diff --git a/.github/workflows/dedo-duro-analysis.yml b/.github/workflows/dedo-duro-analysis.yml
index 8d8fa93..1c35c3a 100644
--- a/.github/workflows/dedo-duro-analysis.yml
+++ b/.github/workflows/dedo-duro-analysis.yml
@@ -1,39 +1,27 @@
+# Dedo-Duro AWS Resource Analysis
+# Automated weekly analysis with on-demand triggering
+
 name: Dedo-Duro AWS Analysis
 
 on:
-  # Run weekly on Monday at 6 AM UTC
   schedule:
+    # Run weekly on Monday at 6 AM UTC
     - cron: '0 6 * * 1'
-
-  # Allow manual trigger
+  
   workflow_dispatch:
     inputs:
-      region:
-        description: 'AWS Region to analyze (leave empty for default)'
-        required: false
-        type: string
       resource_types:
-        description: 'Comma-separated resource types (leave empty for all)'
+        description: 'Comma-separated resource types (e.g., ec2,rds,s3)'
         required: false
-        type: string
-      output_format:
-        description: 'Output format'
+        default: 'ec2,rds,s3,ebs,lambda,dynamodb'
+      regions:
+        description: 'Comma-separated AWS regions (e.g., us-east-1,us-west-2)'
         required: false
-        default: 'html'
-        type: choice
-        options:
-          - html
-          - json
-          - csv
-      multi_region:
-        description: 'Analyze all regions'
+        default: 'us-east-1'
+      environment:
+        description: 'Environment filter (prod, test, dev, or empty for all)'
         required: false
-        default: false
-        type: boolean
-      environment_filter:
-        description: 'Environment filter (prod, test, dev)'
-        required: false
-        type: string
+        default: ''
 
 env:
   PYTHON_VERSION: '3.11'
@@ -42,165 +30,115 @@ jobs:
   analyze:
     name: Run AWS Resource Analysis
     runs-on: ubuntu-latest
+    
     permissions:
-      id-token: write  # Required for OIDC authentication
+      id-token: write  # For OIDC authentication
       contents: read
-
+    
     steps:
-      - name: Checkout repository
+      - name: Checkout Repository
         uses: actions/checkout@v4
-
+      
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
           python-version: ${{ env.PYTHON_VERSION }}
           cache: 'pip'
-
-      - name: Install dependencies
+      
+      - name: Install Dependencies
         run: |
           python -m pip install --upgrade pip
           pip install -r requirements.txt
-
-      - name: Configure AWS credentials
+      
+      - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
-        env:
-          INPUT_REGION: ${{ inputs.region }}
-          DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
         with:
           role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-          aws-region: ${{ inputs.region || secrets.AWS_DEFAULT_REGION || 'us-east-1' }}
-
+          aws-region: us-east-1
+          # Alternative: Use access keys (less secure)
+          # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      
       - name: Run Dedo-Duro Analysis
         id: analysis
-        env:
-          INPUT_REGION: ${{ inputs.region }}
-          INPUT_RESOURCE_TYPES: ${{ inputs.resource_types }}
-          INPUT_OUTPUT_FORMAT: ${{ inputs.output_format }}
-          INPUT_MULTI_REGION: ${{ inputs.multi_region }}
-          INPUT_ENVIRONMENT: ${{ inputs.environment_filter }}
         run: |
-          # Build command with optional parameters using environment variables
-          CMD="python main.py"
-
-          # Add region if specified (validate alphanumeric and hyphens only)
-          if [ -n "$INPUT_REGION" ]; then
-            SAFE_REGION=$(echo "$INPUT_REGION" | grep -E '^[a-z0-9-]+$' || echo "")
-            if [ -n "$SAFE_REGION" ]; then
-              CMD="$CMD --region $SAFE_REGION"
-            fi
-          fi
-
-          # Add resource types if specified (validate alphanumeric, commas, underscores)
-          if [ -n "$INPUT_RESOURCE_TYPES" ]; then
-            SAFE_TYPES=$(echo "$INPUT_RESOURCE_TYPES" | grep -E '^[a-zA-Z0-9_,]+$' || echo "")
-            if [ -n "$SAFE_TYPES" ]; then
-              CMD="$CMD --resource-types $SAFE_TYPES"
-            fi
-          fi
-
-          # Add output format (choice type, already validated)
-          if [ -n "$INPUT_OUTPUT_FORMAT" ]; then
-            CMD="$CMD --output-format $INPUT_OUTPUT_FORMAT"
-          else
-            CMD="$CMD --output-format html"
-          fi
-
-          # Add multi-region flag if enabled
-          if [ "$INPUT_MULTI_REGION" = "true" ]; then
-            CMD="$CMD --multi-region"
+          # Set default values
+          RESOURCE_TYPES="${{ github.event.inputs.resource_types || 'ec2,rds,s3,ebs,lambda' }}"
+          REGIONS="${{ github.event.inputs.regions || 'us-east-1' }}"
+          ENVIRONMENT="${{ github.event.inputs.environment || '' }}"
+          
+          # Build command
+          CMD="python main.py --resource-types $RESOURCE_TYPES --regions $REGIONS --output-format html,json"
+          
+          if [ -n "$ENVIRONMENT" ]; then
+            CMD="$CMD --environment $ENVIRONMENT"
           fi
-
-          # Add environment filter if specified (validate alphanumeric only)
-          if [ -n "$INPUT_ENVIRONMENT" ]; then
-            SAFE_ENV=$(echo "$INPUT_ENVIRONMENT" | grep -E '^[a-zA-Z]+$' || echo "")
-            if [ -n "$SAFE_ENV" ]; then
-              CMD="$CMD --environment $SAFE_ENV"
-            fi
-          fi
-
-          # Run analysis
+          
           echo "Running: $CMD"
-          eval "$CMD"
-
-          # Set output file path
-          REPORT=$(ls aws-optimization-report.* 2>/dev/null | head -1)
-          echo "report_file=$REPORT" >> "$GITHUB_OUTPUT"
-
-      - name: Upload Report Artifact
+          $CMD
+          
+          # Set outputs
+          echo "report_date=$(date +%Y%m%d_%H%M%S)" >> $GITHUB_OUTPUT
+      
+      - name: Upload HTML Report
         uses: actions/upload-artifact@v4
         with:
-          name: dedo-duro-report-${{ github.run_number }}
+          name: dedo-duro-report-${{ steps.analysis.outputs.report_date }}
           path: |
-            aws-optimization-report.*
-          retention-days: 30
-
-      - name: Upload to S3 (optional)
+            aws_resource_report_*.html
+            aws_resource_report_*.json
+          retention-days: 90
+      
+      - name: Upload to S3 (Optional)
         if: ${{ secrets.REPORT_S3_BUCKET != '' }}
-        env:
-          REPORT_FILE: ${{ steps.analysis.outputs.report_file }}
-          S3_BUCKET: ${{ secrets.REPORT_S3_BUCKET }}
-        run: |
-          if [ -n "$REPORT_FILE" ] && [ -f "$REPORT_FILE" ]; then
-            TIMESTAMP=$(date +%Y-%m-%d)
-            aws s3 cp "$REPORT_FILE" "s3://${S3_BUCKET}/reports/${TIMESTAMP}/${REPORT_FILE}"
-            echo "Report uploaded to s3://${S3_BUCKET}/reports/${TIMESTAMP}/${REPORT_FILE}"
-          fi
-
-      - name: Create Summary
-        env:
-          REPORT_FILE: ${{ steps.analysis.outputs.report_file }}
-          INPUT_REGION: ${{ inputs.region }}
-          INPUT_OUTPUT_FORMAT: ${{ inputs.output_format }}
         run: |
-          {
-            echo "## Dedo-Duro Analysis Complete"
-            echo ""
-            echo "**Report:** \`${REPORT_FILE:-no report}\`"
-            echo "**Region:** ${INPUT_REGION:-default}"
-            echo "**Format:** ${INPUT_OUTPUT_FORMAT:-html}"
-            echo ""
-            echo "Download the report from the Artifacts section above."
-          } >> "$GITHUB_STEP_SUMMARY"
+          aws s3 cp aws_resource_report_*.html s3://${{ secrets.REPORT_S3_BUCKET }}/reports/
+          aws s3 cp aws_resource_report_*.json s3://${{ secrets.REPORT_S3_BUCKET }}/reports/
+      
+      - name: Post Summary to PR/Issue
+        if: github.event_name == 'workflow_dispatch'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs');
+            
+            // Read JSON report for summary
+            const files = fs.readdirSync('.').filter(f => f.endsWith('.json') && f.startsWith('aws_resource_report'));
+            if (files.length > 0) {
+              const report = JSON.parse(fs.readFileSync(files[0], 'utf8'));
+              
+              let summary = `## Dedo-Duro Analysis Complete\n\n`;
+              summary += `**Date:** ${new Date().toISOString()}\n`;
+              summary += `**Regions:** ${{ github.event.inputs.regions || 'us-east-1' }}\n\n`;
+              summary += `### Summary\n`;
+              
+              if (report.summary) {
+                summary += `- **Total Resources:** ${report.summary.total_resources || 'N/A'}\n`;
+                summary += `- **Potential Savings:** $${(report.summary.total_potential_savings || 0).toLocaleString()}/month\n`;
+              }
+              
+              core.summary.addRaw(summary).write();
+            }
 
   notify:
     name: Send Notifications
     needs: analyze
     runs-on: ubuntu-latest
     if: always()
-
+    
     steps:
-      - name: Send Slack Notification (optional)
+      - name: Notify Slack
         if: ${{ secrets.SLACK_WEBHOOK_URL != '' }}
-        uses: slackapi/slack-github-action@v1.25.0
+        uses: 8398a7/action-slack@v3
+        with:
+          status: ${{ needs.analyze.result }}
+          fields: repo,message,commit,author,action,eventName,ref,workflow
         env:
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
-          ANALYZE_RESULT: ${{ needs.analyze.result }}
-          RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
-        with:
-          payload: |
-            {
-              "text": "Dedo-Duro AWS Analysis Complete",
-              "blocks": [
-                {
-                  "type": "header",
-                  "text": {
-                    "type": "plain_text",
-                    "text": "Dedo-Duro AWS Analysis Report"
-                  }
-                },
-                {
-                  "type": "section",
-                  "fields": [
-                    {
-                      "type": "mrkdwn",
-                      "text": "*Status:*\n${{ needs.analyze.result }}"
-                    },
-                    {
-                      "type": "mrkdwn",
-                      "text": "*Run:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Details>"
-                    }
-                  ]
-                }
-              ]
-            }
+      
+      - name: Notify Teams
+        if: ${{ secrets.TEAMS_WEBHOOK_URL != '' && needs.analyze.result != 'success' }}
+        run: |
+          curl -H 'Content-Type: application/json' \
+            -d '{"@type":"MessageCard","title":"Dedo-Duro Analysis","text":"Analysis completed with status: ${{ needs.analyze.result }}"}' \
+            ${{ secrets.TEAMS_WEBHOOK_URL }}
diff --git a/README.md b/README.md
index 233814b..80d0dff 100755
--- a/README.md
+++ b/README.md
@@ -220,6 +220,25 @@ Comprehensive cost optimization for AWS AI/ML services:
 - **CircleCI Config**: Configuration for CircleCI pipelines
 - **Artifact Upload**: Automatic report upload to S3 or CI artifacts
 
+#### Web Dashboard (Enterprise)
+- **Real-time Monitoring**: Flask-based web dashboard for live analysis status
+- **REST API**: Full API for triggering analysis and retrieving results
+- **Report History**: View and compare historical analysis reports
+- **Alert Configuration**: Configure custom alert thresholds via web interface
+
+#### Notifications (Enterprise)
+- **Slack Integration**: Send alerts and reports to Slack channels via webhooks
+- **Microsoft Teams**: Teams channel integration for notifications
+- **Custom Alerts**: Configurable thresholds for cost, security, and idle resources
+- **Alert Severity Levels**: Critical, warning, and info classifications
+
+#### Auto-Remediation (Experimental)
+- **Safe Operations Only**: Tagging and snapshot operations by default
+- **Dry-Run Mode**: All actions simulated unless explicitly enabled
+- **Approval Workflow**: High-risk actions require manual approval
+- **Audit Logging**: Complete audit trail of all remediation actions
+- **Risk Levels**: SAFE, LOW, MEDIUM, HIGH, CRITICAL classifications
+
 ### Advanced Capabilities & Reporting
 
 - **Multi-Region & China Region Support:** Analyzes resources across multiple specified AWS regions simultaneously, including AWS China regions (`cn-north-1`, `cn-northwest-1`).
@@ -468,6 +487,26 @@ flowchart LR
 │   └── dedo-duro-analysis.yml  # Automated analysis workflow
 ├── .circleci/                  # CircleCI configuration (v12.0)
 │   └── config.yml              # CircleCI pipeline config
+├── web/                        # Web Dashboard (v12.0-Enterprise)
+│   ├── app.py                  # Flask application
+│   ├── templates/              # HTML templates
+│   │   └── index.html          # Dashboard template
+│   └── static/                 # CSS/JS assets
+│       ├── style.css           # Dashboard styles
+│       └── app.js              # Dashboard JavaScript
+├── notifications/              # Notification System (v12.0-Enterprise)
+│   ├── __init__.py
+│   ├── slack.py                # Slack webhook integration
+│   ├── teams.py                # Microsoft Teams integration
+│   └── alerting.py             # Alert manager with thresholds
+├── remediation/                # Auto-Remediation (v12.0-Enterprise)
+│   ├── __init__.py
+│   ├── base.py                 # Base remediation framework
+│   ├── ec2_remediation.py      # EC2 remediation actions
+│   ├── rds_remediation.py      # RDS remediation actions
+│   └── s3_remediation.py       # S3 remediation actions
+├── docs/                       # Documentation
+│   └── kubernetes_permissions.md  # K8s permissions guide
 └── utils/                      # Utility functions (shared)
     ├── __init__.py
     ├── aws_utils.py            # AWS-specific utilities
@@ -1396,13 +1435,19 @@ Key milestones: v2.0 (architecture), v3.0 (security), v4.0 (Spot), v5.0 (orphan)
 - ~~Reading files with tags and metadata to facilitate the resource grouping process~~ → **Tag-based grouping** (`--grouping-tags`)
 - ~~Create the all-in option - Run for a set of accounts at the same time~~ → **Multi-Account Analysis** (`--accounts-file`, `--all-accounts`)
 
+### Completed in v12.0-Enterprise ✅
+
+- ~~Web interface for real-time monitoring~~ → **Web Dashboard** (`web/app.py` - Flask-based)
+- ~~Auto-remediation capabilities (experimental)~~ → **Remediation Framework** (`remediation/` module)
+- ~~Integration with Slack/Teams for notifications~~ → **Notification System** (`notifications/` module)
+- ~~Custom alerting thresholds~~ → **Alert Manager** (`notifications/alerting.py`)
+- ~~Kubernetes permissions documentation~~ → **Kubernetes Permissions** (`docs/kubernetes_permissions.md`)
+
 ### Pending
 
-- List new permissions required for new functions, such as Kubernetes (partial - see `docs/kubernetes_permissions.md`)
-- Web interface for real-time monitoring
-- Auto-remediation capabilities (experimental)
-- Integration with Slack/Teams for notifications
-- Custom alerting thresholds
+- Enhanced web dashboard with real-time WebSocket updates
+- Remediation approval workflow via web interface
+- Historical trend analysis and forecasting
 
 ---
 
diff --git a/changelog.md b/changelog.md
index 35d5bb7..b47892e 100755
--- a/changelog.md
+++ b/changelog.md
@@ -2,6 +2,80 @@
 
 All notable changes to this project will be documented in this file.
 
