
 .../integ.deployPublicApiNewAlb.expected.json | 48 ++++++++++-------
 .../test/integ.deployPublicApiNewAlb.ts       |  6 ++-
 .../integ.deployWithoutLogging.expected.json  | 28 ++++++----
 .../test/integ.deployWithoutLogging.ts        |  6 ++-
 8 files changed, 111 insertions(+), 54 deletions(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
index 87aea31e4..c636b74f1 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
@@ -1,7 +1,7 @@
 {
   "Description": "Integration Test for aws-route53-alb",
   "Resources": {
-    "testroute53albtestroute53albzone04BEDFE6": {
+    "privateapistackprivateapistackzone3E5194E7": {
       "Type": "AWS::Route53::HostedZone",
       "Properties": {
         "Name": "www.example.com.",
@@ -15,7 +15,7 @@
         ]
       }
     },
-    "testroute53albtestroute53albalb7C171F50": {
+    "privateapistackprivateapistackalb7242E759": {
       "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
       "Properties": {
         "LoadBalancerAttributes": [
@@ -30,7 +30,7 @@
           {
             "Key": "access_logs.s3.bucket",
             "Value": {
-              "Ref": "testroute53albAC463A50"
+              "Ref": "privateapistack09C932BB"
             }
           },
           {
@@ -42,7 +42,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "privateapistackprivateapistackalbSecurityGroup5A8A9725",
               "GroupId"
             ]
           }
@@ -61,14 +61,14 @@
         "Type": "application"
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
+        "privateapistackPolicy98558170",
+        "privateapistack09C932BB"
       ]
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+    "privateapistackprivateapistackalbSecurityGroup5A8A9725": {
       "Type": "AWS::EC2::SecurityGroup",
       "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApitestroute53albtestroute53albalb1145D1AD",
+        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApiprivateapistackprivateapistackalb5DF93E18",
         "SecurityGroupEgress": [
           {
             "CidrIp": "255.255.255.255/32",
@@ -83,11 +83,21 @@
         }
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
-      ]
+        "privateapistackPolicy98558170",
+        "privateapistack09C932BB"
+      ],
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
+      }
     },
-    "testroute53albAC463A50": {
+    "privateapistack09C932BB": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
         "BucketEncryption": {
@@ -122,11 +132,11 @@
         }
       }
     },
-    "testroute53albPolicy478FC0AF": {
+    "privateapistackPolicy98558170": {
       "Type": "AWS::S3::BucketPolicy",
       "Properties": {
         "Bucket": {
-          "Ref": "testroute53albAC463A50"
+          "Ref": "privateapistack09C932BB"
         },
         "PolicyDocument": {
           "Statement": [
@@ -148,7 +158,7 @@
                     [
                       {
                         "Fn::GetAtt": [
-                          "testroute53albAC463A50",
+                          "privateapistack09C932BB",
                           "Arn"
                         ]
                       },
@@ -158,7 +168,7 @@
                 },
                 {
                   "Fn::GetAtt": [
-                    "testroute53albAC463A50",
+                    "privateapistack09C932BB",
                     "Arn"
                   ]
                 }
@@ -191,7 +201,7 @@
                   [
                     {
                       "Fn::GetAtt": [
-                        "testroute53albAC463A50",
+                        "privateapistack09C932BB",
                         "Arn"
                       ]
                     },
@@ -209,7 +219,7 @@
         }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "privateapistackprivateapistackalias54E3713F": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.example.com.",
@@ -222,7 +232,7 @@
                 "dualstack.",
                 {
                   "Fn::GetAtt": [
-                    "testroute53albtestroute53albalb7C171F50",
+                    "privateapistackprivateapistackalb7242E759",
                     "DNSName"
                   ]
                 }
@@ -231,13 +241,13 @@
           },
           "HostedZoneId": {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalb7C171F50",
+              "privateapistackprivateapistackalb7242E759",
               "CanonicalHostedZoneID"
             ]
           }
         },
         "HostedZoneId": {
-          "Ref": "testroute53albtestroute53albzone04BEDFE6"
+          "Ref": "privateapistackprivateapistackzone3E5194E7"
         }
       }
     },
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
index c3202b758..d42a2a964 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
@@ -15,6 +15,8 @@
 import { App, Stack, Aws } from "@aws-cdk/core";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
 import { generateIntegStackName } from '@aws-solutions-constructs/core';
+import * as defaults from '@aws-solutions-constructs/core';
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -31,7 +33,10 @@ const props: Route53ToAlbProps = {
   }
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'private-api-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 // Synth
 app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
index 2348ce232..b6c97fb8b 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
@@ -716,9 +716,19 @@
         "VpcId": {
           "Ref": "Vpc8378EB38"
         }
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "publicapistackpublicapistackalias4096038C": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.test-example.com.",
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
index 831d66ba7..e97ffe3a0 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
@@ -18,6 +18,7 @@ import { ApplicationLoadBalancer } from "@aws-cdk/aws-elasticloadbalancingv2";
 import { PublicHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
 import { generateIntegStackName } from '@aws-solutions-constructs/core';
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -53,7 +54,10 @@ const props: Route53ToAlbProps = {
   existingLoadBalancerObj: existingAlb,
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'public-api-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 // Synth
 app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
index a428bb0f6..e38957461 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -658,7 +658,7 @@
         "Name": "www.test-example.com."
       }
     },
-    "testroute53albtestroute53albalb7C171F50": {
+    "newalbstacknewalbstackalb50B67E3E": {
       "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
       "Properties": {
         "LoadBalancerAttributes": [
@@ -673,7 +673,7 @@
           {
             "Key": "access_logs.s3.bucket",
             "Value": {