+## [12.0-Enterprise] - 2025-01-26
+
+### Added
+
+- **Multi-Account Analysis (`core/multi_account.py`)**: New orchestration module for analyzing multiple AWS accounts in a single run.
+  - Support for `--accounts-file` JSON configuration
+  - `--all-accounts` option for AWS Organizations integration
+  - Cross-account role assumption with automatic credential management
+  - Support for AWS GovCloud (`aws-us-gov`) and China (`aws-cn`) partitions
+
+- **Cost Explorer Analyzer (`analyzers/cost_explorer_analyzer.py`)**: New analyzer integrating with AWS Cost Explorer API.
+  - Actual spend data vs. estimated costs comparison
+  - Cost anomaly detection
+  - Service-by-service cost breakdown
+  - 30-day cost trends and forecasting
+
+- **RTO/RPO Analyzer (`analyzers/rto_analyzer.py`)**: New analyzer for disaster recovery readiness assessment.
+  - Backup configuration analysis
+  - Cross-region replication status
+  - Recovery time objectives evaluation
+  - Recovery point objectives metrics
+
+- **EKS Session Analyzer (`analyzers/eks_session_analyzer.py`)**: New analyzer for Kubernetes session monitoring.
+  - Active kubectl session tracking
+  - SSM sessions to EKS nodes monitoring
+  - Unusual session pattern detection
+
+- **EKS Deployment Lifecycle (`analyzers/eks_deployment_lifecycle.py`)**: New analyzer for deployment health.
+  - Deployment rollout status tracking
+  - Pod restart pattern analysis
+  - Deployment age vs. update frequency analysis
+
+- **Environment Filtering**: New `--environment` CLI argument for prod/test/dev filtering.
+  - Tag-based environment detection
+  - Configurable environment tags in `AnalysisConfig`
+
+- **Tag-Based Resource Grouping**: Enhanced HTML reports with tag-based grouping sections.
+  - Configurable grouping tags
+  - Visual separation by business unit, application, or custom tags
+
+- **CI/CD Integration Templates**:
+  - GitHub Actions workflow (`.github/workflows/dedo-duro-analysis.yml`)
+  - Jenkins pipeline (`ci/Jenkinsfile`)
+  - CircleCI configuration (`.circleci/config.yml`)
+
+- **Web Interface (`web/app.py`)**: New Flask-based web dashboard for real-time monitoring.
+  - REST API for analysis triggering
+  - Interactive report viewer
+  - Historical report comparison
+  - Real-time analysis status
+
+- **Notifications Module (`notifications/`)**: Integration with messaging platforms.
+  - Slack webhook integration
+  - Microsoft Teams integration
+  - Custom alerting thresholds
+  - Cost threshold alerts
+
+- **Auto-Remediation (`remediation/`)**: Experimental auto-fix capabilities.
+  - Safe operations only (tagging, snapshots)
+  - Dry-run mode by default
+  - Audit logging for all actions
+
+- **Kubernetes Permissions Documentation (`docs/kubernetes_permissions.md`)**: Comprehensive guide for EKS monitoring permissions.
+  - IAM permissions for EKS, SSM, CloudWatch, CloudTrail
+  - Kubernetes RBAC ClusterRole and ClusterRoleBinding examples
+  - Verification commands and security best practices
+
+### Changed
+
+- Updated `config.py` with `MultiAccountConfig`, `AlertConfig`, and `environment_filter` fields
+- Enhanced `main.py` with new CLI arguments for all v12.0 features
+- Improved `core/analyzer.py` with multi-account support and environment filtering
+- Enhanced `reporters/html_reporter.py` with tag-based grouping sections
+
 ## [15.0] - 2025-05-23
 
 ### Added
diff --git a/ci/Jenkinsfile b/ci/Jenkinsfile
index 53d0bda..edb2399 100644
--- a/ci/Jenkinsfile
+++ b/ci/Jenkinsfile
@@ -1,239 +1,91 @@
-/**
- * Dedo-Duro AWS Resource Analysis Pipeline
- *
- * This Jenkinsfile runs the Dedo-Duro analyzer to identify AWS cost
- * optimization opportunities and generate reports.
- *
- * Prerequisites:
- * - AWS credentials configured (via IAM role or credentials plugin)
- * - Python 3.9+ available on agent
- * - pip installed
- *
- * Parameters:
- * - AWS_REGION: Target AWS region (optional)
- * - RESOURCE_TYPES: Comma-separated analyzer keys (optional)
- * - OUTPUT_FORMAT: Report format (html, json, csv)
- * - MULTI_REGION: Analyze all regions (boolean)
- * - ENVIRONMENT_FILTER: Filter by environment tag (prod, test, dev)
- */
+// Dedo-Duro Jenkins Pipeline
+// Automated AWS Resource Analysis
 
 pipeline {
-    agent any
-
+    agent {
+        docker {
+            image 'python:3.11-slim'
+            args '-v /var/run/docker.sock:/var/run/docker.sock'
+        }
+    }
+    
     parameters {
-        string(
-            name: 'AWS_REGION',
-            defaultValue: '',
-            description: 'AWS region to analyze (leave empty for default)'
-        )
-        string(
-            name: 'RESOURCE_TYPES',
-            defaultValue: '',
-            description: 'Comma-separated list of analyzer keys (e.g., ec2,s3,rds)'
-        )
-        choice(
-            name: 'OUTPUT_FORMAT',
-            choices: ['html', 'json', 'csv'],
-            description: 'Report output format'
-        )
-        booleanParam(
-            name: 'MULTI_REGION',
-            defaultValue: false,
-            description: 'Analyze resources across all AWS regions'
-        )
-        string(
-            name: 'ENVIRONMENT_FILTER',
-            defaultValue: '',
-            description: 'Filter resources by environment (prod, test, dev)'
-        )
-        string(
-            name: 'S3_BUCKET',
-            defaultValue: '',
-            description: 'S3 bucket for report upload (optional)'
-        )
+        string(name: 'RESOURCE_TYPES', defaultValue: 'ec2,rds,s3,ebs,lambda', description: 'Comma-separated resource types')
+        string(name: 'REGIONS', defaultValue: 'us-east-1', description: 'Comma-separated AWS regions')
+        string(name: 'ENVIRONMENT', defaultValue: '', description: 'Environment filter (prod, test, dev)')
     }
-
+    
     environment {
-        PYTHON_VERSION = '3.11'
-        REPORT_DIR = 'reports'
+        AWS_DEFAULT_REGION = 'us-east-1'
     }
-
+    
     triggers {
-        // Run weekly on Monday at 6 AM
-        cron('H 6 * * 1')
-    }
-
-    options {
-        buildDiscarder(logRotator(numToKeepStr: '30'))
-        timestamps()
-        timeout(time: 60, unit: 'MINUTES')
-        disableConcurrentBuilds()
+        cron('H 6 * * 1')  // Weekly on Monday
     }
-
+    
     stages {
-        stage('Checkout') {
-            steps {
-                checkout scm
-            }
-        }
-
-        stage('Setup Python Environment') {
+        stage('Setup') {
             steps {
                 sh '''
-                    python3 -m venv venv
-                    . venv/bin/activate
                     pip install --upgrade pip
                     pip install -r requirements.txt
                 '''
             }
         }
-
-        stage('Validate Parameters') {
+        
+        stage('Analyze') {
             steps {
-                script {
-                    // Validate region format if provided
-                    if (params.AWS_REGION) {
-                        if (!(params.AWS_REGION ==~ /^[a-z]{2}-[a-z]+-\d+$/)) {
-                            error("Invalid AWS region format: ${params.AWS_REGION}")
-                        }
-                    }
-
-                    // Validate resource types format if provided
-                    if (params.RESOURCE_TYPES) {
-                        if (!(params.RESOURCE_TYPES ==~ /^[a-zA-Z0-9_,]+$/)) {
-                            error("Invalid resource types format: ${params.RESOURCE_TYPES}")
-                        }
-                    }
-
-                    // Validate environment filter if provided
-                    if (params.ENVIRONMENT_FILTER) {
-                        def validEnvs = ['prod', 'production', 'test', 'testing', 'dev', 'development', 'staging', 'qa']
-                        if (!(params.ENVIRONMENT_FILTER.toLowerCase() in validEnvs)) {
-                            error("Invalid environment filter: ${params.ENVIRONMENT_FILTER}")
-                        }
-                    }
-                }
-            }
-        }
-
-        stage('Run Analysis') {
-            steps {
-                withAWS(credentials: 'aws-credentials', region: params.AWS_REGION ?: 'us-east-1') {
+                withCredentials([[$class: 'AmazonWebServicesCredentialsBinding', 
+                                  credentialsId: 'aws-credentials']]) {
                     script {
-                        def cmd = '. venv/bin/activate && python main.py'
-
-                        // Add optional parameters
-                        if (params.AWS_REGION) {
-                            cmd += " --region ${params.AWS_REGION}"
+                        def cmd = "python main.py --resource-types ${params.RESOURCE_TYPES} --regions ${params.REGIONS} --output-format html,json"
+                        if (params.ENVIRONMENT) {
+                            cmd += " --environment ${params.ENVIRONMENT}"
                         }
-
-                        if (params.RESOURCE_TYPES) {
-                            cmd += " --resource-types ${params.RESOURCE_TYPES}"
-                        }
-
-                        cmd += " --output-format ${params.OUTPUT_FORMAT}"
-
-                        if (params.MULTI_REGION) {
-                            cmd += ' --multi-region'
-                        }
-
-                        if (params.ENVIRONMENT_FILTER) {
-                            cmd += " --environment ${params.ENVIRONMENT_FILTER}"
-                        }
-
                         sh cmd
                     }
                 }
             }
         }
-
-        stage('Archive Reports') {
+        
+        stage('Archive') {
             steps {
-                script {
-                    // Find and archive the report
-                    def reportPattern = "aws-optimization-report.${params.OUTPUT_FORMAT}"
-
-                    archiveArtifacts(
-                        artifacts: reportPattern,
-                        allowEmptyArchive: false,
-                        fingerprint: true
-                    )
-
-                    // Publish HTML report if format is HTML
-                    if (params.OUTPUT_FORMAT == 'html') {
-                        publishHTML(target: [
-                            allowMissing: false,
-                            alwaysLinkToLastBuild: true,
-                            keepAll: true,
-                            reportDir: '.',
-                            reportFiles: 'aws-optimization-report.html',
-                            reportName: 'Dedo-Duro Report'
-                        ])
-                    }
-                }
+                archiveArtifacts artifacts: 'aws_resource_report_*.html,aws_resource_report_*.json', fingerprint: true
             }
         }
-
+        
         stage('Upload to S3') {
             when {
-                expression { params.S3_BUCKET?.trim() }
+                environment name: 'REPORT_S3_BUCKET', value: ''
             }
             steps {
-                withAWS(credentials: 'aws-credentials', region: params.AWS_REGION ?: 'us-east-1') {
-                    script {
-                        def timestamp = new Date().format('yyyy-MM-dd')
-                        def reportFile = "aws-optimization-report.${params.OUTPUT_FORMAT}"
-                        def s3Key = "dedo-duro-reports/${timestamp}/${reportFile}"
-
-                        s3Upload(
-                            bucket: params.S3_BUCKET,
-                            file: reportFile,
-                            path: s3Key
-                        )
-
-                        echo "Report uploaded to s3://${params.S3_BUCKET}/${s3Key}"
-                    }
+                withCredentials([[$class: 'AmazonWebServicesCredentialsBinding',
+                                  credentialsId: 'aws-credentials']]) {
+                    sh '''
+                        aws s3 cp aws_resource_report_*.html s3://${REPORT_S3_BUCKET}/reports/
+                        aws s3 cp aws_resource_report_*.json s3://${REPORT_S3_BUCKET}/reports/
+                    '''
                 }
             }
         }
     }
-
+    
     post {
         always {
-            cleanWs()
+            publishHTML(target: [
+                allowMissing: true,
+                alwaysLinkToLastBuild: true,
+                keepAll: true,
+                reportDir: '.',
+                reportFiles: 'aws_resource_report_*.html',
+                reportName: 'Dedo-Duro Report'
+            ])
         }
-
         success {
-            echo 'Dedo-Duro analysis completed successfully!'
-
-            // Send Slack notification if configured
-            script {
-                try {
-                    slackSend(
-                        channel: '#aws-cost-alerts',
-                        color: 'good',
-                        message: "Dedo-Duro Analysis Complete - ${env.BUILD_URL}"
-                    )
-                } catch (Exception e) {
-                    echo "Slack notification skipped: ${e.message}"
-                }
-            }
+            echo 'Analysis completed successfully!'
         }
-
         failure {
-            echo 'Dedo-Duro analysis failed!'
-
-            script {
-                try {
-                    slackSend(
-                        channel: '#aws-cost-alerts',
-                        color: 'danger',
-                        message: "Dedo-Duro Analysis Failed - ${env.BUILD_URL}"
-                    )
-                } catch (Exception e) {
-                    echo "Slack notification skipped: ${e.message}"
-                }
-            }
+            echo 'Analysis failed!'
         }
     }
 }
diff --git a/complete_simulated_report.html b/complete_simulated_report.html
index 03bdba0..2b7e9df 100644
--- a/complete_simulated_report.html
+++ b/complete_simulated_report.html
@@ -88,20 +88,20 @@ <h2>Executive Summary</h2>
         
                     <div class="summary-item"><div class="label">Analyzed Regions</div><div class="value">eu-west-1, us-east-1, us-west-2</div></div>
              
-                    <div class="summary-item"><div class="label">Analysis Date</div><div class="value">2026-01-26 18:50:06 UTC</div></div>
+                    <div class="summary-item"><div class="label">Analysis Date</div><div class="value">2026-01-26 19:10:33 UTC</div></div>
                     <div class="summary-item"><div class="label">Resources Analyzed</div><div class="value">84</div></div>
-                    <div class="summary-item"><div class="label">Optimization Opportunities</div><div class="value">20<span style="font-size: 0.6em;"> (23.8%)</span></div></div>
-                    <div class="summary-item"><div class="label">Est. Monthly Savings (Spot Priority)</div><div class="value savings">$534.97</div></div>
-                    <div class="summary-item"><div class="label">Est. Annual Savings (Spot Priority)</div><div class="value savings">$6419.66</div></div>
-                    <div class="summary-item"><div class="label">Est. Monthly Savings (Right-Sizing Priority)</div><div class="value savings">$891.62</div></div>
-                    <div class="summary-item"><div class="label">Est. Annual Savings (Right-Sizing Priority)</div><div class="value savings">$10699.44</div></div>
+                    <div class="summary-item"><div class="label">Optimization Opportunities</div><div class="value">23<span style="font-size: 0.6em;"> (27.4%)</span></div></div>
+                    <div class="summary-item"><div class="label">Est. Monthly Savings (Spot Priority)</div><div class="value savings">$561.43</div></div>
+                    <div class="summary-item"><div class="label">Est. Annual Savings (Spot Priority)</div><div class="value savings">$6737.18</div></div>
+                    <div class="summary-item"><div class="label">Est. Monthly Savings (Right-Sizing Priority)</div><div class="value savings">$935.72</div></div>
+                    <div class="summary-item"><div class="label">Est. Annual Savings (Right-Sizing Priority)</div><div class="value savings">$11228.64</div></div>
         
-                    <div class="summary-item"><div class="label">Est. Annual Savings (Schedule)</div><div class="value savings">$89192.84</div></div>
+                    <div class="summary-item"><div class="label">Est. Annual Savings (Schedule)</div><div class="value savings">$140453.75</div></div>
              
-                    <div class="summary-item"><div class="label">Old EBS Snapshots (> 1 Year)</div><div class="value">24</div></div>
-                    <div class="summary-item"><div class="label">Est. Monthly Cost (Old Snapshots)</div><div class="value savings">$309.85</div></div>
+                    <div class="summary-item"><div class="label">Old EBS Snapshots (> 1 Year)</div><div class="value">18</div></div>
+                    <div class="summary-item"><div class="label">Est. Monthly Cost (Old Snapshots)</div><div class="value savings">$223.47</div></div>
              
-                    <div class="summary-item"><div class="label">Security Findings</div><div class="value" style="color: #e63946;">14</div></div>
+                    <div class="summary-item"><div class="label">Security Findings</div><div class="value" style="color: #e63946;">7</div></div>
             
                 </div>
             </section>
@@ -133,12 +133,12 @@ <h3>AI/ML Services Resources</h3>
                 new Chart(document.getElementById('savingsChart'), {
                     type: 'bar',
                     data: {
-                        labels: ["Cost Explorer", "Bedrock", "Ec2", "S3", "Sagemaker", "Ebs", "Lambda", "Rds"],
+                        labels: ["Cost Explorer", "S3", "Bedrock", "Ec2", "Rds", "Ebs"],
                         datasets: [{
                             label: 'Est. Monthly Savings ($)',
-                            data: [21532.07, 1200.0, 891.62, 505.85, 309.13, 247.76, 47.33, 42.03],
-                            backgroundColor: ["rgba(54, 162, 235, 0.8)", "rgba(255, 99, 132, 0.8)", "rgba(255, 206, 86, 0.8)", "rgba(75, 192, 192, 0.8)", "rgba(153, 102, 255, 0.8)", "rgba(255, 159, 64, 0.8)", "rgba(199, 199, 199, 0.8)", "rgba(83, 102, 255, 0.8)"],
-                            borderColor: ["rgba(54, 162, 235, 1)", "rgba(255, 99, 132, 1)", "rgba(255, 206, 86, 1)", "rgba(75, 192, 192, 1)", "rgba(153, 102, 255, 1)", "rgba(255, 159, 64, 1)", "rgba(199, 199, 199, 1)", "rgba(83, 102, 255, 1)"],
+                            data: [34328.1, 1726.73, 1200.0, 935.72, 651.22, 173.16],
+                            backgroundColor: ["rgba(54, 162, 235, 0.8)", "rgba(255, 99, 132, 0.8)", "rgba(255, 206, 86, 0.8)", "rgba(75, 192, 192, 0.8)", "rgba(153, 102, 255, 0.8)", "rgba(255, 159, 64, 0.8)"],
+                            borderColor: ["rgba(54, 162, 235, 1)", "rgba(255, 99, 132, 1)", "rgba(255, 206, 86, 1)", "rgba(75, 192, 192, 1)", "rgba(153, 102, 255, 1)", "rgba(255, 159, 64, 1)"],
                             borderWidth: 1
                         }]
                     },
@@ -228,37 +228,37 @@ <h3>AI/ML Services Resources</h3>
                         <tr>
                             <td data-label="Rank">1</td>
                             <td data-label="Resource Type">Cost Explorer</td>
-                            <td data-label="Identifier">anomaly-6552 (Amazon EC2)</td>
+                            <td data-label="Identifier">anomaly-4824 (Amazon CloudFront)</td>
                             <td data-label="Current Config">N/A</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$13848.16</td>
-                            <td data-label="Recommendation" class="recommendation">Investigate 140.0% cost increase</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$13655.30</td>
+                            <td data-label="Recommendation" class="recommendation">Investigate 149.0% cost increase</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">2</td>
                             <td data-label="Resource Type">Cost Explorer</td>
-                            <td data-label="Identifier">anomaly-2328 (Amazon EC2)</td>
+                            <td data-label="Identifier">anomaly-9896 (AWS Lambda)</td>
                             <td data-label="Current Config">N/A</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$2541.51</td>
-                            <td data-label="Recommendation" class="recommendation">Investigate 41.0% cost increase</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$12470.44</td>
+                            <td data-label="Recommendation" class="recommendation">Investigate 147.0% cost increase</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">3</td>
                             <td data-label="Resource Type">Cost Explorer</td>
-                            <td data-label="Identifier">anomaly-4036 (AWS Lambda)</td>
+                            <td data-label="Identifier">anomaly-1668 (AWS Lambda)</td>
                             <td data-label="Current Config">N/A</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$2283.17</td>
-                            <td data-label="Recommendation" class="recommendation">Investigate 64.0% cost increase</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$5810.37</td>
+                            <td data-label="Recommendation" class="recommendation">Investigate 118.0% cost increase</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">4</td>
                             <td data-label="Resource Type">Cost Explorer</td>
-                            <td data-label="Identifier">anomaly-5958 (Amazon RDS)</td>
+                            <td data-label="Identifier">anomaly-3831 (AWS Lambda)</td>
                             <td data-label="Current Config">N/A</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$1775.38</td>
-                            <td data-label="Recommendation" class="recommendation">Investigate 58.0% cost increase</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$1614.94</td>
+                            <td data-label="Recommendation" class="recommendation">Investigate 90.0% cost increase</td>
                         </tr>
             