-              "Ref": "testroute53albAC463A50"
+              "Ref": "newalbstackADB02838"
             }
           },
           {
@@ -686,7 +686,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "newalbstacknewalbstackalbSecurityGroup7BBB827C",
               "GroupId"
             ]
           }
@@ -705,17 +705,17 @@
         "Type": "application"
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50",
+        "newalbstackPolicyB7C2D898",
+        "newalbstackADB02838",
         "VpcPublicSubnet1DefaultRoute3DA9E72A",
         "VpcPublicSubnet2DefaultRoute97F91067",
         "VpcPublicSubnet3DefaultRoute4697774F"
       ]
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+    "newalbstacknewalbstackalbSecurityGroup7BBB827C": {
       "Type": "AWS::EC2::SecurityGroup",
       "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbtestroute53albtestroute53albalbC4C12C26",
+        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbnewalbstacknewalbstackalbC987D9E9",
         "SecurityGroupEgress": [
           {
             "CidrIp": "255.255.255.255/32",
@@ -730,11 +730,21 @@
         }
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
-      ]
+        "newalbstackPolicyB7C2D898",
+        "newalbstackADB02838"
+      ],
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
+      }
     },
-    "testroute53albAC463A50": {
+    "newalbstackADB02838": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
         "BucketEncryption": {
@@ -769,11 +779,11 @@
         }
       }
     },
-    "testroute53albPolicy478FC0AF": {
+    "newalbstackPolicyB7C2D898": {
       "Type": "AWS::S3::BucketPolicy",
       "Properties": {
         "Bucket": {
-          "Ref": "testroute53albAC463A50"
+          "Ref": "newalbstackADB02838"
         },
         "PolicyDocument": {
           "Statement": [
@@ -795,7 +805,7 @@
                     [
                       {
                         "Fn::GetAtt": [
-                          "testroute53albAC463A50",
+                          "newalbstackADB02838",
                           "Arn"
                         ]
                       },
@@ -805,7 +815,7 @@
                 },
                 {
                   "Fn::GetAtt": [
-                    "testroute53albAC463A50",
+                    "newalbstackADB02838",
                     "Arn"
                   ]
                 }
@@ -838,7 +848,7 @@
                   [
                     {
                       "Fn::GetAtt": [
-                        "testroute53albAC463A50",
+                        "newalbstackADB02838",
                         "Arn"
                       ]
                     },
@@ -856,7 +866,7 @@
         }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "newalbstacknewalbstackalias05E0DF53": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.test-example.com.",
@@ -869,7 +879,7 @@
                 "dualstack.",
                 {
                   "Fn::GetAtt": [
-                    "testroute53albtestroute53albalb7C171F50",
+                    "newalbstacknewalbstackalb50B67E3E",
                     "DNSName"
                   ]
                 }
@@ -878,7 +888,7 @@
           },
           "HostedZoneId": {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalb7C171F50",
+              "newalbstacknewalbstackalb50B67E3E",
               "CanonicalHostedZoneID"
             ]
           }
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
index 90e27504c..f70f69287 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -16,6 +16,7 @@ import { App, Stack, Aws } from "@aws-cdk/core";
 import * as defaults from '@aws-solutions-constructs/core';
 import { PublicHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -47,7 +48,10 @@ const props: Route53ToAlbProps = {
   }
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'new-alb-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 // Synth
 app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
index e0c64f9de..ff6a4e693 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
@@ -1,7 +1,7 @@
 {
   "Description": "Integration Test for aws-route53-alb",
   "Resources": {
-    "testroute53albtestroute53albzone04BEDFE6": {
+    "nologgingstacknologgingstackzoneE11B9175": {
       "Type": "AWS::Route53::HostedZone",
       "Properties": {
         "Name": "www.example.com.",
@@ -15,7 +15,7 @@
         ]
       }
     },
-    "testroute53albtestroute53albalb7C171F50": {
+    "nologgingstacknologgingstackalbFD11E34A": {
       "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
       "Properties": {
         "LoadBalancerAttributes": [
@@ -28,7 +28,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "nologgingstacknologgingstackalbSecurityGroup1C3487C4",
               "GroupId"
             ]
           }
@@ -57,10 +57,10 @@
         }
       }
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+    "nologgingstacknologgingstackalbSecurityGroup1C3487C4": {
       "Type": "AWS::EC2::SecurityGroup",
       "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployWithoutLoggingtestroute53albtestroute53albalbF6630861",
+        "GroupDescription": "Automatically created Security Group for ELB deployWithoutLoggingnologgingstacknologgingstackalbBA718BE3",
         "SecurityGroupEgress": [
           {
             "CidrIp": "255.255.255.255/32",
@@ -73,9 +73,19 @@
         "VpcId": {
           "Ref": "Vpc8378EB38"
         }
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "nologgingstacknologgingstackalias0D6EE5FC": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.example.com.",
@@ -88,7 +98,7 @@
                 "dualstack.",
                 {
                   "Fn::GetAtt": [
-                    "testroute53albtestroute53albalb7C171F50",
+                    "nologgingstacknologgingstackalbFD11E34A",
                     "DNSName"
                   ]
                 }
@@ -97,13 +107,13 @@
           },
           "HostedZoneId": {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalb7C171F50",
+              "nologgingstacknologgingstackalbFD11E34A",
               "CanonicalHostedZoneID"
             ]
           }
         },
         "HostedZoneId": {
-          "Ref": "testroute53albtestroute53albzone04BEDFE6"
+          "Ref": "nologgingstacknologgingstackzoneE11B9175"
         }
       }
     },
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
index 59bde9172..bc4bcf94b 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts
@@ -16,6 +16,7 @@ import { App, Stack, Aws } from "@aws-cdk/core";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
 import { generateIntegStackName } from '@aws-solutions-constructs/core';
 import * as defaults from '@aws-solutions-constructs/core';
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -33,7 +34,10 @@ const props: Route53ToAlbProps = {
   logAccessLogs: false,
 };
 
-const testConstruct = new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'no-logging-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 defaults.addCfnSuppressRules(testConstruct.loadBalancer, [{ id: 'W52', reason: 'This test is explicitly to test the no logging case.'}]);
 

From b89382ef86aefadce859d6831c69b61219ad2177 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 16:54:21 -0400
Subject: [PATCH 08/14] Viperlight adjustments

---
 .viperlightignore | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.viperlightignore b/.viperlightignore
index 7985dabef..1462a0f3f 100644
--- a/.viperlightignore
+++ b/.viperlightignore
@@ -142,6 +142,6 @@ source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.exis
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:28
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:339
 # These are references to the us-east-1 ELBV2 account (publicly known)
-source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json:183
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json:193
 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json:834
-source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:830
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:840

From 85346df30c1468bcb982ab210274b1bc9fd64a75 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 17:52:28 -0400
Subject: [PATCH 09/14] Fix more cfn_nag issues

---
 ...deployPrivateApiExistingZone.expected.json | 48 +++++++++++--------
 .../integ.deployPrivateApiExistingZone.ts     | 10 ++--
 .../integ.deployPublicApiNewAlb.expected.json |  1 -
 .../test/integ.deployPublicApiNewAlb.ts       |  3 --
 4 files changed, 36 insertions(+), 26 deletions(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json
index f8d9f5a95..66affb07f 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json
@@ -666,7 +666,7 @@
         ]
       }
     },
-    "testroute53albtestroute53albalb7C171F50": {
+    "existingzonestackexistingzonestackalbCFB3D7E4": {
       "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
       "Properties": {
         "LoadBalancerAttributes": [
@@ -681,7 +681,7 @@
           {
             "Key": "access_logs.s3.bucket",
             "Value": {
-              "Ref": "testroute53albAC463A50"
+              "Ref": "existingzonestackEFB9F5B3"
             }
           },
           {
@@ -693,7 +693,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "existingzonestackexistingzonestackalbSecurityGroup6F32DCA5",
               "GroupId"
             ]
           }
@@ -712,14 +712,14 @@
         "Type": "application"
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
+        "existingzonestackPolicyFEC9C88E",
+        "existingzonestackEFB9F5B3"
       ]
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+    "existingzonestackexistingzonestackalbSecurityGroup6F32DCA5": {
       "Type": "AWS::EC2::SecurityGroup",
       "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApiExistingZonetestroute53albtestroute53albalb73DF0A20",
+        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApiExistingZoneexistingzonestackexistingzonestackalbFBEA12EB",
         "SecurityGroupEgress": [
           {
             "CidrIp": "255.255.255.255/32",
@@ -734,11 +734,21 @@
         }
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
-      ]
+        "existingzonestackPolicyFEC9C88E",
+        "existingzonestackEFB9F5B3"
+      ],
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
+      }
     },
-    "testroute53albAC463A50": {
+    "existingzonestackEFB9F5B3": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
         "BucketEncryption": {
@@ -773,11 +783,11 @@
         }
       }
     },
-    "testroute53albPolicy478FC0AF": {
+    "existingzonestackPolicyFEC9C88E": {
       "Type": "AWS::S3::BucketPolicy",
       "Properties": {
         "Bucket": {
-          "Ref": "testroute53albAC463A50"
+          "Ref": "existingzonestackEFB9F5B3"
         },
         "PolicyDocument": {
           "Statement": [
@@ -799,7 +809,7 @@
                     [
                       {
                         "Fn::GetAtt": [
-                          "testroute53albAC463A50",
+                          "existingzonestackEFB9F5B3",
                           "Arn"
                         ]
                       },
@@ -809,7 +819,7 @@
                 },
                 {
                   "Fn::GetAtt": [
-                    "testroute53albAC463A50",
+                    "existingzonestackEFB9F5B3",
                     "Arn"
                   ]
                 }
@@ -842,7 +852,7 @@
                   [
                     {
                       "Fn::GetAtt": [
-                        "testroute53albAC463A50",
+                        "existingzonestackEFB9F5B3",
                         "Arn"
                       ]
                     },
@@ -860,7 +870,7 @@
         }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "existingzonestackexistingzonestackalias77D2E65D": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.test-example.com.",
@@ -873,7 +883,7 @@
                 "dualstack.",
                 {
                   "Fn::GetAtt": [
-                    "testroute53albtestroute53albalb7C171F50",
+                    "existingzonestackexistingzonestackalbCFB3D7E4",
                     "DNSName"
                   ]
                 }
@@ -882,7 +892,7 @@
           },
           "HostedZoneId": {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalb7C171F50",
+              "existingzonestackexistingzonestackalbCFB3D7E4",
               "CanonicalHostedZoneID"
             ]
           }
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
index 9dc2598ab..4883dd117 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
@@ -16,11 +16,11 @@ import { App, Stack, Aws } from "@aws-cdk/core";
 import * as defaults from '@aws-solutions-constructs/core';
 import { PrivateHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
-import { generateIntegStackName } from '@aws-solutions-constructs/core';
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
-const stack = new Stack(app, generateIntegStackName(__filename), {
+const stack = new Stack(app, defaults.generateIntegStackName(__filename), {
   env: { account: Aws.ACCOUNT_ID, region: 'us-east-1' },
 });
 stack.templateOptions.description = 'Integration Test for aws-route53-alb';
@@ -46,7 +46,11 @@ const props: Route53ToAlbProps = {
   existingVpc: newVpc,
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'existing-zone-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
+
 