                         <tr>
@@ -273,46 +273,46 @@ <h3>AI/ML Services Resources</h3>
                         <tr>
                             <td data-label="Rank">6</td>
                             <td data-label="Resource Type">Cost Explorer</td>
-                            <td data-label="Identifier">anomaly-9783 (Amazon RDS)</td>
+                            <td data-label="Identifier">anomaly-4959 (Amazon RDS)</td>
                             <td data-label="Current Config">N/A</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$1083.85</td>
-                            <td data-label="Recommendation" class="recommendation">Investigate 85.0% cost increase</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$777.05</td>
+                            <td data-label="Recommendation" class="recommendation">Investigate 67.0% cost increase</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">7</td>
-                            <td data-label="Resource Type">Ec2</td>
-                            <td data-label="Identifier">i-0537d818 (dev-web-01)</td>
-                            <td data-label="Current Config">t3.medium</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$394.47</td>
-                            <td data-label="Recommendation" class="recommendation">Consider stopping</td>
+                            <td data-label="Resource Type">S3</td>
+                            <td data-label="Identifier">bucket-1</td>
+                            <td data-label="Current Config">N/A</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$619.95</td>
+                            <td data-label="Recommendation" class="recommendation">Add lifecycle policy for cost optimization</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">8</td>
-                            <td data-label="Resource Type">Sagemaker</td>
-                            <td data-label="Identifier">notebook-experimentation-3 (notebook-3)</td>
-                            <td data-label="Current Config">ml.t3.medium</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$309.13</td>
-                            <td data-label="Recommendation" class="recommendation">Stop idle notebook instance</td>
+                            <td data-label="Resource Type">S3</td>
+                            <td data-label="Identifier">bucket-9</td>
+                            <td data-label="Current Config">N/A</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$463.03</td>
+                            <td data-label="Recommendation" class="recommendation">Add lifecycle policy for cost optimization</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">9</td>
-                            <td data-label="Resource Type">Ec2</td>
-                            <td data-label="Identifier">i-023f4017 (prod-api-02)</td>
-                            <td data-label="Current Config">m5.xlarge</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$216.67</td>
-                            <td data-label="Recommendation" class="recommendation">Consider stopping</td>
+                            <td data-label="Resource Type">Rds</td>
+                            <td data-label="Identifier">db-02 (database-2)</td>
+                            <td data-label="Current Config">db.m5.large</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$300.50</td>
+                            <td data-label="Recommendation" class="recommendation">Consider downsizing instance class</td>
                         </tr>
             