 // Synth
 app.synth();
\ No newline at end of file
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
index e38957461..f5d8b601b 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -681,7 +681,6 @@
             "Value": ""
           }
         ],
-        "Name": "new-alb",
         "Scheme": "internet-facing",
         "SecurityGroups": [
           {
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
index f70f69287..40f3e496a 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -43,9 +43,6 @@ const props: Route53ToAlbProps = {
   publicApi: true,
   existingHostedZoneInterface: newZone,
   existingVpc: newVpc,
-  loadBalancerProps: {
-    loadBalancerName: 'new-alb',
-  }
 };
 
 const testConstruct = new Route53ToAlb(stack, 'new-alb-stack', props);

From f3bc0220390114c176f8e8e267246da044aedcaf Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 19:13:16 -0400
Subject: [PATCH 10/14] Viperlight adjustments

---
 .viperlightignore | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.viperlightignore b/.viperlightignore
index 1462a0f3f..9a7c8cc93 100644
--- a/.viperlightignore
+++ b/.viperlightignore
@@ -143,5 +143,5 @@ source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:339
 # These are references to the us-east-1 ELBV2 account (publicly known)
 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json:193
-source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json:834
-source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:840
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json:844
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:839

From 5ecfaa4ffa10ba71208004b97490dbe3a7636f64 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 6 Oct 2021 19:20:45 -0400
Subject: [PATCH 11/14] Lint trivia

---
 .../aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts   | 1 -
 1 file changed, 1 deletion(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
index 4883dd117..85c8ffee8 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.ts
@@ -51,6 +51,5 @@ const testConstruct = new Route53ToAlb(stack, 'existing-zone-stack', props);
 const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
 defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
-
 // Synth
 app.synth();
\ No newline at end of file

From 9abdefedef0c650b5d1556b6478406cb17340fce Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 13 Oct 2021 09:36:41 -0400
Subject: [PATCH 12/14] Address review comments

---
 package-lock.json                             | 34 +++++++++++++++++++
 .../aws-route53-alb/README.md                 | 14 +++-----
 .../aws-route53-alb/lib/index.ts              |  2 +-
 .../test/integ.deployPublicApiNewAlb.ts       | 10 ------
 .../aws-route53-alb/test/route53-alb.test.ts  | 18 ++++++++++
 5 files changed, 58 insertions(+), 20 deletions(-)
 create mode 100644 package-lock.json

diff --git a/package-lock.json b/package-lock.json
new file mode 100644
index 000000000..56d8b5a65
--- /dev/null
+++ b/package-lock.json
@@ -0,0 +1,34 @@
+{
+  "requires": true,
+  "lockfileVersion": 1,
+  "dependencies": {
+    "eslint-plugin-mocha": {
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-mocha/-/eslint-plugin-mocha-9.0.0.tgz",
+      "integrity": "sha512-d7knAcQj1jPCzZf3caeBIn3BnW6ikcvfz0kSqQpwPYcVGLoJV5sz0l0OJB2LR8I7dvTDbqq1oV6ylhSgzA10zg==",
+      "dev": true,
+      "requires": {
+        "eslint-utils": "^3.0.0",
+        "ramda": "^0.27.1"
+      }
+    },
+    "eslint-utils": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz",
+      "integrity": "sha512-uuQC43IGctw68pJA1RgbQS8/NP7rch6Cwd4j3ZBtgo4/8Flj4eGE7ZYSZRN3iq5pVUv6GPdW5Z1RFleo84uLDA==",
+      "requires": {
+        "eslint-visitor-keys": "^2.0.0"
+      }
+    },
+    "eslint-visitor-keys": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz",
+      "integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw=="
+    },
+    "ramda": {
+      "version": "0.27.1",
+      "resolved": "https://registry.npmjs.org/ramda/-/ramda-0.27.1.tgz",
+      "integrity": "sha512-PgIdVpn5y5Yns8vqb8FzBUEYn98V3xcPgawAkkgj0YJ0qDsnHCiNmZYfOGMgOvoB0eWFLpYbhxUR3mxfDIMvpw=="
+    }
+  }
+}
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md b/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md
index 295318507..607ad807d 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md
@@ -51,17 +51,10 @@ _Parameters_
 * props [`Route53ToAlbProps`](#pattern-construct-props)
 
 ## Pattern Construct Props
-  // If no existingHostedZone, must send hostedZoneProps with at least zoneName
-  // Public APIs require an existing Hosted Zone to be passed in as the amount of
-  // DNS configuration required can't use any defaults and require a complex
-  // Construct hierarchy to define - at that point the client should just instantiate it.
-  // Private APIs can accept props and create a new Private Hosted Zone.
 