                         <tr>
                             <td data-label="Rank">10</td>
-                            <td data-label="Resource Type">S3</td>
-                            <td data-label="Identifier">bucket-3</td>
-                            <td data-label="Current Config">N/A</td>
-                            <td data-label="Est. Monthly Savings" class="savings">$212.01</td>
-                            <td data-label="Recommendation" class="recommendation">Add lifecycle policy for cost optimization</td>
+                            <td data-label="Resource Type">Rds</td>
+                            <td data-label="Identifier">db-08 (database-8)</td>
+                            <td data-label="Current Config">db.m5.xlarge</td>
+                            <td data-label="Est. Monthly Savings" class="savings">$283.82</td>
+                            <td data-label="Recommendation" class="recommendation">Consider downsizing instance class</td>
                         </tr>
             </tbody>
                   </table>
@@ -326,7 +326,7 @@ <h2>Table of Contents</h2>
         <li><a href="#top-savings">Top 10 Savings Opportunities</a></li><li><a href="#ec2-section">Ec2 (15)</a></li><li><a href="#ebs-section">Ebs (12)</a></li><li><a href="#s3-section">S3 (10)</a></li><li><a href="#rds-section">Rds (8)</a></li><li><a href="#sagemaker-section">SageMaker Analysis (5)</a></li><li><a href="#lambda-section">Lambda Analysis (10)</a></li><li><a href="#bedrock-section">Bedrock (1)</a></li><li><a href="#cost-explorer-section">Cost Explorer (5)</a></li><li><a href="#eks-deployments-section">Eks Deployments (5)</a></li><li><a href="#eks-sessions-section">Eks Sessions (6)</a></li><li><a href="#rto-analysis-section">Rto Analysis (7)</a></li>
                 </ul>
             </section>
-        <section class="resource-section" id="ec2-section"><details open><summary><h2>Ec2 (15 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Instance ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Current Type</th><th>Recommended Type</th><th>OS</th><th>CPU Utilization (%)</th><th>Network I/O (MB/s)</th><th>Status</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class="unused"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-00d8b28f</td><td data-label="Name">dev-web-01</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">t3.medium</td><td data-label="Recommended Type">t3.micro</td><td data-label="OS">Ubuntu 22.04</td><td data-label="CPU Utilization (%)">45.50%</td><td data-label="Network I/O (MB/s)">93.2</td><td data-label="Status">Idle</td><td data-label="Recommendation">Consider stopping</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$394.47</span></td></tr><tr class="unused"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-035609e7</td><td data-label="Name">prod-api-02</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">m5.xlarge</td><td data-label="Recommended Type">m6g.medium</td><td data-label="OS">Ubuntu 22.04</td><td data-label="CPU Utilization (%)">8.00%</td><td data-label="Network I/O (MB/s)">14.7</td><td data-label="Status">Idle</td><td data-label="Recommendation">Consider stopping</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$216.67</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-03358932</td><td data-label="Name">prod-worker-03</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">m5.xlarge</td><td data-label="Recommended Type">m5.xlarge</td><td data-label="OS">Ubuntu 22.04</td><td data-label="CPU Utilization (%)">18.50%</td><td data-label="Network I/O (MB/s)">8.8</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class="oversized"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-02ad82a3</td><td data-label="Name">dev-worker-04</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Current Type">c5.xlarge</td><td data-label="Recommended Type">t3.micro</td><td data-label="OS">Windows Server 2022</td><td data-label="CPU Utilization (%)">32.50%</td><td data-label="Network I/O (MB/s)">7.4</td><td data-label="Status">Oversized</td><td data-label="Recommendation">Consider downsizing</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$112.28</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01114819</td><td data-label="Name">prod-api-05</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">t3.small</td><td data-label="Recommended Type">t3.small</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">58.90%</td><td data-label="Network I/O (MB/s)">43.5</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-02d29aa0</td><td data-label="Name">dev-api-06</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">r5.xlarge</td><td data-label="Recommended Type">r5.xlarge</td><td data-label="OS">Windows Server 2022</td><td data-label="CPU Utilization (%)">36.90%</td><td data-label="Network I/O (MB/s)">52.1</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-015221cd</td><td data-label="Name">staging-web-07</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">m5.xlarge</td><td data-label="Recommended Type">m5.xlarge</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">71.10%</td><td data-label="Network I/O (MB/s)">41.9</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class="unused"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-04abd119</td><td data-label="Name">prod-db-08</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">m5.large</td><td data-label="Recommended Type">m6g.large</td><td data-label="OS">Ubuntu 22.04</td><td data-label="CPU Utilization (%)">8.80%</td><td data-label="Network I/O (MB/s)">46.9</td><td data-label="Status">Idle</td><td data-label="Recommendation">Consider stopping</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$168.20</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-05f074be</td><td data-label="Name">prod-api-09</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">t3.small</td><td data-label="Recommended Type">t3.small</td><td data-label="OS">Amazon Linux 2</td><td data-label="CPU Utilization (%)">42.90%</td><td data-label="Network I/O (MB/s)">74.5</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-04923c56</td><td data-label="Name">prod-api-10</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">ml-team</td><td data-label="Current Type">t3.small</td><td data-label="Recommended Type">t3.small</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">22.50%</td><td data-label="Network I/O (MB/s)">121.2</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-03103acd</td><td data-label="Name">staging-worker-11</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Current Type">r5.xlarge</td><td data-label="Recommended Type">r5.xlarge</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">16.60%</td><td data-label="Network I/O (MB/s)">70.3</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-0407a0de</td><td data-label="Name">dev-db-12</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">r5.large</td><td data-label="Recommended Type">r5.large</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">26.30%</td><td data-label="Network I/O (MB/s)">80.8</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-00b3ab99</td><td data-label="Name">dev-worker-13</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">r5.large</td><td data-label="Recommended Type">r5.large</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">73.60%</td><td data-label="Network I/O (MB/s)">44.0</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01d666b1</td><td data-label="Name">dev-api-14</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">t3.micro</td><td data-label="Recommended Type">t3.micro</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">27.60%</td><td data-label="Network I/O (MB/s)">17.9</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01068c9a</td><td data-label="Name">dev-db-15</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">t3.medium</td><td data-label="Recommended Type">t3.medium</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">53.80%</td><td data-label="Network I/O (MB/s)">89.8</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="ebs-section"><details open><summary><h2>Ebs (12 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Volume ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Current Type</th><th>Size (GB)</th><th>IOPS</th><th>Throughput (MB/s)</th><th>Attached Instance</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-031e9a90</td><td data-label="Name">volume-temp-1</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">gp3</td><td data-label="Size (GB)">1748</td><td data-label="IOPS">3102</td><td data-label="Throughput (MB/s)">405</td><td data-label="Attached Instance">i-01f825df</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-04d839c3</td><td data-label="Name">volume-data-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">gp2</td><td data-label="Size (GB)">956</td><td data-label="IOPS">790</td><td data-label="Throughput (MB/s)">161</td><td data-label="Attached Instance">i-01ffeabb</td><td data-label="Recommendation">Migrate to gp3</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$19.12</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-05ecdf46</td><td data-label="Name">volume-temp-3</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">st1</td><td data-label="Size (GB)">1416</td><td data-label="IOPS">1375</td><td data-label="Throughput (MB/s)">65</td><td data-label="Attached Instance">i-04d2a439</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-03764972</td><td data-label="Name">volume-temp-4</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">st1</td><td data-label="Size (GB)">1172</td><td data-label="IOPS">2510</td><td data-label="Throughput (MB/s)">154</td><td data-label="Attached Instance">i-05cd53d3</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-040d127a</td><td data-label="Name">volume-backup-5</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">io1</td><td data-label="Size (GB)">1202</td><td data-label="IOPS">7267</td><td data-label="Throughput (MB/s)">130</td><td data-label="Attached Instance">i-029eb240</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-04daf759</td><td data-label="Name">volume-backup-6</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">sc1</td><td data-label="Size (GB)">1278</td><td data-label="IOPS">2148</td><td data-label="Throughput (MB/s)">158</td><td data-label="Attached Instance">N/A</td><td data-label="Recommendation">Delete or snapshot unattached volume</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$102.24</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-049a3f47</td><td data-label="Name">volume-data-7</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">gp2</td><td data-label="Size (GB)">604</td><td data-label="IOPS">1847</td><td data-label="Throughput (MB/s)">64</td><td data-label="Attached Instance">i-02840dd9</td><td data-label="Recommendation">Migrate to gp3</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$12.08</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-020a341c</td><td data-label="Name">volume-temp-8</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">sc1</td><td data-label="Size (GB)">191</td><td data-label="IOPS">1418</td><td data-label="Throughput (MB/s)">136</td><td data-label="Attached Instance">i-026f333f</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-05229e60</td><td data-label="Name">volume-data-9</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">io1</td><td data-label="Size (GB)">1500</td><td data-label="IOPS">14110</td><td data-label="Throughput (MB/s)">189</td><td data-label="Attached Instance">i-04fc40d0</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-011417cb</td><td data-label="Name">volume-temp-10</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">io2</td><td data-label="Size (GB)">1429</td><td data-label="IOPS">4546</td><td data-label="Throughput (MB/s)">208</td><td data-label="Attached Instance">N/A</td><td data-label="Recommendation">Delete or snapshot unattached volume</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$114.32</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-00de0275</td><td data-label="Name">volume-temp-11</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">io1</td><td data-label="Size (GB)">1599</td><td data-label="IOPS">14538</td><td data-label="Throughput (MB/s)">55</td><td data-label="Attached Instance">i-03d7b010</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0176441a</td><td data-label="Name">volume-root-12</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">sc1</td><td data-label="Size (GB)">1221</td><td data-label="IOPS">386</td><td data-label="Throughput (MB/s)">170</td><td data-label="Attached Instance">i-0135cdc5</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="s3-section"><details open><summary><h2>S3 (10 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Bucket Name</th><th>Region</th><th>Nike Owner</th><th>Storage (GB)</th><th>Lifecycle Policy</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-logs-5399</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">43485</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-static-assets-9432</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Storage (GB)">24597</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-temp-9053</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">15363</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$212.01</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-backups-5866</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Storage (GB)">8898</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$122.79</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">dev-archives-3333</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">17386</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-backups-1289</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">43061</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-temp-8289</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">17821</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">dev-archives-4799</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">22562</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">staging-backups-5279</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Storage (GB)">14901</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-data-lake-9344</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">12395</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$171.05</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="rds-section"><details open><summary><h2>Rds (8 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>DB Instance</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Current Type</th><th>Storage (GB)</th><th>CPU Utilization (%)</th><th>Connections</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-replica-01</td><td data-label="Name">database-1</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">db.t3.medium</td><td data-label="Storage (GB)">345</td><td data-label="CPU Utilization (%)">47.00%</td><td data-label="Connections">301</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-staging-main-02</td><td data-label="Name">database-2</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">db.t3.small</td><td data-label="Storage (GB)">49</td><td data-label="CPU Utilization (%)">71.20%</td><td data-label="Connections">385</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-replica-03</td><td data-label="Name">database-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">analytics-team</td><td data-label="Current Type">db.r5.xlarge</td><td data-label="Storage (GB)">600</td><td data-label="CPU Utilization (%)">35.50%</td><td data-label="Connections">169</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-analytics-04</td><td data-label="Name">database-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">db.r5.large</td><td data-label="Storage (GB)">257</td><td data-label="CPU Utilization (%)">49.60%</td><td data-label="Connections">52</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-analytics-05</td><td data-label="Name">database-5</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">analytics-team</td><td data-label="Current Type">db.m5.xlarge</td><td data-label="Storage (GB)">207</td><td data-label="CPU Utilization (%)">49.40%</td><td data-label="Connections">260</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-analytics-06</td><td data-label="Name">database-6</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">db.t3.micro</td><td data-label="Storage (GB)">552</td><td data-label="CPU Utilization (%)">56.90%</td><td data-label="Connections">178</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-main-07</td><td data-label="Name">database-7</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">db.t3.micro</td><td data-label="Storage (GB)">663</td><td data-label="CPU Utilization (%)">17.60%</td><td data-label="Connections">223</td><td data-label="Recommendation">Consider downsizing instance class</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$42.03</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-analytics-08</td><td data-label="Name">database-8</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">db.t3.medium</td><td data-label="Storage (GB)">444</td><td data-label="CPU Utilization (%)">33.50%</td><td data-label="Connections">336</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="sagemaker-section"><details open><summary><h2>SageMaker Analysis (5 findings)</h2></summary><div class="details-content"><p>Analysis of SageMaker endpoint and notebook instance usage.</p><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ARN</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Type</th><th>Status</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/notebook-data-science-1</td><td data-label="Name">notebook-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Notebook Instance</td><td data-label="Status">Idle</td><td data-label="Recommendation">Stop idle notebook instance</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/notebook-data-science-2</td><td data-label="Name">notebook-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Notebook Instance</td><td data-label="Status">Idle</td><td data-label="Recommendation">Stop idle notebook instance</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/notebook-experimentation-3</td><td data-label="Name">notebook-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Notebook Instance</td><td data-label="Status">Idle</td><td data-label="Recommendation">Stop idle notebook instance</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$309.13</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:endpoint/endpoint-prediction-1</td><td data-label="Name">endpoint-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Inference Endpoint</td><td data-label="Status">Active</td><td data-label="Recommendation">Well utilized endpoint</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:endpoint/endpoint-inference-2</td><td data-label="Name">endpoint-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Inference Endpoint</td><td data-label="Status">Active</td><td data-label="Recommendation">Well utilized endpoint</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="lambda-section"><details open><summary><h2>Lambda Analysis (10 findings)</h2></summary><div class="details-content"><p>Analysis of Lambda function configurations and usage.</p><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Function Name</th><th>Region</th><th>Nike Owner</th><th>Runtime</th><th>Memory Size (MB)</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-worker-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Runtime">java17</td><td data-label="Memory Size (MB)">1024</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-handler-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Runtime">go1.x</td><td data-label="Memory Size (MB)">512</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-processor-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Runtime">go1.x</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-api-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Runtime">nodejs18.x</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-handler-5</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Runtime">python3.9</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-handler-6</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Runtime">python3.9</td><td data-label="Memory Size (MB)">128</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-handler-7</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Runtime">java17</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">Reduce memory allocation</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$47.33</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-processor-8</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Runtime">nodejs20.x</td><td data-label="Memory Size (MB)">512</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-api-9</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Runtime">python3.9</td><td data-label="Memory Size (MB)">512</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-api-10</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Runtime">nodejs18.x</td><td data-label="Memory Size (MB)">512</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="bedrock-section"><details open><summary><h2>Bedrock (1 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">pt-claude-instant-prod</td><td data-label="Name">Claude Instant Production</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Consider on-demand pricing for variable workloads</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$1,200.00</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="cost-explorer-section"><details open><summary><h2>Cost Explorer (5 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-4036</td><td data-label="Name">AWS Lambda</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 64.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$2,283.17</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-5958</td><td data-label="Name">Amazon RDS</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 58.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$1,775.38</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-6552</td><td data-label="Name">Amazon EC2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 140.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$13,848.16</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-9783</td><td data-label="Name">Amazon RDS</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 85.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$1,083.85</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-2328</td><td data-label="Name">Amazon EC2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 41.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$2,541.51</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="eks-deployments-section"><details open><summary><h2>Eks Deployments (5 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">prod-frontend</td><td data-label="Name">frontend</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">frontend-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Deployment healthy</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">prod-backend-api</td><td data-label="Name">backend-api</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate restart issues</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">prod-worker</td><td data-label="Name">worker</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Deployment healthy</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">staging-scheduler</td><td data-label="Name">scheduler</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">frontend-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review and update stale deployment</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">staging-gateway</td><td data-label="Name">gateway</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate restart issues</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="eks-sessions-section"><details open><summary><h2>Eks Sessions (6 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-313248</td><td data-label="Name">staging-cluster-session-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-800338</td><td data-label="Name">dev-cluster-session-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-228980</td><td data-label="Name">staging-cluster-session-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-256279</td><td data-label="Name">prod-cluster-session-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Normal session activity</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-127425</td><td data-label="Name">dev-cluster-session-5</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-559543</td><td data-label="Name">prod-cluster-session-6</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="rto-analysis-section"><details open><summary><h2>Rto Analysis (7 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-prod-1</td><td data-label="Name">database-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region backup for disaster recovery</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-staging-2</td><td data-label="Name">database-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region backup for disaster recovery</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-staging-3</td><td data-label="Name">database-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Backup configuration adequate</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-staging-4</td><td data-label="Name">database-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Backup configuration adequate</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">bucket-critical-1</td><td data-label="Name">critical-data-bucket-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region replication for critical data</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">bucket-critical-2</td><td data-label="Name">critical-data-bucket-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region replication for critical data</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">bucket-critical-3</td><td data-label="Name">critical-data-bucket-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Replication configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section>
+        <section class="resource-section" id="ec2-section"><details open><summary><h2>Ec2 (15 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Instance ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Current Type</th><th>Recommended Type</th><th>OS</th><th>CPU Utilization (%)</th><th>Network I/O (MB/s)</th><th>Status</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class="unused"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-05ccc9f5</td><td data-label="Name">staging-web-01</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">t3.micro</td><td data-label="Recommended Type">t3.micro</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">49.00%</td><td data-label="Network I/O (MB/s)">140.6</td><td data-label="Status">Idle</td><td data-label="Recommendation">Consider stopping</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$272.93</span></td></tr><tr class="oversized"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01fd98ff</td><td data-label="Name">staging-worker-02</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">m5.2xlarge</td><td data-label="Recommended Type">m6g.medium</td><td data-label="OS">Ubuntu 22.04</td><td data-label="CPU Utilization (%)">44.00%</td><td data-label="Network I/O (MB/s)">5.8</td><td data-label="Status">Oversized</td><td data-label="Recommendation">Consider downsizing</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$64.61</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-051abe56</td><td data-label="Name">dev-worker-03</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">ml-team</td><td data-label="Current Type">r5.large</td><td data-label="Recommended Type">r5.large</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">52.20%</td><td data-label="Network I/O (MB/s)">119.9</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-03a46139</td><td data-label="Name">staging-web-04</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">t3.medium</td><td data-label="Recommended Type">t3.medium</td><td data-label="OS">Amazon Linux 2</td><td data-label="CPU Utilization (%)">63.60%</td><td data-label="Network I/O (MB/s)">32.6</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-047c5b8a</td><td data-label="Name">prod-web-05</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Current Type">c5.xlarge</td><td data-label="Recommended Type">c5.xlarge</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">51.00%</td><td data-label="Network I/O (MB/s)">12.1</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class="oversized"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01a0376f</td><td data-label="Name">staging-web-06</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">r5.xlarge</td><td data-label="Recommended Type">m6g.medium</td><td data-label="OS">Ubuntu 22.04</td><td data-label="CPU Utilization (%)">47.40%</td><td data-label="Network I/O (MB/s)">94.8</td><td data-label="Status">Oversized</td><td data-label="Recommendation">Consider downsizing</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$238.02</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01909d74</td><td data-label="Name">dev-db-07</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">t3.medium</td><td data-label="Recommended Type">t3.medium</td><td data-label="OS">Windows Server 2022</td><td data-label="CPU Utilization (%)">27.10%</td><td data-label="Network I/O (MB/s)">52.8</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-052aa331</td><td data-label="Name">prod-db-08</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Current Type">r5.large</td><td data-label="Recommended Type">r5.large</td><td data-label="OS">Windows Server 2022</td><td data-label="CPU Utilization (%)">67.60%</td><td data-label="Network I/O (MB/s)">148.6</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class="unused"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-04554860</td><td data-label="Name">dev-api-09</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">r5.large</td><td data-label="Recommended Type">t3.micro</td><td data-label="OS">Amazon Linux 2023</td><td data-label="CPU Utilization (%)">39.30%</td><td data-label="Network I/O (MB/s)">44.9</td><td data-label="Status">Idle</td><td data-label="Recommendation">Consider stopping</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$109.09</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-01080c94</td><td data-label="Name">staging-web-10</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">t3.small</td><td data-label="Recommended Type">t3.small</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">35.90%</td><td data-label="Network I/O (MB/s)">48.7</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-04bbd4db</td><td data-label="Name">staging-api-11</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">t3.small</td><td data-label="Recommended Type">t3.small</td><td data-label="OS">Amazon Linux 2</td><td data-label="CPU Utilization (%)">35.10%</td><td data-label="Network I/O (MB/s)">129.2</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-039b338c</td><td data-label="Name">staging-api-12</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">c5.xlarge</td><td data-label="Recommended Type">c5.xlarge</td><td data-label="OS">Windows Server 2022</td><td data-label="CPU Utilization (%)">83.20%</td><td data-label="Network I/O (MB/s)">34.8</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-031d88d1</td><td data-label="Name">staging-worker-13</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">t3.micro</td><td data-label="Recommended Type">t3.micro</td><td data-label="OS">Amazon Linux 2</td><td data-label="CPU Utilization (%)">61.80%</td><td data-label="Network I/O (MB/s)">103.4</td><td data-label="Status">Active</td><td data-label="Recommendation">Consider no action needed</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class="oversized"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-03731fd9</td><td data-label="Name">staging-db-14</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">r5.xlarge</td><td data-label="Recommended Type">t4g.small</td><td data-label="OS">Windows Server 2022</td><td data-label="CPU Utilization (%)">22.00%</td><td data-label="Network I/O (MB/s)">14.0</td><td data-label="Status">Oversized</td><td data-label="Recommendation">Consider downsizing</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$235.76</span></td></tr><tr class="oversized"><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Instance ID">i-025744ed</td><td data-label="Name">dev-web-15</td><td data-label="Region">eu-west-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">t3.micro</td><td data-label="Recommended Type">t3.small</td><td data-label="OS">RHEL 8</td><td data-label="CPU Utilization (%)">21.80%</td><td data-label="Network I/O (MB/s)">70.9</td><td data-label="Status">Oversized</td><td data-label="Recommendation">Consider downsizing</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$15.31</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="ebs-section"><details open><summary><h2>Ebs (12 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Volume ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Current Type</th><th>Size (GB)</th><th>IOPS</th><th>Throughput (MB/s)</th><th>Attached Instance</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-02ad15cf</td><td data-label="Name">volume-root-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">io2</td><td data-label="Size (GB)">1225</td><td data-label="IOPS">5910</td><td data-label="Throughput (MB/s)">94</td><td data-label="Attached Instance">i-03c803a1</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0417fbb2</td><td data-label="Name">volume-root-2</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">gp2</td><td data-label="Size (GB)">1424</td><td data-label="IOPS">2463</td><td data-label="Throughput (MB/s)">117</td><td data-label="Attached Instance">i-00d4c346</td><td data-label="Recommendation">Migrate to gp3</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$28.48</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0191d7c9</td><td data-label="Name">volume-root-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">st1</td><td data-label="Size (GB)">1389</td><td data-label="IOPS">1618</td><td data-label="Throughput (MB/s)">66</td><td data-label="Attached Instance">i-055b3aa1</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0521889a</td><td data-label="Name">volume-data-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">sc1</td><td data-label="Size (GB)">352</td><td data-label="IOPS">1535</td><td data-label="Throughput (MB/s)">122</td><td data-label="Attached Instance">i-037f4d9b</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-053033c3</td><td data-label="Name">volume-root-5</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Current Type">st1</td><td data-label="Size (GB)">1367</td><td data-label="IOPS">1109</td><td data-label="Throughput (MB/s)">108</td><td data-label="Attached Instance">i-020c4dd9</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0548307b</td><td data-label="Name">volume-temp-6</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">st1</td><td data-label="Size (GB)">1365</td><td data-label="IOPS">937</td><td data-label="Throughput (MB/s)">196</td><td data-label="Attached Instance">N/A</td><td data-label="Recommendation">Delete or snapshot unattached volume</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$109.20</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-02fbe12c</td><td data-label="Name">volume-root-7</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">sc1</td><td data-label="Size (GB)">1286</td><td data-label="IOPS">2386</td><td data-label="Throughput (MB/s)">59</td><td data-label="Attached Instance">i-015df5ec</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-02da8aec</td><td data-label="Name">volume-root-8</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">gp3</td><td data-label="Size (GB)">1836</td><td data-label="IOPS">15116</td><td data-label="Throughput (MB/s)">698</td><td data-label="Attached Instance">i-012a8234</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-056afc99</td><td data-label="Name">volume-root-9</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">io1</td><td data-label="Size (GB)">1688</td><td data-label="IOPS">7609</td><td data-label="Throughput (MB/s)">102</td><td data-label="Attached Instance">i-050d88b4</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0269e76b</td><td data-label="Name">volume-temp-10</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">st1</td><td data-label="Size (GB)">1761</td><td data-label="IOPS">1164</td><td data-label="Throughput (MB/s)">190</td><td data-label="Attached Instance">i-01cb717f</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0234d36d</td><td data-label="Name">volume-root-11</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">gp2</td><td data-label="Size (GB)">1774</td><td data-label="IOPS">330</td><td data-label="Throughput (MB/s)">64</td><td data-label="Attached Instance">i-046e6554</td><td data-label="Recommendation">Migrate to gp3</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$35.48</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Volume ID">vol-0260f3fe</td><td data-label="Name">volume-root-12</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">io1</td><td data-label="Size (GB)">1332</td><td data-label="IOPS">4185</td><td data-label="Throughput (MB/s)">130</td><td data-label="Attached Instance">i-01716cc1</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="s3-section"><details open><summary><h2>S3 (10 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Bucket Name</th><th>Region</th><th>Nike Owner</th><th>Storage (GB)</th><th>Lifecycle Policy</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-logs-9042</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">44924</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$619.95</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">staging-logs-5527</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">10085</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">dev-backups-3195</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Storage (GB)">14868</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$205.18</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">staging-data-lake-5073</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Storage (GB)">44515</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">staging-backups-3439</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">13780</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$190.16</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">dev-data-lake-8964</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Storage (GB)">10180</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">dev-backups-6708</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Storage (GB)">7966</td><td data-label="Lifecycle Policy">Configured</td><td data-label="Recommendation">Well configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">staging-logs-1923</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">177</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-archives-6395</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">33553</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$463.03</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Bucket Name">prod-archives-4338</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Storage (GB)">18001</td><td data-label="Lifecycle Policy">Not Configured</td><td data-label="Recommendation">Add lifecycle policy for cost optimization</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$248.41</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="rds-section"><details open><summary><h2>Rds (8 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>DB Instance</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Current Type</th><th>Storage (GB)</th><th>CPU Utilization (%)</th><th>Connections</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-analytics-01</td><td data-label="Name">database-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">db.t3.small</td><td data-label="Storage (GB)">165</td><td data-label="CPU Utilization (%)">46.70%</td><td data-label="Connections">355</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-analytics-02</td><td data-label="Name">database-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">db.m5.large</td><td data-label="Storage (GB)">653</td><td data-label="CPU Utilization (%)">26.40%</td><td data-label="Connections">379</td><td data-label="Recommendation">Consider downsizing instance class</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$300.50</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-main-03</td><td data-label="Name">database-3</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">db.t3.micro</td><td data-label="Storage (GB)">166</td><td data-label="CPU Utilization (%)">15.90%</td><td data-label="Connections">10</td><td data-label="Recommendation">Consider downsizing instance class</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$66.90</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-replica-04</td><td data-label="Name">database-4</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">data-team</td><td data-label="Current Type">db.t3.small</td><td data-label="Storage (GB)">322</td><td data-label="CPU Utilization (%)">35.10%</td><td data-label="Connections">209</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-dev-replica-05</td><td data-label="Name">database-5</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">db.r5.large</td><td data-label="Storage (GB)">152</td><td data-label="CPU Utilization (%)">37.90%</td><td data-label="Connections">374</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-replica-06</td><td data-label="Name">database-6</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Current Type">db.t3.medium</td><td data-label="Storage (GB)">332</td><td data-label="CPU Utilization (%)">47.00%</td><td data-label="Connections">419</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-prod-analytics-07</td><td data-label="Name">database-7</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">analytics-team</td><td data-label="Current Type">db.m5.xlarge</td><td data-label="Storage (GB)">908</td><td data-label="CPU Utilization (%)">55.90%</td><td data-label="Connections">243</td><td data-label="Recommendation">Well utilized</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="DB Instance">db-staging-main-08</td><td data-label="Name">database-8</td><td data-label="Region">us-west-2</td><td data-label="Nike Owner">backend-team</td><td data-label="Current Type">db.m5.xlarge</td><td data-label="Storage (GB)">75</td><td data-label="CPU Utilization (%)">13.70%</td><td data-label="Connections">41</td><td data-label="Recommendation">Consider downsizing instance class</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$283.82</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="sagemaker-section"><details open><summary><h2>SageMaker Analysis (5 findings)</h2></summary><div class="details-content"><p>Analysis of SageMaker endpoint and notebook instance usage.</p><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ARN</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Type</th><th>Status</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/notebook-data-science-1</td><td data-label="Name">notebook-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Notebook Instance</td><td data-label="Status">Idle</td><td data-label="Recommendation">Stop idle notebook instance</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/notebook-experimentation-2</td><td data-label="Name">notebook-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Notebook Instance</td><td data-label="Status">In Use</td><td data-label="Recommendation">Active notebook</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:notebook-instance/notebook-ml-training-3</td><td data-label="Name">notebook-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Notebook Instance</td><td data-label="Status">Idle</td><td data-label="Recommendation">Stop idle notebook instance</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:endpoint/endpoint-inference-1</td><td data-label="Name">endpoint-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Inference Endpoint</td><td data-label="Status">Active</td><td data-label="Recommendation">Well utilized endpoint</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ARN">arn:aws:sagemaker:us-east-1:123456789012:endpoint/endpoint-inference-2</td><td data-label="Name">endpoint-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Type">Inference Endpoint</td><td data-label="Status">Active</td><td data-label="Recommendation">Well utilized endpoint</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="lambda-section"><details open><summary><h2>Lambda Analysis (10 findings)</h2></summary><div class="details-content"><p>Analysis of Lambda function configurations and usage.</p><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Function Name</th><th>Region</th><th>Nike Owner</th><th>Runtime</th><th>Memory Size (MB)</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-processor-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Runtime">python3.9</td><td data-label="Memory Size (MB)">512</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-api-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Runtime">go1.x</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-worker-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Runtime">python3.11</td><td data-label="Memory Size (MB)">256</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-api-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Runtime">python3.9</td><td data-label="Memory Size (MB)">512</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-worker-5</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Runtime">nodejs20.x</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-api-6</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Runtime">nodejs20.x</td><td data-label="Memory Size (MB)">3072</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-processor-7</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Runtime">python3.11</td><td data-label="Memory Size (MB)">1024</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-worker-8</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Runtime">nodejs18.x</td><td data-label="Memory Size (MB)">2048</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">dev-api-9</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Runtime">java17</td><td data-label="Memory Size (MB)">128</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Function Name">prod-processor-10</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Runtime">python3.9</td><td data-label="Memory Size (MB)">128</td><td data-label="Recommendation">OK</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="bedrock-section"><details open><summary><h2>Bedrock (1 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">pt-claude-instant-prod</td><td data-label="Name">Claude Instant Production</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">ml-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Consider on-demand pricing for variable workloads</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$1,200.00</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="cost-explorer-section"><details open><summary><h2>Cost Explorer (5 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-4824</td><td data-label="Name">Amazon CloudFront</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 149.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$13,655.30</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-3831</td><td data-label="Name">AWS Lambda</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 90.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$1,614.94</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-1668</td><td data-label="Name">AWS Lambda</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 118.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$5,810.37</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-9896</td><td data-label="Name">AWS Lambda</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 147.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$12,470.44</span></td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">anomaly-4959</td><td data-label="Name">Amazon RDS</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">finops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate 67.0% cost increase</td><td data-label="Est. Monthly Savings"><span class="savings-positive">$777.05</span></td></tr></tbody></table></div></details></section><section class="resource-section" id="eks-deployments-section"><details open><summary><h2>Eks Deployments (5 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">prod-frontend</td><td data-label="Name">frontend</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate restart issues</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">prod-backend-api</td><td data-label="Name">backend-api</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">frontend-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review and update stale deployment</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">prod-worker</td><td data-label="Name">worker</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review and update stale deployment</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">staging-scheduler</td><td data-label="Name">scheduler</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate restart issues</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">staging-gateway</td><td data-label="Name">gateway</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Investigate restart issues</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="eks-sessions-section"><details open><summary><h2>Eks Sessions (6 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-331296</td><td data-label="Name">dev-cluster-session-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Normal session activity</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-193012</td><td data-label="Name">prod-cluster-session-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-726157</td><td data-label="Name">prod-cluster-session-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-905983</td><td data-label="Name">prod-cluster-session-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Normal session activity</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-193882</td><td data-label="Name">staging-cluster-session-5</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Normal session activity</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">session-851597</td><td data-label="Name">prod-cluster-session-6</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Review long-running session for security</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section><section class="resource-section" id="rto-analysis-section"><details open><summary><h2>Rto Analysis (7 findings)</h2></summary><div class="details-content"><table><thead><tr><th>Account ID</th><th>Account Alias</th><th>Resource ID</th><th>Name</th><th>Region</th><th>Nike Owner</th><th>Details</th><th>Recommendation</th><th>Est. Monthly Savings</th></tr></thead><tbody><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-staging-1</td><td data-label="Name">database-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">platform-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region backup for disaster recovery</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-staging-2</td><td data-label="Name">database-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Backup configuration adequate</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-prod-3</td><td data-label="Name">database-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">backend-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region backup for disaster recovery</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">db-prod-4</td><td data-label="Name">database-4</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Backup configuration adequate</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">bucket-critical-1</td><td data-label="Name">critical-data-bucket-1</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region replication for critical data</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">bucket-critical-2</td><td data-label="Name">critical-data-bucket-2</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">data-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Replication configured</td><td data-label="Est. Monthly Savings">$0.00</td></tr><tr class=""><td data-label="Account ID">123456789012</td><td data-label="Account Alias">simulated-account</td><td data-label="Resource ID">bucket-critical-3</td><td data-label="Name">critical-data-bucket-3</td><td data-label="Region">us-east-1</td><td data-label="Nike Owner">devops-team</td><td data-label="Details">N/A</td><td data-label="Recommendation">Enable cross-region replication for critical data</td><td data-label="Est. Monthly Savings">$0.00</td></tr></tbody></table></div></details></section>
             <section class="resource-section" id="cw-agent-info">
                 <details>
                     <summary><h2>CloudWatch Agent Information</h2></summary>
@@ -351,7 +351,7 @@ <h4>Installation:</h4>
         
             <section class="security-section">
                 <details>
-                    <summary><h2>Security Findings (14 findings)</h2></summary>
+                    <summary><h2>Security Findings (7 findings)</h2></summary>
                     <div class="details-content">
                         <p>Review the security findings identified during the analysis. Detailed findings are listed under the 'Security and Privacy' section if available.</p>
                     </div>
@@ -362,7 +362,7 @@ <h4>Installation:</h4>
             </div> <!-- Close container -->
             <footer class="footer">
                 <p>&copy; 2026 Dedo Duro AWS Analyzer. All rights reserved.</p>
-                <p>Report generated on: 2026-01-26 18:50:06 UTC</p>
+                <p>Report generated on: 2026-01-26 19:10:33 UTC</p>
             </footer>
             <script>
                 // Smooth scroll for ToC links
diff --git a/docs/kubernetes_permissions.md b/docs/kubernetes_permissions.md
index 2c6443b..788412b 100644
--- a/docs/kubernetes_permissions.md
+++ b/docs/kubernetes_permissions.md
@@ -1,19 +1,18 @@
-# Kubernetes/EKS Permissions Guide
+# Kubernetes (EKS) Permissions Guide
 
-This document outlines the required IAM and Kubernetes RBAC permissions for Dedo-Duro to analyze Amazon EKS clusters.
+This document details the IAM and Kubernetes RBAC permissions required for Dedo-Duro's EKS monitoring features.
 