+This construct cannot create a new Public Hosted Zone, if you are creating a public API you must supply an existing Public Hosted Zone that will be reconfigured with a new Alias record. Public Hosted Zones are configured with public domain names and are not well suited to be launched and torn down dynamically, so this construct will only reconfigure existing Public Hosted Zones.
 
-  // drives multiple settings in construct, including
-  // alb.internetFacing and hostedZone creation
-  // This is a construct level attribute, define it here and not
-  // at lower level service props
+This construct can create Private Hosted Zones. If you want a Private Hosted Zone, then you can either provide an existing Private Hosted Zone or a privateHostedZoneProps value with at least the Domain Name defined.
 
 | **Name**     | **Type**        | **Description** |
 |:-------------|:----------------|-----------------|
@@ -71,6 +64,9 @@ _Parameters_
 | existingLoadBalancerObj? | [elasticloadbalancingv2.ApplicationLoadBalancer](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancer.html) | Existing Application Load Balancer to incorporate into the construct architecture. Providing both this and loadBalancerProps is an error. The VPC containing this loadBalancer must match the VPC provided in existingVpc. |
 | vpcProps? | [ec2.VpcProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.VpcProps.html) | Optional custom properties for a VPC the construct will create. This VPC will be used by the new ALB and any Private Hosted Zone the construct creates (that's why loadBalancerProps and privateHostedZoneProps can't include a VPC). Providing both this and existingVpc is an error. |
 | existingVpc? | [ec2.IVpc](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html) | An existing VPC in which to deploy the construct. Providing both this and vpcProps is an error. If the client provides an existing load balancer and/or existing Private Hosted Zone, those constructs must exist in this VPC. |
+| logAccessLogs? | boolean| Whether to turn on Access Logs for the Application Load Balancer. Uses an S3 bucket with associated storage costs.Enabling Access Logging is a best practice. default - true |
+| loggingBucketProps? | [s3.BucketProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.BucketProps.html) | Optional properties to customize the bucket used to store the ALB Access Logs. Supplying this and setting logAccessLogs to false is an error. @default - none |
+
 | publicApi | boolean | Whether the construct is deploying a private or public API. This has implications for the Hosted Zone, VPC and ALB. |
 
 
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts
index 29b05f6c6..0f2d0ba97 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts
@@ -97,7 +97,7 @@ export class Route53ToAlb extends Construct {
   public readonly loadBalancer: elb.ApplicationLoadBalancer;
 
   /**
-   * @summary Constructs a new instance of the LambdaToStepfunctionsProps class.
+   * @summary Constructs a new instance of the Route53ToAlb class.
    * @param {cdk.App} scope - represents the scope for all the resources.
    * @param {string} id - this is a a scope-unique id.
    * @param {Route53ToAlbProps} props - user provided props for the construct.
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
index 40f3e496a..35f8e4d91 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -25,15 +25,6 @@ const stack = new Stack(app, defaults.generateIntegStackName(__filename), {
 });
 stack.templateOptions.description = 'Integration Test for aws-route53-alb';
 
-const newVpc = defaults.buildVpc(stack, {
-  defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(),
-  constructVpcProps: {
-    enableDnsHostnames: true,
-    enableDnsSupport: true,
-    cidr: '172.168.0.0/16',
-  },
-});
-
 const newZone = new PublicHostedZone(stack, 'new-zone', {
   zoneName: 'www.test-example.com',
 });
@@ -42,7 +33,6 @@ const newZone = new PublicHostedZone(stack, 'new-zone', {
 const props: Route53ToAlbProps = {
   publicApi: true,
   existingHostedZoneInterface: newZone,
-  existingVpc: newVpc,
 };
 
 const testConstruct = new Route53ToAlb(stack, 'new-alb-stack', props);
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
index e3fb1596b..f319df513 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
@@ -382,3 +382,21 @@ test('Test providing an existingLoadBalancer', () => {
   });
 
 });
+
+test('Check publicApi and without an existing hosted zone is an error', () => {
+  // Initial Setup
+  const stack = new Stack();
+
+  const testExistingVpc = getTestVpc(stack);
+
+  const props: Route53ToAlbProps = {
+    publicApi: true,
+    existingVpc: testExistingVpc,
+  };
+
+  const app = () => {
+    new Route53ToAlb(stack, 'test-error', props);
+  };
+  // Assertion
+  expect(app).toThrowError();
+});

From 4e1b1f5141aeb5cc37e55ac150cb79bbabc33ae1 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 13 Oct 2021 14:38:25 -0400
Subject: [PATCH 13/14] Address review comments

---
 .../integ.deployPublicApiNewAlb.expected.json | 504 +++++++++---------
 .../aws-route53-alb/test/route53-alb.test.ts  |  32 ++
 .../core/lib/alb-helper.ts                    |   2 +-
 3 files changed, 285 insertions(+), 253 deletions(-)

diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
index f5d8b601b..095a9fa5b 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -1,10 +1,255 @@
 {
   "Description": "Integration Test for aws-route53-alb",
   "Resources": {
+    "newzone1D011936": {
+      "Type": "AWS::Route53::HostedZone",
+      "Properties": {
+        "Name": "www.test-example.com."
+      }
+    },
+    "newalbstacknewalbstackalb50B67E3E": {
+      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
+      "Properties": {
+        "LoadBalancerAttributes": [
+          {
+            "Key": "deletion_protection.enabled",
+            "Value": "false"
+          },
+          {
+            "Key": "access_logs.s3.enabled",
+            "Value": "true"
+          },
+          {
+            "Key": "access_logs.s3.bucket",
+            "Value": {
+              "Ref": "newalbstackADB02838"
+            }
+          },
+          {
+            "Key": "access_logs.s3.prefix",
+            "Value": ""
+          }
+        ],
+        "Scheme": "internet-facing",
+        "SecurityGroups": [
+          {
+            "Fn::GetAtt": [
+              "newalbstacknewalbstackalbSecurityGroup7BBB827C",
+              "GroupId"
+            ]
+          }
+        ],
+        "Subnets": [
+          {
+            "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+          },
+          {
+            "Ref": "VpcPublicSubnet2Subnet691E08A3"
+          },
+          {
+            "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
+          }
+        ],
+        "Type": "application"
+      },
+      "DependsOn": [
+        "newalbstackPolicyB7C2D898",
+        "newalbstackADB02838",
+        "VpcPublicSubnet1DefaultRoute3DA9E72A",
+        "VpcPublicSubnet2DefaultRoute97F91067",
+        "VpcPublicSubnet3DefaultRoute4697774F"
+      ]
+    },
+    "newalbstacknewalbstackalbSecurityGroup7BBB827C": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbnewalbstacknewalbstackalbC987D9E9",
+        "SecurityGroupEgress": [
+          {
+            "CidrIp": "255.255.255.255/32",
+            "Description": "Disallow all traffic",
+            "FromPort": 252,
+            "IpProtocol": "icmp",
+            "ToPort": 86
+          }
+        ],
+        "VpcId": {
+          "Ref": "Vpc8378EB38"
+        }
+      },
+      "DependsOn": [
+        "newalbstackPolicyB7C2D898",
+        "newalbstackADB02838"
+      ],
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
+      }
+    },
+    "newalbstackADB02838": {
+      "Type": "AWS::S3::Bucket",
+      "Properties": {
+        "BucketEncryption": {
+          "ServerSideEncryptionConfiguration": [
+            {
+              "ServerSideEncryptionByDefault": {
+                "SSEAlgorithm": "AES256"
+              }
+            }
+          ]
+        },
+        "PublicAccessBlockConfiguration": {
+          "BlockPublicAcls": true,
+          "BlockPublicPolicy": true,
+          "IgnorePublicAcls": true,
+          "RestrictPublicBuckets": true
+        },
+        "VersioningConfiguration": {
+          "Status": "Enabled"
+        }
+      },
+      "UpdateReplacePolicy": "Retain",
+      "DeletionPolicy": "Retain",
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W35",
+              "reason": "This is a log bucket for an Application Load Balancer"
+            }
+          ]
+        }
+      }
+    },
+    "newalbstackPolicyB7C2D898": {
+      "Type": "AWS::S3::BucketPolicy",
+      "Properties": {
+        "Bucket": {
+          "Ref": "newalbstackADB02838"
+        },
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "*",
+              "Condition": {
+                "Bool": {
+                  "aws:SecureTransport": "false"
+                }
+              },
+              "Effect": "Deny",
+              "Principal": {
+                "AWS": "*"
+              },
+              "Resource": [
+                {
+                  "Fn::Join": [
+                    "",
+                    [
+                      {
+                        "Fn::GetAtt": [
+                          "newalbstackADB02838",
+                          "Arn"
+                        ]
+                      },
+                      "/*"
+                    ]
+                  ]
+                },
+                {
+                  "Fn::GetAtt": [
+                    "newalbstackADB02838",
+                    "Arn"
+                  ]
+                }
+              ],
+              "Sid": "HttpsOnly"
+            },
+            {
+              "Action": [
+                "s3:PutObject",
+                "s3:Abort*"
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "AWS": {
+                  "Fn::Join": [
+                    "",
+                    [
+                      "arn:",
+                      {
+                        "Ref": "AWS::Partition"
+                      },
+                      ":iam::127311923021:root"
+                    ]
+                  ]
+                }
+              },
+              "Resource": {
+                "Fn::Join": [
+                  "",
+                  [
+                    {
+                      "Fn::GetAtt": [
+                        "newalbstackADB02838",
+                        "Arn"
+                      ]
+                    },
+                    "/AWSLogs/",
+                    {
+                      "Ref": "AWS::AccountId"
+                    },
+                    "/*"
+                  ]
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        }
+      }
+    },
+    "newalbstacknewalbstackalias05E0DF53": {
+      "Type": "AWS::Route53::RecordSet",
+      "Properties": {
+        "Name": "www.test-example.com.",
+        "Type": "A",
+        "AliasTarget": {
+          "DNSName": {
+            "Fn::Join": [
+              "",
+              [
+                "dualstack.",
+                {
+                  "Fn::GetAtt": [
+                    "newalbstacknewalbstackalb50B67E3E",
+                    "DNSName"
+                  ]
+                }
+              ]
+            ]
+          },
+          "HostedZoneId": {
+            "Fn::GetAtt": [
+              "newalbstacknewalbstackalb50B67E3E",
+              "CanonicalHostedZoneID"
+            ]
+          }
+        },
+        "HostedZoneId": {
+          "Ref": "newzone1D011936"
+        }
+      }
+    },
     "Vpc8378EB38": {
       "Type": "AWS::EC2::VPC",
       "Properties": {
-        "CidrBlock": "172.168.0.0/16",
+        "CidrBlock": "10.0.0.0/16",
         "EnableDnsHostnames": true,
         "EnableDnsSupport": true,
         "InstanceTenancy": "default",
@@ -19,7 +264,7 @@
     "VpcPublicSubnet1Subnet5C2D37C4": {
       "Type": "AWS::EC2::Subnet",
       "Properties": {
-        "CidrBlock": "172.168.0.0/19",
+        "CidrBlock": "10.0.0.0/19",
         "VpcId": {
           "Ref": "Vpc8378EB38"
         },
@@ -126,7 +371,7 @@
     "VpcPublicSubnet2Subnet691E08A3": {
       "Type": "AWS::EC2::Subnet",
       "Properties": {
-        "CidrBlock": "172.168.32.0/19",
+        "CidrBlock": "10.0.32.0/19",
         "VpcId": {
           "Ref": "Vpc8378EB38"
         },
@@ -233,7 +478,7 @@
     "VpcPublicSubnet3SubnetBE12F0B6": {
       "Type": "AWS::EC2::Subnet",
       "Properties": {
-        "CidrBlock": "172.168.64.0/19",
+        "CidrBlock": "10.0.64.0/19",
         "VpcId": {
           "Ref": "Vpc8378EB38"
         },
@@ -340,7 +585,7 @@
     "VpcPrivateSubnet1Subnet536B997A": {