 ## Overview
 
-Dedo-Duro's EKS analyzers require both AWS IAM permissions and Kubernetes RBAC permissions to analyze:
-- EKS cluster configurations
-- Active kubectl sessions
-- Deployment lifecycle and health
-- Pod restart patterns
-- Resource utilization
+Dedo-Duro v12.0+ includes EKS monitoring capabilities:
+- **EKS Session Analyzer**: Monitors active kubectl and SSM sessions
+- **EKS Deployment Lifecycle**: Tracks deployment health and update patterns
+
+---
 
 ## AWS IAM Permissions
 
-### Minimum Required IAM Policy
+### Minimum Required Permissions
 
 ```json
 {
@@ -29,38 +28,42 @@ Dedo-Duro's EKS analyzers require both AWS IAM permissions and Kubernetes RBAC p
                 "eks:DescribeNodegroup",
                 "eks:ListFargateProfiles",
                 "eks:DescribeFargateProfile",
+                "eks:ListUpdates",
+                "eks:DescribeUpdate",
                 "eks:ListAddons",
-                "eks:DescribeAddon",
-                "eks:ListIdentityProviderConfigs",
-                "eks:DescribeIdentityProviderConfig"
+                "eks:DescribeAddon"
             ],
             "Resource": "*"
         },
         {
-            "Sid": "EKSSessionAccess",
+            "Sid": "SSMSessionAccess",
             "Effect": "Allow",
             "Action": [
                 "ssm:DescribeSessions",
-                "ssm:GetConnectionStatus"
+                "ssm:GetConnectionStatus",
+                "ssm:DescribeInstanceInformation"
             ],
             "Resource": "*"
         },
         {
-            "Sid": "CloudWatchMetrics",
+            "Sid": "CloudWatchLogsAccess",
             "Effect": "Allow",
             "Action": [
-                "cloudwatch:GetMetricStatistics",
-                "cloudwatch:GetMetricData",
-                "cloudwatch:ListMetrics"
+                "logs:DescribeLogGroups",
+                "logs:DescribeLogStreams",
+                "logs:GetLogEvents",
+                "logs:FilterLogEvents"
             ],
-            "Resource": "*"
+            "Resource": [
+                "arn:aws:logs:*:*:log-group:/aws/eks/*",
+                "arn:aws:logs:*:*:log-group:/aws/containerinsights/*"
+            ]
         },
         {
-            "Sid": "EC2ForNodegroups",
+            "Sid": "CloudTrailAccess",
             "Effect": "Allow",
             "Action": [
-                "ec2:DescribeInstances",
-                "autoscaling:DescribeAutoScalingGroups"
+                "cloudtrail:LookupEvents"
             ],
             "Resource": "*"
         }
@@ -68,21 +71,87 @@ Dedo-Duro's EKS analyzers require both AWS IAM permissions and Kubernetes RBAC p
 }
 ```
 
-### Session Monitoring Additional Permissions
+### Full Permissions (Recommended)
 
-For monitoring active kubectl sessions via SSM:
+For complete EKS analysis including cost optimization:
 
 ```json
 {
     "Version": "2012-10-17",
     "Statement": [
         {
-            "Sid": "SSMSessionMonitoring",
+            "Sid": "EKSFullReadAccess",
+            "Effect": "Allow",
+            "Action": [
+                "eks:Describe*",
+                "eks:List*"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Sid": "EC2ForEKS",
+            "Effect": "Allow",
+            "Action": [
+                "ec2:DescribeInstances",
+                "ec2:DescribeVolumes",
+                "ec2:DescribeSecurityGroups",
+                "ec2:DescribeSubnets",
+                "ec2:DescribeVpcs"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Sid": "AutoScalingForEKS",
+            "Effect": "Allow",
+            "Action": [
+                "autoscaling:DescribeAutoScalingGroups",
+                "autoscaling:DescribeScalingActivities"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Sid": "SSMFullSessionAccess",
             "Effect": "Allow",
             "Action": [
                 "ssm:DescribeSessions",
                 "ssm:GetConnectionStatus",
-                "ssm:DescribeInstanceInformation"
+                "ssm:DescribeInstanceInformation",
+                "ssm:ListCommands",
+                "ssm:ListCommandInvocations"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Sid": "CloudWatchForEKS",
+            "Effect": "Allow",
+            "Action": [
+                "cloudwatch:GetMetricStatistics",
+                "cloudwatch:GetMetricData",
+                "cloudwatch:ListMetrics"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Sid": "CloudWatchLogsForEKS",
+            "Effect": "Allow",
+            "Action": [
+                "logs:DescribeLogGroups",
+                "logs:DescribeLogStreams",
+                "logs:GetLogEvents",
+                "logs:FilterLogEvents",
+                "logs:GetQueryResults",
+                "logs:StartQuery"
+            ],
+            "Resource": [
+                "arn:aws:logs:*:*:log-group:/aws/eks/*",
+                "arn:aws:logs:*:*:log-group:/aws/containerinsights/*"
+            ]
+        },
+        {
+            "Sid": "CloudTrailForEKS",
+            "Effect": "Allow",
+            "Action": [
+                "cloudtrail:LookupEvents"
             ],
             "Resource": "*"
         }
@@ -90,156 +159,71 @@ For monitoring active kubectl sessions via SSM:
 }
 ```
 
+---
+
 ## Kubernetes RBAC Permissions
 
 ### ClusterRole for Dedo-Duro
 
-Create a ClusterRole with read-only access to monitor deployments and pods:
-
 ```yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: dedo-duro-reader
 rules:
-  # Deployment and ReplicaSet access
+  - apiGroups: [""]
+    resources: [pods, pods/log, services, endpoints, configmaps, namespaces, nodes, events]
+    verbs: ["get", "list", "watch"]
   - apiGroups: ["apps"]
-    resources: ["deployments", "replicasets", "daemonsets", "statefulsets"]
+    resources: [deployments, daemonsets, replicasets, statefulsets]
     verbs: ["get", "list", "watch"]
-
-  # Pod access for restart analysis
-  - apiGroups: [""]
-    resources: ["pods", "pods/log"]
+  - apiGroups: ["batch"]
+    resources: [jobs, cronjobs]
     verbs: ["get", "list", "watch"]
-
-  # Events for deployment history
-  - apiGroups: [""]
-    resources: ["events"]
+  - apiGroups: ["autoscaling"]
+    resources: [horizontalpodautoscalers]
     verbs: ["get", "list", "watch"]
-
-  # Namespaces for scope
-  - apiGroups: [""]
-    resources: ["namespaces"]
-    verbs: ["get", "list"]
-
-  # Resource quotas and limits
-  - apiGroups: [""]
-    resources: ["resourcequotas", "limitranges"]
-    verbs: ["get", "list"]
-
-  # Nodes for capacity analysis
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "list"]
-
-  # Metrics for utilization
   - apiGroups: ["metrics.k8s.io"]
-    resources: ["pods", "nodes"]
+    resources: [pods, nodes]
     verbs: ["get", "list"]
 ```
 
 ### ClusterRoleBinding
 
-Bind the ClusterRole to a ServiceAccount:
-
 ```yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: dedo-duro-sa
-  namespace: monitoring
----
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: dedo-duro-reader-binding
 subjects:
-  - kind: ServiceAccount
-    name: dedo-duro-sa
-    namespace: monitoring
+  - kind: User
+    name: dedo-duro-analyzer
+    apiGroup: rbac.authorization.k8s.io
 roleRef:
   kind: ClusterRole
   name: dedo-duro-reader
   apiGroup: rbac.authorization.k8s.io
 ```
 
-## Setting Up Access
-
-### Option 1: IAM Roles for Service Accounts (IRSA) - Recommended
-
-1. Create an IAM role with the required permissions
-2. Associate the role with the Kubernetes ServiceAccount:
-
-```bash
-eksctl create iamserviceaccount \
-  --name dedo-duro-sa \
-  --namespace monitoring \
-  --cluster your-cluster-name \
-  --attach-policy-arn arn:aws:iam::YOUR_ACCOUNT:policy/DedoDuroEKSPolicy \
-  --approve
-```
-
-### Option 2: aws-auth ConfigMap
-
-Add the IAM user/role to the aws-auth ConfigMap:
-
-```yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: aws-auth
-  namespace: kube-system
-data:
-  mapRoles: |
-    - rolearn: arn:aws:iam::YOUR_ACCOUNT:role/DedoDuroRole
-      username: dedo-duro
-      groups:
-        - dedo-duro-reader
-```
-
-## Verification
+---
 
-### Verify IAM Permissions
+## Verification Commands
 
 ```bash
-# Check EKS cluster access
-aws eks describe-cluster --name your-cluster-name
-
-# Check SSM session access
+# Verify IAM permissions
+aws eks list-clusters
 aws ssm describe-sessions --state Active
-```
-
-### Verify Kubernetes RBAC
-
-```bash
-# Test read access to deployments
-kubectl auth can-i list deployments --as=system:serviceaccount:monitoring:dedo-duro-sa
-
-# Test read access to pods
-kubectl auth can-i list pods --as=system:serviceaccount:monitoring:dedo-duro-sa
 
-# Test access to metrics
-kubectl auth can-i list pods.metrics.k8s.io --as=system:serviceaccount:monitoring:dedo-duro-sa
+# Verify Kubernetes RBAC
+kubectl auth can-i list pods --all-namespaces
+kubectl auth can-i get deployments --all-namespaces
 ```
 
-## Troubleshooting
-
-### Common Issues
-
-1. **"Unauthorized" errors**: Check that the IAM role is correctly mapped in aws-auth ConfigMap
-2. **"Forbidden" errors**: Verify the ClusterRoleBinding is correctly configured
-3. **Missing metrics**: Ensure the Kubernetes Metrics Server is installed in the cluster
-
-### Enabling Metrics Server
-
-```bash
-kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
-```
+---
 