       "Type": "AWS::EC2::Subnet",
       "Properties": {
-        "CidrBlock": "172.168.96.0/19",
+        "CidrBlock": "10.0.96.0/19",
         "VpcId": {
           "Ref": "Vpc8378EB38"
         },
@@ -402,7 +647,7 @@
     "VpcPrivateSubnet2Subnet3788AAA1": {
       "Type": "AWS::EC2::Subnet",
       "Properties": {
-        "CidrBlock": "172.168.128.0/19",
+        "CidrBlock": "10.0.128.0/19",
         "VpcId": {
           "Ref": "Vpc8378EB38"
         },
@@ -464,7 +709,7 @@
     "VpcPrivateSubnet3SubnetF258B56E": {
       "Type": "AWS::EC2::Subnet",
       "Properties": {
-        "CidrBlock": "172.168.160.0/19",
+        "CidrBlock": "10.0.160.0/19",
         "VpcId": {
           "Ref": "Vpc8378EB38"
         },
@@ -651,251 +896,6 @@
           }
         ]
       }
-    },
-    "newzone1D011936": {
-      "Type": "AWS::Route53::HostedZone",
-      "Properties": {
-        "Name": "www.test-example.com."
-      }
-    },
-    "newalbstacknewalbstackalb50B67E3E": {
-      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
-      "Properties": {
-        "LoadBalancerAttributes": [
-          {
-            "Key": "deletion_protection.enabled",
-            "Value": "false"
-          },
-          {
-            "Key": "access_logs.s3.enabled",
-            "Value": "true"
-          },
-          {
-            "Key": "access_logs.s3.bucket",
-            "Value": {
-              "Ref": "newalbstackADB02838"
-            }
-          },
-          {
-            "Key": "access_logs.s3.prefix",
-            "Value": ""
-          }
-        ],
-        "Scheme": "internet-facing",
-        "SecurityGroups": [
-          {
-            "Fn::GetAtt": [
-              "newalbstacknewalbstackalbSecurityGroup7BBB827C",
-              "GroupId"
-            ]
-          }
-        ],
-        "Subnets": [
-          {
-            "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
-          },
-          {
-            "Ref": "VpcPublicSubnet2Subnet691E08A3"
-          },
-          {
-            "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
-          }
-        ],
-        "Type": "application"
-      },
-      "DependsOn": [
-        "newalbstackPolicyB7C2D898",
-        "newalbstackADB02838",
-        "VpcPublicSubnet1DefaultRoute3DA9E72A",
-        "VpcPublicSubnet2DefaultRoute97F91067",
-        "VpcPublicSubnet3DefaultRoute4697774F"
-      ]
-    },
-    "newalbstacknewalbstackalbSecurityGroup7BBB827C": {
-      "Type": "AWS::EC2::SecurityGroup",
-      "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbnewalbstacknewalbstackalbC987D9E9",
-        "SecurityGroupEgress": [
-          {
-            "CidrIp": "255.255.255.255/32",
-            "Description": "Disallow all traffic",
-            "FromPort": 252,
-            "IpProtocol": "icmp",
-            "ToPort": 86
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      },
-      "DependsOn": [
-        "newalbstackPolicyB7C2D898",
-        "newalbstackADB02838"
-      ],
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W29",
-              "reason": "CDK created rule that blocks all traffic."
-            }
-          ]
-        }
-      }
-    },
-    "newalbstackADB02838": {
-      "Type": "AWS::S3::Bucket",
-      "Properties": {
-        "BucketEncryption": {
-          "ServerSideEncryptionConfiguration": [
-            {
-              "ServerSideEncryptionByDefault": {
-                "SSEAlgorithm": "AES256"
-              }
-            }
-          ]
-        },
-        "PublicAccessBlockConfiguration": {
-          "BlockPublicAcls": true,
-          "BlockPublicPolicy": true,
-          "IgnorePublicAcls": true,
-          "RestrictPublicBuckets": true
-        },
-        "VersioningConfiguration": {
-          "Status": "Enabled"
-        }
-      },
-      "UpdateReplacePolicy": "Retain",
-      "DeletionPolicy": "Retain",
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W35",
-              "reason": "This is a log bucket for an Application Load Balancer"
-            }
-          ]
-        }
-      }
-    },
-    "newalbstackPolicyB7C2D898": {
-      "Type": "AWS::S3::BucketPolicy",
-      "Properties": {
-        "Bucket": {
-          "Ref": "newalbstackADB02838"
-        },
-        "PolicyDocument": {
-          "Statement": [
-            {
-              "Action": "*",
-              "Condition": {
-                "Bool": {
-                  "aws:SecureTransport": "false"
-                }
-              },
-              "Effect": "Deny",
-              "Principal": {
-                "AWS": "*"
-              },
-              "Resource": [
-                {
-                  "Fn::Join": [
-                    "",
-                    [
-                      {
-                        "Fn::GetAtt": [
-                          "newalbstackADB02838",
-                          "Arn"
-                        ]
-                      },
-                      "/*"
-                    ]
-                  ]
-                },
-                {
-                  "Fn::GetAtt": [
-                    "newalbstackADB02838",
-                    "Arn"
-                  ]
-                }
-              ],
-              "Sid": "HttpsOnly"
-            },
-            {
-              "Action": [
-                "s3:PutObject",
-                "s3:Abort*"
-              ],
-              "Effect": "Allow",
-              "Principal": {
-                "AWS": {
-                  "Fn::Join": [
-                    "",
-                    [
-                      "arn:",
-                      {
-                        "Ref": "AWS::Partition"
-                      },
-                      ":iam::127311923021:root"
-                    ]
-                  ]
-                }
-              },
-              "Resource": {
-                "Fn::Join": [
-                  "",
-                  [
-                    {
-                      "Fn::GetAtt": [
-                        "newalbstackADB02838",
-                        "Arn"
-                      ]
-                    },
-                    "/AWSLogs/",
-                    {
-                      "Ref": "AWS::AccountId"
-                    },
-                    "/*"
-                  ]
-                ]
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        }
-      }
-    },
-    "newalbstacknewalbstackalias05E0DF53": {
-      "Type": "AWS::Route53::RecordSet",
-      "Properties": {
-        "Name": "www.test-example.com.",
-        "Type": "A",
-        "AliasTarget": {
-          "DNSName": {
-            "Fn::Join": [
-              "",
-              [
-                "dualstack.",
-                {
-                  "Fn::GetAtt": [
-                    "newalbstacknewalbstackalb50B67E3E",
-                    "DNSName"
-                  ]
-                }
-              ]
-            ]
-          },
-          "HostedZoneId": {
-            "Fn::GetAtt": [
-              "newalbstacknewalbstackalb50B67E3E",
-              "CanonicalHostedZoneID"
-            ]
-          }
-        },
-        "HostedZoneId": {
-          "Ref": "newzone1D011936"
-        }
-      }
     }
   },
   "Parameters": {
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
index f319df513..2698936e9 100644
--- a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
+++ b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/route53-alb.test.ts
@@ -104,6 +104,38 @@ test('Test Private API, existing VPC', () => {
 