-## Security Considerations
+## Security Best Practices
 
-- Always use read-only permissions for analysis
-- Use IRSA for credential management when possible
-- Implement least-privilege access by restricting to specific namespaces if needed
-- Rotate credentials regularly for non-IRSA configurations
-- Enable CloudTrail logging for audit purposes
+1. **Least Privilege**: Only grant permissions needed for analysis
+2. **Read-Only**: Never grant write/delete permissions
+3. **Audit Logging**: Enable CloudTrail for EKS API calls
+4. **Use Roles**: Prefer IAM roles over long-term credentials
diff --git a/notifications/__init__.py b/notifications/__init__.py
new file mode 100644
index 0000000..143ca76
--- /dev/null
+++ b/notifications/__init__.py
@@ -0,0 +1,11 @@
+"""
+Dedo-Duro Notifications Module
+
+Integration with Slack, Microsoft Teams, and custom alerting.
+"""
+
+from .slack import SlackNotifier
+from .teams import TeamsNotifier
+from .alerting import AlertManager, AlertConfig
+
+__all__ = ['SlackNotifier', 'TeamsNotifier', 'AlertManager', 'AlertConfig']
diff --git a/notifications/alerting.py b/notifications/alerting.py
new file mode 100644
index 0000000..f49caab
--- /dev/null
+++ b/notifications/alerting.py
@@ -0,0 +1,295 @@
+"""
+Custom Alerting System for Dedo-Duro
+
+Configurable thresholds and alert rules for AWS resource monitoring.
+"""
+
+import logging
+from typing import Dict, List, Optional, Any, Callable
+from dataclasses import dataclass, field
+from datetime import datetime
+from enum import Enum
+
+logger = logging.getLogger(__name__)
+
+
+class AlertSeverity(Enum):
+    """Alert severity levels."""
+    INFO = "info"
+    WARNING = "warning"
+    CRITICAL = "critical"
+
+
+@dataclass
+class AlertRule:
+    """Definition of an alert rule."""
+    name: str
+    description: str
+    resource_types: List[str]
+    condition: Callable[[Dict], bool]
+    severity: AlertSeverity = AlertSeverity.WARNING
+    enabled: bool = True
+
+
+@dataclass
+class AlertConfig:
+    """Configuration for alerting thresholds."""
+    # Cost thresholds
+    cost_threshold_usd: float = 100.0
+    cost_increase_percent: float = 20.0
+    
+    # Resource usage thresholds
+    cpu_threshold_percent: float = 80.0
+    memory_threshold_percent: float = 80.0
+    storage_threshold_percent: float = 90.0
+    
+    # Idle detection
+    idle_days_threshold: int = 30
+    idle_cpu_threshold: float = 5.0
+    
+    # Security
+    alert_on_public_access: bool = True
+    alert_on_unencrypted: bool = True
+    alert_on_missing_tags: List[str] = field(default_factory=lambda: ['Environment', 'Owner'])
+    
+    # Notification settings
+    notify_on_info: bool = False
+    notify_on_warning: bool = True
+    notify_on_critical: bool = True
+
+
+@dataclass
+class Alert:
+    """Represents a triggered alert."""
+    rule_name: str
+    severity: AlertSeverity
+    resource_id: str
+    resource_type: str
+    message: str
+    details: Dict[str, Any]
+    timestamp: datetime = field(default_factory=datetime.now)
+    acknowledged: bool = False
+
+
+class AlertManager:
+    """Manages alert rules and evaluates resources against them."""
+
+    def __init__(self, config: AlertConfig):
+        self.config = config
+        self.rules: List[AlertRule] = []
+        self.alerts: List[Alert] = []
+        self._register_default_rules()
+
+    def _register_default_rules(self):
+        """Register default alert rules based on config."""
+        
+        # High cost rule
+        self.add_rule(AlertRule(
+            name="high_cost",
+            description="Resource monthly cost exceeds threshold",
+            resource_types=["ec2", "rds", "elasticache", "eks"],
+            condition=lambda r: r.get('estimated_monthly_cost', 0) > self.config.cost_threshold_usd,
+            severity=AlertSeverity.WARNING
+        ))
+        
+        # Idle resource rule
+        self.add_rule(AlertRule(
+            name="idle_resource",
+            description="Resource has low utilization indicating idle state",
+            resource_types=["ec2", "rds"],
+            condition=lambda r: (
+                r.get('cpu_utilization_percentage', 100) < self.config.idle_cpu_threshold and
+                r.get('days_since_activity', 0) > self.config.idle_days_threshold
+            ),
+            severity=AlertSeverity.INFO
+        ))
+        
+        # High CPU utilization rule
+        self.add_rule(AlertRule(
+            name="high_cpu",
+            description="Resource CPU utilization exceeds threshold",
+            resource_types=["ec2", "rds", "elasticache"],
+            condition=lambda r: r.get('cpu_utilization_percentage', 0) > self.config.cpu_threshold_percent,
+            severity=AlertSeverity.WARNING
+        ))
+        
+        # Public access rule
+        if self.config.alert_on_public_access:
+            self.add_rule(AlertRule(
+                name="public_access",
+                description="Resource has public access enabled",
+                resource_types=["s3", "rds", "ec2"],
+                condition=lambda r: r.get('is_public', False) or r.get('publicly_accessible', False),
+                severity=AlertSeverity.CRITICAL
+            ))
+        
+        # Unencrypted storage rule
+        if self.config.alert_on_unencrypted:
+            self.add_rule(AlertRule(
+                name="unencrypted",
+                description="Resource storage is not encrypted",
+                resource_types=["ebs", "rds", "s3"],
+                condition=lambda r: not r.get('encrypted', True) and not r.get('encryption_enabled', True),
+                severity=AlertSeverity.CRITICAL
+            ))
+        
+        # Missing required tags rule
+        if self.config.alert_on_missing_tags:
+            self.add_rule(AlertRule(
+                name="missing_tags",
+                description="Resource is missing required tags",
+                resource_types=["ec2", "rds", "s3", "ebs", "lambda"],
+                condition=lambda r: self._check_missing_tags(r),
+                severity=AlertSeverity.WARNING
+            ))
+        
+        # High storage utilization rule
+        self.add_rule(AlertRule(
+            name="high_storage",
+            description="Storage utilization exceeds threshold",
+            resource_types=["ebs", "rds", "efs"],
+            condition=lambda r: r.get('storage_utilization_percent', 0) > self.config.storage_threshold_percent,
+            severity=AlertSeverity.WARNING
+        ))
+        
+        # Large potential savings rule
+        self.add_rule(AlertRule(
+            name="high_savings_potential",
+            description="Resource has significant potential savings",
+            resource_types=["ec2", "rds", "ebs"],
+            condition=lambda r: r.get('potential_monthly_savings', 0) > self.config.cost_threshold_usd,
+            severity=AlertSeverity.INFO
+        ))
+
+    def _check_missing_tags(self, resource: Dict) -> bool:
+        """Check if resource is missing required tags."""
+        tags = resource.get('tags', {}) or {}
+        if isinstance(tags, list):
+            tags = {t.get('Key', ''): t.get('Value', '') for t in tags}
+        
+        for required_tag in self.config.alert_on_missing_tags:
+            if required_tag not in tags:
+                return True
+        return False
+
+    def add_rule(self, rule: AlertRule):
+        """Add a new alert rule."""
+        self.rules.append(rule)
+
+    def remove_rule(self, rule_name: str):
+        """Remove an alert rule by name."""
+        self.rules = [r for r in self.rules if r.name != rule_name]
+
+    def enable_rule(self, rule_name: str):
+        """Enable an alert rule."""
+        for rule in self.rules:
+            if rule.name == rule_name:
+                rule.enabled = True
+
+    def disable_rule(self, rule_name: str):
+        """Disable an alert rule."""
+        for rule in self.rules:
+            if rule.name == rule_name:
+                rule.enabled = False
+
+    def evaluate_resource(self, resource: Dict, resource_type: str) -> List[Alert]:
+        """Evaluate a resource against all applicable rules."""
+        triggered_alerts = []
+        
+        for rule in self.rules:
+            if not rule.enabled:
+                continue
+            
+            if resource_type not in rule.resource_types:
+                continue
+            
+            try:
+                if rule.condition(resource):
+                    alert = Alert(
+                        rule_name=rule.name,
+                        severity=rule.severity,
+                        resource_id=self._get_resource_id(resource),
+                        resource_type=resource_type,
+                        message=rule.description,
+                        details=self._extract_alert_details(resource, rule)
+                    )
+                    triggered_alerts.append(alert)
+                    self.alerts.append(alert)
+            except Exception as e:
+                logger.warning(f"Error evaluating rule {rule.name}: {e}")
+        
+        return triggered_alerts
+
+    def evaluate_all(self, results: Dict[str, Any]) -> List[Alert]:
+        """Evaluate all resources in analysis results."""
+        all_alerts = []
+        
+        for resource_type, data in results.items():
+            if not isinstance(data, dict):
+                continue
+            
+            resources = data.get('resources', [])
+            for resource in resources:
+                alerts = self.evaluate_resource(resource, resource_type)
+                all_alerts.extend(alerts)
+        
+        return all_alerts
+
+    def _get_resource_id(self, resource: Dict) -> str:
+        """Extract resource identifier from resource data."""
+        for key in ['InstanceId', 'DBInstanceIdentifier', 'BucketName', 
+                    'VolumeId', 'FunctionName', 'ClusterName', 'resource_id']:
+            if key in resource:
+                return resource[key]
+        return "Unknown"
+
+    def _extract_alert_details(self, resource: Dict, rule: AlertRule) -> Dict:
+        """Extract relevant details for an alert."""
+        details = {}
+        
+        # Common fields
+        for key in ['cpu_utilization_percentage', 'estimated_monthly_cost', 
+                    'potential_monthly_savings', 'instance_type', 'region']:
+            if key in resource:
+                details[key] = resource[key]
+        
+        return details
+
+    def get_alerts_by_severity(self, severity: AlertSeverity) -> List[Alert]:
+        """Get all alerts of a specific severity."""
+        return [a for a in self.alerts if a.severity == severity]
+
+    def get_unacknowledged_alerts(self) -> List[Alert]:
+        """Get all unacknowledged alerts."""
+        return [a for a in self.alerts if not a.acknowledged]
+
+    def acknowledge_alert(self, alert: Alert):
+        """Mark an alert as acknowledged."""
+        alert.acknowledged = True
+
+    def clear_alerts(self):
+        """Clear all alerts."""
+        self.alerts = []
+
+    def should_notify(self, alert: Alert) -> bool:
+        """Check if an alert should trigger a notification."""
+        if alert.severity == AlertSeverity.INFO:
+            return self.config.notify_on_info
+        elif alert.severity == AlertSeverity.WARNING:
+            return self.config.notify_on_warning
+        elif alert.severity == AlertSeverity.CRITICAL:
+            return self.config.notify_on_critical
+        return False
+
+    def get_summary(self) -> Dict[str, Any]:
+        """Get a summary of current alerts."""
+        return {
+            'total': len(self.alerts),
+            'by_severity': {
+                'critical': len(self.get_alerts_by_severity(AlertSeverity.CRITICAL)),
+                'warning': len(self.get_alerts_by_severity(AlertSeverity.WARNING)),
+                'info': len(self.get_alerts_by_severity(AlertSeverity.INFO))
+            },
+            'unacknowledged': len(self.get_unacknowledged_alerts()),
+            'rules_enabled': len([r for r in self.rules if r.enabled])
+        }
diff --git a/notifications/slack.py b/notifications/slack.py
new file mode 100644
index 0000000..718e394
--- /dev/null
+++ b/notifications/slack.py
@@ -0,0 +1,217 @@
+"""
+Slack Integration for Dedo-Duro
+
+Sends analysis alerts and reports to Slack channels via webhooks.
+"""
+
+import json
+import logging
+from typing import Dict, List, Optional, Any
+from dataclasses import dataclass
+from datetime import datetime
+
+try:
+    import requests
+    HAS_REQUESTS = True
+except ImportError:
+    HAS_REQUESTS = False
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class SlackConfig:
+    """Configuration for Slack notifications."""
+    webhook_url: str
+    channel: Optional[str] = None
+    username: str = "Dedo-Duro"
+    icon_emoji: str = ":mag:"
+    mention_on_critical: bool = True
+    mention_users: List[str] = None  # User IDs to mention
+
+
+class SlackNotifier:
+    """Send notifications to Slack via webhooks."""
+
+    def __init__(self, config: SlackConfig):
+        if not HAS_REQUESTS:
+            raise ImportError("requests library required for Slack notifications. Install with: pip install requests")
+        self.config = config
+
+    def send_message(self, text: str, blocks: Optional[List[Dict]] = None) -> bool:
+        """Send a simple message to Slack."""
+        payload = {
+            "text": text,
+            "username": self.config.username,
+            "icon_emoji": self.config.icon_emoji
+        }
+        
+        if self.config.channel:
+            payload["channel"] = self.config.channel
+        
+        if blocks:
+            payload["blocks"] = blocks
+        
+        return self._post(payload)
+
+    def send_analysis_summary(self, results: Dict[str, Any]) -> bool:
+        """Send analysis summary to Slack."""
+        total_resources = sum(
+            len(r.get('resources', [])) 
+            for r in results.values() 
+            if isinstance(r, dict)
+        )
+        
+        total_savings = sum(
+            r.get('total_potential_savings', 0) 
+            for r in results.values() 
+            if isinstance(r, dict)
+        )
+        
+        blocks = [
+            {
+                "type": "header",
+                "text": {
+                    "type": "plain_text",
+                    "text": "Dedo-Duro Analysis Complete",
+                    "emoji": True
+                }
+            },
+            {
+                "type": "section",
+                "fields": [
+                    {
+                        "type": "mrkdwn",
+                        "text": f"*Resources Analyzed:*\n{total_resources}"
+                    },
+                    {
+                        "type": "mrkdwn",
+                        "text": f"*Potential Savings:*\n${total_savings:,.2f}/month"
+                    }
+                ]
+            },
+            {
+                "type": "section",
+                "fields": [
+                    {
+                        "type": "mrkdwn",
+                        "text": f"*Timestamp:*\n{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}"
+                    }
+                ]
+            },
+            {"type": "divider"}
+        ]
+        
+        # Add breakdown by resource type
+        for resource_type, data in results.items():
+            if isinstance(data, dict) and 'resources' in data:
+                count = len(data['resources'])
+                savings = data.get('total_potential_savings', 0)
+                blocks.append({
+                    "type": "section",
+                    "text": {
+                        "type": "mrkdwn",
+                        "text": f"*{resource_type.upper()}*: {count} resources, ${savings:,.2f} savings"
+                    }
+                })
+        
+        return self.send_message("Analysis Complete", blocks=blocks)
+
+    def send_alert(self, alert_type: str, severity: str, resource: str, 
+                   message: str, details: Optional[Dict] = None) -> bool:
+        """Send an alert notification."""
+        emoji_map = {
+            'critical': ':rotating_light:',
+            'warning': ':warning:',
+            'info': ':information_source:'
+        }
+        
+        color_map = {
+            'critical': '#dc2626',
+            'warning': '#f59e0b',
+            'info': '#2563eb'
+        }
+        
+        text = f"{emoji_map.get(severity, ':bell:')} *{alert_type.upper()} Alert*"
+        
+        # Mention users on critical alerts
+        if severity == 'critical' and self.config.mention_on_critical and self.config.mention_users:
+            mentions = ' '.join(f'<@{u}>' for u in self.config.mention_users)
+            text = f"{mentions}\n{text}"
+        
+        blocks = [
+            {
+                "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": text
+                }
+            },
+            {
+                "type": "section",
+                "fields": [
+                    {"type": "mrkdwn", "text": f"*Resource:*\n{resource}"},
+                    {"type": "mrkdwn", "text": f"*Severity:*\n{severity.upper()}"}
+                ]
+            },
+            {
+                "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": f"*Message:*\n{message}"
+                }
+            }
+        ]
+        
+        if details:
+            detail_text = "\n".join(f"• {k}: {v}" for k, v in details.items())
+            blocks.append({
+                "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": f"*Details:*\n{detail_text}"
+                }
+            })
+        
+        return self.send_message(text, blocks=blocks)
+
+    def send_cost_alert(self, resource_id: str, current_cost: float, 
+                        threshold: float, resource_type: str) -> bool:
+        """Send a cost threshold alert."""
+        return self.send_alert(
+            alert_type='cost',
+            severity='warning',
+            resource=resource_id,
+            message=f"Resource cost ${current_cost:,.2f}/month exceeds threshold ${threshold:,.2f}",
+            details={
+                'Resource Type': resource_type,
+                'Current Cost': f'${current_cost:,.2f}',
+                'Threshold': f'${threshold:,.2f}',
+                'Overage': f'${current_cost - threshold:,.2f}'
+            }
+        )
+
+    def send_security_alert(self, finding: Dict[str, Any]) -> bool:
+        """Send a security finding alert."""
+        return self.send_alert(
+            alert_type='security',
+            severity=finding.get('severity', 'warning'),
+            resource=finding.get('resource', 'Unknown'),
+            message=finding.get('description', 'Security issue detected'),
+            details=finding.get('details')
+        )
+
+    def _post(self, payload: Dict) -> bool:
+        """Post payload to Slack webhook."""
+        try:
+            response = requests.post(
+                self.config.webhook_url,
+                json=payload,
+                headers={'Content-Type': 'application/json'},
+                timeout=10
+            )
+            response.raise_for_status()
+            return True
+        except requests.exceptions.RequestException as e:
+            logger.error(f"Failed to send Slack notification: {e}")
+            return False
diff --git a/notifications/teams.py b/notifications/teams.py
new file mode 100644
index 0000000..3ed1723
--- /dev/null
+++ b/notifications/teams.py
@@ -0,0 +1,160 @@
+"""
+Microsoft Teams Integration for Dedo-Duro
+
+Sends analysis alerts and reports to Teams channels via webhooks.
+"""
+
+import json
+import logging
+from typing import Dict, List, Optional, Any
+from dataclasses import dataclass
+from datetime import datetime
+
+try:
+    import requests
+    HAS_REQUESTS = True
+except ImportError:
+    HAS_REQUESTS = False
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class TeamsConfig:
+    """Configuration for Microsoft Teams notifications."""
+    webhook_url: str
+    title_prefix: str = "Dedo-Duro"
+
+
+class TeamsNotifier:
+    """Send notifications to Microsoft Teams via webhooks."""
+
+    def __init__(self, config: TeamsConfig):
+        if not HAS_REQUESTS:
+            raise ImportError("requests library required for Teams notifications. Install with: pip install requests")
+        self.config = config
+
+    def send_message(self, title: str, text: str, 
+                     facts: Optional[List[Dict]] = None,
+                     color: str = "0076D7") -> bool:
+        """Send a message to Teams using Adaptive Cards."""
+        card = {
+            "@type": "MessageCard",
+            "@context": "http://schema.org/extensions",
+            "themeColor": color,
+            "summary": title,
+            "sections": [{
+                "activityTitle": f"{self.config.title_prefix}: {title}",
+                "activitySubtitle": datetime.now().strftime('%Y-%m-%d %H:%M:%S'),
+                "text": text,
+                "markdown": True
+            }]
+        }
+        
+        if facts:
+            card["sections"][0]["facts"] = facts
+        
+        return self._post(card)
+
+    def send_analysis_summary(self, results: Dict[str, Any]) -> bool:
+        """Send analysis summary to Teams."""
+        total_resources = sum(
+            len(r.get('resources', [])) 
+            for r in results.values() 
+            if isinstance(r, dict)
+        )
+        
+        total_savings = sum(
+            r.get('total_potential_savings', 0) 
+            for r in results.values() 
+            if isinstance(r, dict)
+        )
+        
+        facts = [
+            {"name": "Resources Analyzed", "value": str(total_resources)},
+            {"name": "Potential Savings", "value": f"${total_savings:,.2f}/month"}
+        ]
+        
+        # Add breakdown by resource type
+        for resource_type, data in results.items():
+            if isinstance(data, dict) and 'resources' in data:
+                count = len(data['resources'])
+                savings = data.get('total_potential_savings', 0)
+                facts.append({
+                    "name": resource_type.upper(),
+                    "value": f"{count} resources, ${savings:,.2f} savings"
+                })
+        
+        return self.send_message(
+            title="Analysis Complete",
+            text="AWS resource analysis has completed successfully.",
+            facts=facts,
+            color="00FF00"  # Green
+        )
+
+    def send_alert(self, alert_type: str, severity: str, resource: str,
+                   message: str, details: Optional[Dict] = None) -> bool:
+        """Send an alert notification to Teams."""
+        color_map = {
+            'critical': 'FF0000',  # Red
+            'warning': 'FFA500',   # Orange
+            'info': '0076D7'       # Blue
+        }
+        
+        facts = [
+            {"name": "Resource", "value": resource},
+            {"name": "Severity", "value": severity.upper()},
+            {"name": "Type", "value": alert_type.upper()}
+        ]
+        
+        if details:
+            for key, value in details.items():
+                facts.append({"name": key, "value": str(value)})
+        
+        return self.send_message(
+            title=f"{severity.upper()} Alert",
+            text=message,
+            facts=facts,
+            color=color_map.get(severity, '0076D7')
+        )
+
+    def send_cost_alert(self, resource_id: str, current_cost: float,
+                        threshold: float, resource_type: str) -> bool:
+        """Send a cost threshold alert."""
+        return self.send_alert(
+            alert_type='cost',
+            severity='warning',
+            resource=resource_id,
+            message=f"Resource cost exceeds threshold",
+            details={
+                'Resource Type': resource_type,
+                'Current Cost': f'${current_cost:,.2f}',
+                'Threshold': f'${threshold:,.2f}',
+                'Overage': f'${current_cost - threshold:,.2f}'
+            }
+        )
+
+    def send_security_alert(self, finding: Dict[str, Any]) -> bool:
+        """Send a security finding alert."""
+        return self.send_alert(
+            alert_type='security',
+            severity=finding.get('severity', 'warning'),
+            resource=finding.get('resource', 'Unknown'),
+            message=finding.get('description', 'Security issue detected'),
+            details=finding.get('details')
+        )
+
+    def _post(self, payload: Dict) -> bool:
+        """Post payload to Teams webhook."""
+        try:
+            response = requests.post(
+                self.config.webhook_url,
+                json=payload,
+                headers={'Content-Type': 'application/json'},
+                timeout=10
+            )
+            response.raise_for_status()
+            return True
+        except requests.exceptions.RequestException as e:
+            logger.error(f"Failed to send Teams notification: {e}")
+            return False
diff --git a/remediation/__init__.py b/remediation/__init__.py
new file mode 100644
index 0000000..9e9f372
--- /dev/null
+++ b/remediation/__init__.py
@@ -0,0 +1,19 @@
+"""
+Dedo-Duro Auto-Remediation Module (Experimental)
+
+Safe, read-only operations with dry-run support for auto-fixing common issues.
+"""
+
+from .base import RemediationAction, RemediationResult, RemediationEngine
+from .ec2_remediation import EC2Remediation
+from .rds_remediation import RDSRemediation
+from .s3_remediation import S3Remediation
+
+__all__ = [
+    'RemediationAction',
+    'RemediationResult', 
+    'RemediationEngine',
+    'EC2Remediation',
+    'RDSRemediation',
+    'S3Remediation'
+]
diff --git a/remediation/base.py b/remediation/base.py
index 4412c72..531316a 100644
--- a/remediation/base.py
+++ b/remediation/base.py
@@ -1,28 +1,48 @@
 """
-Base Remediation Module.
+Base Remediation Framework for Dedo-Duro
 
-Provides the foundation for auto-remediation capabilities with safety controls.
-All remediation actions require explicit approval by default.
+Provides a safe, auditable framework for auto-remediation actions.
 """
 
 import logging
 from abc import ABC, abstractmethod
-from datetime import datetime
-from typing import Dict, List, Any, Optional
 from dataclasses import dataclass, field
+from datetime import datetime
 from enum import Enum
+from typing import Dict, List, Optional, Any, Callable
+
+import boto3
+from botocore.exceptions import ClientError
+
+logger = logging.getLogger(__name__)
+
 
-from config import AWSConfig
+class ActionType(Enum):
+    """Types of remediation actions."""
+    TAG = "tag"
+    SNAPSHOT = "snapshot"
+    STOP = "stop"
+    MODIFY = "modify"
+    DELETE = "delete"  # Only for truly orphaned resources
+    NOTIFY = "notify"
 
-log = logging.getLogger(__name__)
 
+class ActionRisk(Enum):
+    """Risk levels for actions."""
+    SAFE = "safe"          # Read-only or tagging operations
+    LOW = "low"            # Snapshots, non-destructive changes
+    MEDIUM = "medium"      # Resource modifications
+    HIGH = "high"          # Stop/start operations
+    CRITICAL = "critical"  # Delete operations (requires approval)
 
+
+# Aliases for backwards compatibility with tests
 class RemediationRisk(Enum):
-    """Risk level for remediation actions."""
-    LOW = "low"       # Safe operations: tagging, snapshots
-    MEDIUM = "medium"  # Moderate risk: stop instances, modify configs
-    HIGH = "high"     # High risk: terminate, delete
-    CRITICAL = "critical"  # Destructive: delete with no recovery
+    """Risk levels for remediation actions (alias for ActionRisk)."""
+    LOW = "low"
+    MEDIUM = "medium"
+    HIGH = "high"
+    CRITICAL = "critical"
 
 
 class RemediationStatus(Enum):
@@ -30,6 +50,7 @@ class RemediationStatus(Enum):
     PENDING = "pending"
     APPROVED = "approved"
     IN_PROGRESS = "in_progress"
+    EXECUTING = "executing"
     COMPLETED = "completed"
     FAILED = "failed"
     CANCELLED = "cancelled"
@@ -42,309 +63,218 @@ class RemediationAction:
     action_id: str
     resource_type: str
     resource_id: str
-    action_type: str
+    action_type: Any  # Can be ActionType enum or string
     description: str
-    risk_level: RemediationRisk
+    risk_level: Any = ActionRisk.LOW  # Can be ActionRisk or RemediationRisk
+    parameters: Dict[str, Any] = field(default_factory=dict)
+    requires_approval: bool = False
+    approved: bool = False
+    approved_by: Optional[str] = None
+    approval_time: Optional[datetime] = None
     status: RemediationStatus = RemediationStatus.PENDING
     dry_run: bool = True
-    created_at: datetime = field(default_factory=datetime.utcnow)
-    approved_at: Optional[datetime] = None
-    completed_at: Optional[datetime] = None
-    approved_by: Optional[str] = None
-    result: Optional[Dict[str, Any]] = None
-    error: Optional[str] = None
-    rollback_info: Optional[Dict[str, Any]] = None
 
     def to_dict(self) -> Dict[str, Any]:
-        """Convert to dictionary representation."""
+        """Convert action to dictionary representation."""
+        risk_value = self.risk_level.value if hasattr(self.risk_level, 'value') else str(self.risk_level)
+        action_value = self.action_type.value if hasattr(self.action_type, 'value') else str(self.action_type)
         return {
             'action_id': self.action_id,
             'resource_type': self.resource_type,
             'resource_id': self.resource_id,
-            'action_type': self.action_type,
+            'action_type': action_value,
             'description': self.description,
-            'risk_level': self.risk_level.value,
+            'risk_level': risk_value,
             'status': self.status.value,
             'dry_run': self.dry_run,
-            'created_at': self.created_at.isoformat() if self.created_at else None,
-            'approved_at': self.approved_at.isoformat() if self.approved_at else None,
-            'completed_at': self.completed_at.isoformat() if self.completed_at else None,
-            'approved_by': self.approved_by,
-            'result': self.result,
-            'error': self.error,
-            'rollback_info': self.rollback_info
+            'requires_approval': self.requires_approval,
+            'approved': self.approved,
+            'parameters': self.parameters
         }
 
 
-class BaseRemediation(ABC):
-    """
-    Base class for resource remediation.
+@dataclass
+class RemediationResult:
+    """Result of a remediation action execution."""
+    action: RemediationAction
+    success: bool
+    message: str
+    execution_time: datetime = field(default_factory=datetime.now)
+    dry_run: bool = False
+    error: Optional[str] = None
+    changes_made: Dict[str, Any] = field(default_factory=dict)
 
-    Provides common functionality for all remediation types with
-    safety controls and audit logging.
-    """
 
-    # Maximum risk level allowed without explicit approval
-    DEFAULT_MAX_AUTO_APPROVE_RISK = RemediationRisk.LOW
+class RemediationEngine:
+    """
+    Central engine for managing and executing remediation actions.
+    
+    SAFETY FEATURES:
+    - Dry-run mode by default
+    - Action approval workflow
+    - Comprehensive audit logging
+    - Risk-based execution controls
+    """
 
-    def __init__(
-        self,
-        aws_config: AWSConfig,
-        dry_run: bool = True,
-        max_auto_approve_risk: RemediationRisk = None
-    ):
+    def __init__(self, dry_run: bool = True, max_risk: ActionRisk = ActionRisk.LOW):
         """
-        Initialize the remediation handler.
-
+        Initialize the remediation engine.
+        
         Args:
-            aws_config: AWS configuration
-            dry_run: If True, actions are simulated but not executed (default: True)
-            max_auto_approve_risk: Maximum risk level for auto-approval
+            dry_run: If True, actions are simulated but not executed
+            max_risk: Maximum risk level to auto-execute (higher risks require approval)
         """
-        self.aws_config = aws_config
         self.dry_run = dry_run
-        self.max_auto_approve_risk = max_auto_approve_risk or self.DEFAULT_MAX_AUTO_APPROVE_RISK
-        self.actions: List[RemediationAction] = []
-        self.audit_log: List[Dict[str, Any]] = []
-
-    @abstractmethod
-    def get_resource_type(self) -> str:
-        """Return the AWS resource type this handler remediates."""
-        pass
-
-    @abstractmethod
-    def get_available_actions(self) -> List[Dict[str, Any]]:
-        """Return list of available remediation actions."""
-        pass
-
-    def _log_audit(
-        self,
-        action: str,
-        resource_id: str,
-        details: Dict[str, Any],
-        success: bool = True
-    ) -> None:
-        """Log an audit entry for tracking."""
-        entry = {
-            'timestamp': datetime.utcnow().isoformat(),
-            'action': action,
-            'resource_type': self.get_resource_type(),
-            'resource_id': resource_id,
-            'details': details,
-            'success': success,
-            'dry_run': self.dry_run,
-            'region': self.aws_config.region
-        }
-        self.audit_log.append(entry)
-        log.info(f"Remediation audit: {action} on {resource_id} - {'DRY_RUN' if self.dry_run else 'EXECUTED'}")
-
-    def create_action(
-        self,
-        resource_id: str,
-        action_type: str,
-        description: str,
-        risk_level: RemediationRisk,
-        rollback_info: Optional[Dict[str, Any]] = None
-    ) -> RemediationAction:
-        """
-        Create a new remediation action.
-
-        Args:
-            resource_id: ID of the resource to remediate
-            action_type: Type of remediation action
-            description: Human-readable description
-            risk_level: Risk level of this action
-            rollback_info: Information needed to rollback this action
-
-        Returns:
-            The created RemediationAction
-        """
-        from uuid import uuid4
-
-        action = RemediationAction(
-            action_id=str(uuid4())[:8],
-            resource_type=self.get_resource_type(),
-            resource_id=resource_id,
-            action_type=action_type,
-            description=description,
-            risk_level=risk_level,
-            dry_run=self.dry_run,
-            rollback_info=rollback_info
-        )
-
-        self.actions.append(action)
-        self._log_audit('action_created', resource_id, {
-            'action_id': action.action_id,
-            'action_type': action_type,
-            'risk_level': risk_level.value
-        })
-
-        return action
-
-    def can_auto_approve(self, action: RemediationAction) -> bool:
-        """Check if an action can be auto-approved based on risk level."""
-        risk_order = [RemediationRisk.LOW, RemediationRisk.MEDIUM, RemediationRisk.HIGH, RemediationRisk.CRITICAL]
-        action_risk_index = risk_order.index(action.risk_level)
-        max_risk_index = risk_order.index(self.max_auto_approve_risk)
-        return action_risk_index <= max_risk_index
-
-    def approve_action(
-        self,
-        action_id: str,
-        approved_by: str = "system"
-    ) -> bool:
-        """
-        Approve a remediation action for execution.
-
-        Args:
-            action_id: ID of the action to approve
-            approved_by: Identifier of the approver
-
-        Returns:
-            True if approved, False if not found or already processed
-        """
-        for action in self.actions:
+        self.max_risk = max_risk
+        self.pending_actions: List[RemediationAction] = []
+        self.executed_actions: List[RemediationResult] = []
+        self.handlers: Dict[str, 'BaseRemediation'] = {}
+        self.audit_log: List[Dict] = []
+
+    def register_handler(self, resource_type: str, handler: 'BaseRemediation'):
+        """Register a remediation handler for a resource type."""
+        self.handlers[resource_type] = handler
+
+    def add_action(self, action: RemediationAction):
+        """Add an action to the pending queue."""
+        # Check if action requires approval based on risk
+        if self._risk_value(action.risk_level) > self._risk_value(self.max_risk):
+            action.requires_approval = True
+        
+        self.pending_actions.append(action)
+        self._log_audit("action_added", action)
+
+    def approve_action(self, action_id: str, approved_by: str) -> bool:
+        """Approve a pending action."""
+        for action in self.pending_actions:
             if action.action_id == action_id:
-                if action.status != RemediationStatus.PENDING:
-                    log.warning(f"Action {action_id} is not pending, cannot approve")
-                    return False
-
-                action.status = RemediationStatus.APPROVED
-                action.approved_at = datetime.utcnow()
+                action.approved = True
                 action.approved_by = approved_by
-
-                self._log_audit('action_approved', action.resource_id, {
-                    'action_id': action_id,
-                    'approved_by': approved_by
-                })
+                action.approval_time = datetime.now()
+                self._log_audit("action_approved", action, approved_by=approved_by)
                 return True
-
-        log.warning(f"Action {action_id} not found")
         return False
 
-    def execute_action(self, action_id: str) -> Dict[str, Any]:
-        """
-        Execute a remediation action.
-
-        Args:
-            action_id: ID of the action to execute
-
-        Returns:
-            Result dictionary with success status and details
-        """
-        for action in self.actions:
-            if action.action_id == action_id:
-                if action.status not in [RemediationStatus.APPROVED, RemediationStatus.PENDING]:
-                    return {
-                        'success': False,
-                        'error': f'Action is not approved or pending: {action.status.value}'
-                    }
-
-                # Check auto-approval for pending actions
-                if action.status == RemediationStatus.PENDING:
-                    if not self.can_auto_approve(action):
-                        return {
-                            'success': False,
-                            'error': f'Action requires approval (risk: {action.risk_level.value})'
-                        }
-                    self.approve_action(action_id, 'auto-approved')
-
-                action.status = RemediationStatus.IN_PROGRESS
-
-                try:
-                    if self.dry_run:
-                        result = self._simulate_action(action)
-                        action.status = RemediationStatus.DRY_RUN
-                    else:
-                        result = self._execute_action_impl(action)
-                        action.status = RemediationStatus.COMPLETED
-
-                    action.completed_at = datetime.utcnow()
-                    action.result = result
-
-                    self._log_audit('action_executed', action.resource_id, {
-                        'action_id': action_id,
-                        'dry_run': self.dry_run,
-                        'result': result
-                    })
-
-                    return {'success': True, 'result': result, 'dry_run': self.dry_run}
-
-                except Exception as e:
-                    action.status = RemediationStatus.FAILED
-                    action.error = str(e)
-
-                    self._log_audit('action_failed', action.resource_id, {
-                        'action_id': action_id,
-                        'error': str(e)
-                    }, success=False)
-
-                    log.exception(f"Remediation action {action_id} failed")
-                    return {'success': False, 'error': str(e)}
-
-        return {'success': False, 'error': f'Action {action_id} not found'}
-
-    def _simulate_action(self, action: RemediationAction) -> Dict[str, Any]:
-        """
-        Simulate an action without making changes.
-
-        Args:
-            action: The action to simulate
-
-        Returns:
-            Simulation result
-        """
+    def execute_pending(self) -> List[RemediationResult]:
+        """Execute all approved pending actions."""
+        results = []
+        
+        for action in self.pending_actions[:]:  # Copy list to allow modification
+            if action.requires_approval and not action.approved:
+                logger.info(f"Skipping action {action.action_id}: requires approval")
+                continue
+            
+            result = self.execute_action(action)
+            results.append(result)
+            self.pending_actions.remove(action)
+        
+        return results
+
+    def execute_action(self, action: RemediationAction) -> RemediationResult:
+        """Execute a single remediation action."""
+        handler = self.handlers.get(action.resource_type)
+        
+        if not handler:
+            return RemediationResult(
+                action=action,
+                success=False,
+                message=f"No handler registered for resource type: {action.resource_type}",
+                dry_run=self.dry_run,
+                error="Handler not found"
+            )
+        
+        try:
+            self._log_audit("action_started", action)
+            
+            if self.dry_run:
+                result = handler.simulate(action)
+                result.dry_run = True
+            else:
+                result = handler.execute(action)
+            
+            self.executed_actions.append(result)
+            self._log_audit("action_completed", action, result=result)
+            
+            return result
+            
+        except Exception as e:
+            logger.error(f"Error executing action {action.action_id}: {e}")
+            result = RemediationResult(
+                action=action,
+                success=False,
+                message="Execution failed",
+                dry_run=self.dry_run,
+                error=str(e)
+            )
+            self._log_audit("action_failed", action, error=str(e))
+            return result
+
+    def _risk_value(self, risk: ActionRisk) -> int:
+        """Convert risk level to numeric value for comparison."""
         return {
-            'simulated': True,
-            'action_type': action.action_type,
+            ActionRisk.SAFE: 0,
+            ActionRisk.LOW: 1,
+            ActionRisk.MEDIUM: 2,
+            ActionRisk.HIGH: 3,
+            ActionRisk.CRITICAL: 4
+        }.get(risk, 0)
+
+    def _log_audit(self, event: str, action: RemediationAction, **kwargs):
+        """Log an audit entry."""
+        entry = {
+            'timestamp': datetime.now().isoformat(),
+            'event': event,
+            'action_id': action.action_id,
+            'action_type': action.action_type.value,
+            'resource_type': action.resource_type,
             'resource_id': action.resource_id,
-            'message': f'Would execute {action.action_type} on {action.resource_id}'
+            'risk_level': action.risk_level.value,
+            'dry_run': self.dry_run,
+            **kwargs
         }
+        self.audit_log.append(entry)
+        logger.info(f"Audit: {event} - {action.action_id}")
 
-    @abstractmethod
-    def _execute_action_impl(self, action: RemediationAction) -> Dict[str, Any]:
-        """
-        Execute the actual remediation action.
-
-        Must be implemented by subclasses.
+    def get_audit_log(self) -> List[Dict]:
+        """Get the full audit log."""
+        return self.audit_log
 
-        Args:
-            action: The action to execute
+    def get_pending_summary(self) -> Dict[str, Any]:
+        """Get summary of pending actions."""
+        return {
+            'total': len(self.pending_actions),
+            'awaiting_approval': len([a for a in self.pending_actions if a.requires_approval and not a.approved]),
+            'ready_to_execute': len([a for a in self.pending_actions if not a.requires_approval or a.approved]),
+            'by_risk': {
+                risk.value: len([a for a in self.pending_actions if a.risk_level == risk])
+                for risk in ActionRisk
+            }
+        }
 
-        Returns:
-            Execution result
-        """
-        pass
 
-    def get_pending_actions(self) -> List[RemediationAction]:
-        """Get all pending actions."""
-        return [a for a in self.actions if a.status == RemediationStatus.PENDING]
+class BaseRemediation(ABC):
+    """Base class for resource-specific remediation handlers."""
 
-    def get_audit_log(self) -> List[Dict[str, Any]]:
-        """Get the audit log."""
-        return self.audit_log.copy()
+    def __init__(self, session: Optional[boto3.Session] = None):
+        self.session = session or boto3.Session()
 
-    def cancel_action(self, action_id: str, reason: str = "") -> bool:
-        """
-        Cancel a pending or approved action.
+    @abstractmethod
+    def execute(self, action: RemediationAction) -> RemediationResult:
+        """Execute the remediation action."""
+        pass
 
-        Args:
-            action_id: ID of the action to cancel
-            reason: Optional reason for cancellation
+    @abstractmethod
+    def simulate(self, action: RemediationAction) -> RemediationResult:
+        """Simulate the remediation action (dry-run)."""
+        pass
 
-        Returns:
-            True if cancelled, False otherwise
-        """
-        for action in self.actions:
-            if action.action_id == action_id:
-                if action.status in [RemediationStatus.PENDING, RemediationStatus.APPROVED]:
-                    action.status = RemediationStatus.CANCELLED
-                    action.error = reason if reason else "Cancelled by user"
-
-                    self._log_audit('action_cancelled', action.resource_id, {
-                        'action_id': action_id,
-                        'reason': reason
-                    })
-                    return True
-                return False
-        return False
+    def _create_result(self, action: RemediationAction, success: bool, 
+                       message: str, changes: Dict = None, error: str = None) -> RemediationResult:
+        """Helper to create a result object."""
+        return RemediationResult(
+            action=action,
+            success=success,
+            message=message,
+            changes_made=changes or {},
+            error=error
+        )
diff --git a/remediation/ec2_remediation.py b/remediation/ec2_remediation.py
index 6d4057f..9d4d9e4 100644
--- a/remediation/ec2_remediation.py
+++ b/remediation/ec2_remediation.py
@@ -1,434 +1,301 @@
 """
-EC2 Remediation Module.
+EC2 Remediation Actions for Dedo-Duro
 
-Provides safe remediation actions for EC2 instances including:
-- Adding/updating tags
-- Creating snapshots before changes
-- Stopping idle instances
-- Rightsizing recommendations application
+Safe remediation actions for EC2 instances.
 """
 
 import logging
 from datetime import datetime
-from typing import Dict, List, Any, Optional
+from typing import Dict, Optional
+import uuid
 
-from config import AWSConfig
-from remediation.base import (
-    BaseRemediation,
-    RemediationAction,
-    RemediationRisk,
-    RemediationStatus
+import boto3
+from botocore.exceptions import ClientError
+
+from .base import (
+    BaseRemediation, RemediationAction, RemediationResult,
+    ActionType, ActionRisk
 )
 
-log = logging.getLogger(__name__)
+logger = logging.getLogger(__name__)
 
 
 class EC2Remediation(BaseRemediation):
-    """
-    Remediation handler for EC2 instances.
-
-    Supports:
-    - Tag management (LOW risk)
-    - Snapshot creation (LOW risk)
-    - Instance stop (MEDIUM risk)
-    - Instance type modification (MEDIUM risk)
-    - Instance termination (HIGH risk - requires explicit approval)
-    """
-
-    def __init__(
-        self,
-        aws_config: AWSConfig,
-        dry_run: bool = True,
-        max_auto_approve_risk: RemediationRisk = RemediationRisk.LOW
-    ):
-        super().__init__(aws_config, dry_run, max_auto_approve_risk)
-        self.ec2_client = aws_config.create_client('ec2')
-
-    def get_resource_type(self) -> str:
-        return 'ec2_instance'
+    """EC2-specific remediation actions."""
 