 });
 
+test('Test Private API, new VPC', () => {
+  // Initial Setup
+  const stack = new Stack(undefined, undefined, {
+    env: { account: "123456789012", region: 'us-east-1' },
+  });
+
+  const props: Route53ToAlbProps = {
+    publicApi: false,
+    privateHostedZoneProps: {
+      zoneName: 'www.example-test.com',
+    }
+  };
+
+  new Route53ToAlb(stack, 'test-route53-alb', props);
+
+  expect(stack).toHaveResourceLike('AWS::ElasticLoadBalancingV2::LoadBalancer', {
+    Scheme: 'internal'
+  });
+
+  expect(stack).toHaveResourceLike('AWS::EC2::VPC', {
+    EnableDnsHostnames: true,
+    EnableDnsSupport: true,
+    InstanceTenancy: "default",
+  });
+
+  expect(stack).toHaveResourceLike('AWS::Route53::RecordSet', {
+    Name: 'www.example-test.com.',
+    Type: 'A'
+  });
+
+});
+
 test('Check publicApi and zone props is an error', () => {
   // Initial Setup
   const stack = new Stack();
diff --git a/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts
index 7ac21d40c..7034fbfba 100644
--- a/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts
+++ b/source/patterns/@aws-solutions-constructs/core/lib/alb-helper.ts
@@ -121,7 +121,7 @@ export function AddListener(
 export function CreateLambdaTargetGroup(
   scope: Construct,
   id: string,
-  lambdaFunction: lambda.Function,
+  lambdaFunction: lambda.IFunction,
   targetProps?: elb.ApplicationTargetGroupProps
 ): elb.ApplicationTargetGroup {
   const lambdaTarget = new elbt.LambdaTarget(lambdaFunction);

From b8af2559e88839ec236c259a287ac9ad695d5312 Mon Sep 17 00:00:00 2001
From: biffgaut <78155736+biffgaut@users.noreply.github.com>
Date: Wed, 13 Oct 2021 16:45:56 -0400
Subject: [PATCH 14/14] viperlight edits

---
 .viperlightignore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.viperlightignore b/.viperlightignore
index 9a7c8cc93..6604c2705 100644
--- a/.viperlightignore
+++ b/.viperlightignore
@@ -144,4 +144,4 @@ source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda
 # These are references to the us-east-1 ELBV2 account (publicly known)
 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json:193
 source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json:844
-source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:839
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:188