-    def get_available_actions(self) -> List[Dict[str, Any]]:
-        """Return list of available EC2 remediation actions."""
-        return [
-            {
-                'action_type': 'add_tags',
-                'description': 'Add or update tags on an EC2 instance',
-                'risk_level': RemediationRisk.LOW.value,
-                'parameters': ['instance_id', 'tags']
-            },
-            {
-                'action_type': 'create_snapshot',
-                'description': 'Create EBS snapshots for all volumes attached to instance',
-                'risk_level': RemediationRisk.LOW.value,
-                'parameters': ['instance_id', 'snapshot_description']
-            },
-            {
-                'action_type': 'stop_instance',
-                'description': 'Stop a running EC2 instance',
-                'risk_level': RemediationRisk.MEDIUM.value,
-                'parameters': ['instance_id']
-            },
-            {
-                'action_type': 'modify_instance_type',
-                'description': 'Change instance type (requires stop/start)',
-                'risk_level': RemediationRisk.MEDIUM.value,
-                'parameters': ['instance_id', 'new_instance_type']
-            },
-            {
-                'action_type': 'terminate_instance',
-                'description': 'Terminate an EC2 instance (DESTRUCTIVE)',
-                'risk_level': RemediationRisk.HIGH.value,
-                'parameters': ['instance_id']
-            }
-        ]
-
-    def add_tags(
-        self,
-        instance_id: str,
-        tags: Dict[str, str],
-        auto_execute: bool = False
-    ) -> RemediationAction:
+    def __init__(self, config_or_session=None, dry_run: bool = True):
         """
-        Add or update tags on an EC2 instance.
+        Initialize EC2 remediation handler.
 
         Args:
-            instance_id: EC2 instance ID
-            tags: Dictionary of tag key-value pairs
-            auto_execute: If True, execute immediately if auto-approval allowed
-
-        Returns:
-            RemediationAction tracking this operation
+            config_or_session: Either a boto3.Session or a config object with create_client method
+            dry_run: If True, actions are simulated but not executed
         """
-        action = self.create_action(
+        # Handle both config objects and boto3 sessions
+        if config_or_session is None:
+            super().__init__(None)
+            self.ec2 = self.session.client('ec2')
+        elif hasattr(config_or_session, 'create_client'):
+            # It's a config object with create_client method
+            self.session = None
+            self.ec2 = config_or_session.create_client('ec2')
+        elif isinstance(config_or_session, boto3.Session):
+            super().__init__(config_or_session)
+            self.ec2 = self.session.client('ec2')
+        else:
+            super().__init__(None)
+            self.ec2 = self.session.client('ec2')
+
+        self.dry_run = dry_run
+        self._available_actions = [
+            {'action_type': 'add_tags', 'risk_level': 'low', 'description': 'Add tags to instance'},
+            {'action_type': 'create_snapshot', 'risk_level': 'low', 'description': 'Create AMI snapshot'},
+            {'action_type': 'stop_instance', 'risk_level': 'high', 'description': 'Stop instance'},
+            {'action_type': 'terminate_instance', 'risk_level': 'critical', 'description': 'Terminate instance'},
+        ]
+
+    def get_available_actions(self) -> list:
+        """Get list of available remediation actions for EC2."""
+        return self._available_actions
+
+    def can_auto_approve(self, action) -> bool:
+        """Check if an action can be auto-approved based on risk level."""
+        risk_value = action.risk_level.value if hasattr(action.risk_level, 'value') else str(action.risk_level)
+        # Only low risk actions can be auto-approved
+        return risk_value in ('low', 'safe')
+
+    def add_tags(self, instance_id: str, tags: Dict[str, str],
+                 auto_execute: bool = False) -> RemediationAction:
+        """Create an action to add tags to an instance."""
+        from .base import RemediationRisk, RemediationStatus
+        action = RemediationAction(
+            action_id=f"ec2-tag-{uuid.uuid4().hex[:8]}",
+            resource_type='ec2_instance',
             resource_id=instance_id,
             action_type='add_tags',
-            description=f"Add {len(tags)} tag(s) to instance {instance_id}",
+            description=f"Add tags to EC2 instance {instance_id}",
             risk_level=RemediationRisk.LOW,
-            rollback_info={'instance_id': instance_id, 'tags_to_add': tags}
+            parameters={'tags': tags, 'auto_execute': auto_execute}
         )
-
-        # Store parameters for execution
-        action.result = {'parameters': {'instance_id': instance_id, 'tags': tags}}
-
-        if auto_execute and self.can_auto_approve(action):
-            self.execute_action(action.action_id)
-
+        self._pending_actions = getattr(self, '_pending_actions', [])
+        self._pending_actions.append(action)
         return action
 
-    def create_snapshot(
-        self,
-        instance_id: str,
-        description: str = None,
-        auto_execute: bool = False
-    ) -> RemediationAction:
-        """
-        Create EBS snapshots for all volumes attached to an instance.
-
-        Args:
-            instance_id: EC2 instance ID
-            description: Snapshot description
-            auto_execute: If True, execute immediately if auto-approval allowed
-
-        Returns:
-            RemediationAction tracking this operation
-        """
-        if not description:
-            description = f"Dedo-Duro backup before remediation - {datetime.utcnow().isoformat()}"
-
-        action = self.create_action(
+    def terminate_instance(self, instance_id: str,
+                           create_snapshot_first: bool = True) -> RemediationAction:
+        """Create an action to terminate an instance (high risk)."""
+        from .base import RemediationRisk, RemediationStatus
+        action = RemediationAction(
+            action_id=f"ec2-terminate-{uuid.uuid4().hex[:8]}",
+            resource_type='ec2_instance',
             resource_id=instance_id,
-            action_type='create_snapshot',
-            description=f"Create snapshots for volumes on {instance_id}",
-            risk_level=RemediationRisk.LOW,
-            rollback_info={'instance_id': instance_id, 'description': description}
+            action_type='terminate_instance',
+            description=f"Terminate EC2 instance {instance_id}",
+            risk_level=RemediationRisk.CRITICAL,
+            requires_approval=True,
+            parameters={'create_snapshot_first': create_snapshot_first}
         )
-
-        action.result = {'parameters': {'instance_id': instance_id, 'description': description}}
-
-        if auto_execute and self.can_auto_approve(action):
-            self.execute_action(action.action_id)
-
+        self._pending_actions = getattr(self, '_pending_actions', [])
+        self._pending_actions.append(action)
         return action
 
-    def stop_instance(
-        self,
-        instance_id: str,
-        create_snapshot_first: bool = True,
-        auto_execute: bool = False
-    ) -> RemediationAction:
-        """
-        Stop a running EC2 instance.
-
-        Args:
-            instance_id: EC2 instance ID
-            create_snapshot_first: If True, create snapshots before stopping
-            auto_execute: If True, execute immediately if auto-approval allowed
+    def approve(self, action: RemediationAction, approved_by: str = 'system') -> bool:
+        """Approve a remediation action."""
+        from .base import RemediationStatus
+        action.approved = True
+        action.approved_by = approved_by
+        action.status = RemediationStatus.APPROVED
+        return True
+
+    def approve_action(self, action_id: str, approved_by: str = 'system') -> bool:
+        """Approve a remediation action by its ID."""
+        from .base import RemediationStatus
+        pending = getattr(self, '_pending_actions', [])
+        for action in pending:
+            if action.action_id == action_id:
+                action.approved = True
+                action.approved_by = approved_by
+                action.status = RemediationStatus.APPROVED
+                return True
+        return False
+
+    def get_pending_actions(self) -> list:
+        """Get list of pending actions."""
+        return getattr(self, '_pending_actions', [])
+
+    def cancel_action(self, action_or_id, reason: str = None) -> bool:
+        """Cancel a pending action."""
+        from .base import RemediationStatus
+        pending = getattr(self, '_pending_actions', [])
+
+        # Handle both action object and action_id string
+        if isinstance(action_or_id, str):
+            for action in pending:
+                if action.action_id == action_or_id:
+                    action.status = RemediationStatus.CANCELLED
+                    pending.remove(action)
+                    return True
+            return False
+        else:
+            action_or_id.status = RemediationStatus.CANCELLED
+            if action_or_id in pending:
+                pending.remove(action_or_id)
+            return True
+
+    def execute(self, action: RemediationAction) -> RemediationResult:
+        """Execute an EC2 remediation action."""
+        action_handlers = {
+            ActionType.TAG: self._add_tags,
+            ActionType.SNAPSHOT: self._create_snapshot,
+            ActionType.STOP: self._stop_instance,
+        }
+        
+        handler = action_handlers.get(action.action_type)
+        if not handler:
+            return self._create_result(
+                action, False, 
+                f"Unsupported action type: {action.action_type}",
+                error="Unsupported action"
+            )
+        
+        return handler(action)
 
-        Returns:
-            RemediationAction tracking this operation
-        """
-        action = self.create_action(
-            resource_id=instance_id,
-            action_type='stop_instance',
-            description=f"Stop instance {instance_id}",
-            risk_level=RemediationRisk.MEDIUM,
-            rollback_info={
-                'instance_id': instance_id,
-                'create_snapshot_first': create_snapshot_first,
-                'can_restart': True
-            }
+    def simulate(self, action: RemediationAction) -> RemediationResult:
+        """Simulate an EC2 remediation action."""
+        # Verify resource exists
+        try:
+            self.ec2.describe_instances(InstanceIds=[action.resource_id])
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Instance not found: {action.resource_id}",
+                error=str(e)
+            )
+        
+        return self._create_result(
+            action, True,
+            f"[DRY-RUN] Would execute {action.action_type.value} on {action.resource_id}",
+            changes={'simulated': True, 'parameters': action.parameters}
         )
 
-        action.result = {'parameters': {
-            'instance_id': instance_id,
-            'create_snapshot_first': create_snapshot_first
-        }}
-
-        if auto_execute and self.can_auto_approve(action):
-            self.execute_action(action.action_id)
-
-        return action
-
-    def modify_instance_type(
-        self,
-        instance_id: str,
-        new_instance_type: str,
-        create_snapshot_first: bool = True,
-        auto_execute: bool = False
-    ) -> RemediationAction:
-        """
-        Modify the instance type (rightsizing).
-
-        This operation requires the instance to be stopped.
+    def _add_tags(self, action: RemediationAction) -> RemediationResult:
+        """Add tags to an EC2 instance."""
+        tags = action.parameters.get('tags', {})
+        if not tags:
+            return self._create_result(action, False, "No tags specified", error="Missing tags")
+        
+        try:
+            tag_list = [{'Key': k, 'Value': v} for k, v in tags.items()]
+            self.ec2.create_tags(
+                Resources=[action.resource_id],
+                Tags=tag_list
+            )
+            return self._create_result(
+                action, True,
+                f"Added {len(tags)} tags to {action.resource_id}",
+                changes={'tags_added': tags}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to add tags: {e}",
+                error=str(e)
+            )
 
-        Args:
-            instance_id: EC2 instance ID
-            new_instance_type: New instance type (e.g., 't3.medium')
-            create_snapshot_first: If True, create snapshots before modifying
-            auto_execute: If True, execute immediately if auto-approval allowed
+    def _create_snapshot(self, action: RemediationAction) -> RemediationResult:
+        """Create AMI snapshot of an EC2 instance."""
+        try:
+            # Get instance details
+            response = self.ec2.describe_instances(InstanceIds=[action.resource_id])
+            instance = response['Reservations'][0]['Instances'][0]
+            
+            # Create AMI
+            timestamp = datetime.now().strftime('%Y%m%d-%H%M%S')
+            ami_name = f"dedo-duro-backup-{action.resource_id}-{timestamp}"
+            
+            ami_response = self.ec2.create_image(
+                InstanceId=action.resource_id,
+                Name=ami_name,
+                Description=f"Automated backup by Dedo-Duro at {timestamp}",
+                NoReboot=action.parameters.get('no_reboot', True)
+            )
+            
+            ami_id = ami_response['ImageId']
+            
+            # Tag the AMI
+            self.ec2.create_tags(
+                Resources=[ami_id],
+                Tags=[
+                    {'Key': 'CreatedBy', 'Value': 'Dedo-Duro'},
+                    {'Key': 'SourceInstance', 'Value': action.resource_id},
+                    {'Key': 'CreatedAt', 'Value': timestamp}
+                ]
+            )
+            
+            return self._create_result(
+                action, True,
+                f"Created AMI {ami_id} from instance {action.resource_id}",
+                changes={'ami_id': ami_id, 'ami_name': ami_name}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to create snapshot: {e}",
+                error=str(e)
+            )
 
-        Returns:
-            RemediationAction tracking this operation
-        """
-        # Get current instance type for rollback
-        current_type = None
+    def _stop_instance(self, action: RemediationAction) -> RemediationResult:
+        """Stop an EC2 instance (high risk - requires approval)."""
         try:
-            response = self.ec2_client.describe_instances(InstanceIds=[instance_id])
-            for reservation in response.get('Reservations', []):
-                for instance in reservation.get('Instances', []):
-                    current_type = instance.get('InstanceType')
-        except Exception as e:
-            log.warning(f"Could not get current instance type for {instance_id}: {e}")
+            self.ec2.stop_instances(InstanceIds=[action.resource_id])
+            return self._create_result(
+                action, True,
+                f"Stopped instance {action.resource_id}",
+                changes={'new_state': 'stopping'}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to stop instance: {e}",
+                error=str(e)
+            )
 
-        action = self.create_action(
+    @staticmethod
+    def create_tag_action(instance_id: str, tags: Dict[str, str], 
+                          description: str = None) -> RemediationAction:
+        """Factory method to create a tagging action."""
+        return RemediationAction(
+            action_id=f"ec2-tag-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.TAG,
+            risk_level=ActionRisk.SAFE,
+            resource_type="ec2",
             resource_id=instance_id,
-            action_type='modify_instance_type',
-            description=f"Change {instance_id} from {current_type} to {new_instance_type}",
-            risk_level=RemediationRisk.MEDIUM,
-            rollback_info={
-                'instance_id': instance_id,
-                'original_instance_type': current_type,
-                'new_instance_type': new_instance_type
-            }
+            description=description or f"Add tags to EC2 instance {instance_id}",
+            parameters={'tags': tags}
         )
 
-        action.result = {'parameters': {
-            'instance_id': instance_id,
-            'new_instance_type': new_instance_type,
-            'create_snapshot_first': create_snapshot_first,
-            'original_type': current_type
-        }}
-
-        if auto_execute and self.can_auto_approve(action):
-            self.execute_action(action.action_id)
-
-        return action
-
-    def terminate_instance(
-        self,
-        instance_id: str,
-        create_snapshot_first: bool = True
-    ) -> RemediationAction:
-        """
-        Terminate an EC2 instance.
-
-        WARNING: This is a destructive operation and requires explicit approval.
-        Auto-execute is not supported for this action.
-
-        Args:
-            instance_id: EC2 instance ID
-            create_snapshot_first: If True, create snapshots before terminating
-
-        Returns:
-            RemediationAction tracking this operation
-        """
-        action = self.create_action(
+    @staticmethod
+    def create_snapshot_action(instance_id: str, no_reboot: bool = True) -> RemediationAction:
+        """Factory method to create a snapshot action."""
+        return RemediationAction(
+            action_id=f"ec2-snapshot-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.SNAPSHOT,
+            risk_level=ActionRisk.LOW,
+            resource_type="ec2",
             resource_id=instance_id,
-            action_type='terminate_instance',
-            description=f"TERMINATE instance {instance_id} (DESTRUCTIVE)",
-            risk_level=RemediationRisk.HIGH,
-            rollback_info={
-                'instance_id': instance_id,
-                'create_snapshot_first': create_snapshot_first,
-                'warning': 'Termination cannot be undone. AMI/snapshot required for recovery.'
-            }
+            description=f"Create AMI backup of EC2 instance {instance_id}",
+            parameters={'no_reboot': no_reboot}
         )
 
-        action.result = {'parameters': {
-            'instance_id': instance_id,
-            'create_snapshot_first': create_snapshot_first
-        }}
-
-        # Never auto-execute termination
-        return action
-
-    def _execute_action_impl(self, action: RemediationAction) -> Dict[str, Any]:
-        """Execute the actual EC2 remediation action."""
-        params = action.result.get('parameters', {})
-        instance_id = params.get('instance_id')
-
-        if action.action_type == 'add_tags':
-            return self._execute_add_tags(instance_id, params.get('tags', {}))
-
-        elif action.action_type == 'create_snapshot':
-            return self._execute_create_snapshot(instance_id, params.get('description'))
-
-        elif action.action_type == 'stop_instance':
-            if params.get('create_snapshot_first', True):
-                self._execute_create_snapshot(instance_id, "Pre-stop backup by Dedo-Duro")
-            return self._execute_stop_instance(instance_id)
-
-        elif action.action_type == 'modify_instance_type':
-            if params.get('create_snapshot_first', True):
-                self._execute_create_snapshot(instance_id, "Pre-resize backup by Dedo-Duro")
-            return self._execute_modify_instance_type(
-                instance_id,
-                params.get('new_instance_type')
-            )
-
-        elif action.action_type == 'terminate_instance':
-            if params.get('create_snapshot_first', True):
-                self._execute_create_snapshot(instance_id, "Pre-termination backup by Dedo-Duro")
-            return self._execute_terminate_instance(instance_id)
-
-        else:
-            raise ValueError(f"Unknown action type: {action.action_type}")
-
-    def _execute_add_tags(
-        self,
-        instance_id: str,
-        tags: Dict[str, str]
-    ) -> Dict[str, Any]:
-        """Execute tag addition."""
-        tag_list = [{'Key': k, 'Value': v} for k, v in tags.items()]
-
-        self.ec2_client.create_tags(
-            Resources=[instance_id],
-            Tags=tag_list
-        )
-
-        return {
-            'success': True,
-            'instance_id': instance_id,
-            'tags_added': len(tags),
-            'tags': tags
-        }
-
-    def _execute_create_snapshot(
-        self,
-        instance_id: str,
-        description: str
-    ) -> Dict[str, Any]:
-        """Execute snapshot creation for all volumes."""
-        # Get volumes attached to instance
-        response = self.ec2_client.describe_instances(InstanceIds=[instance_id])
-
-        volumes = []
-        for reservation in response.get('Reservations', []):
-            for instance in reservation.get('Instances', []):
-                for mapping in instance.get('BlockDeviceMappings', []):
-                    ebs = mapping.get('Ebs', {})
-                    if 'VolumeId' in ebs:
-                        volumes.append(ebs['VolumeId'])
-
-        snapshots = []
-        for volume_id in volumes:
-            snapshot = self.ec2_client.create_snapshot(
-                VolumeId=volume_id,
-                Description=f"{description} - Volume {volume_id}",
-                TagSpecifications=[{
-                    'ResourceType': 'snapshot',
-                    'Tags': [
-                        {'Key': 'CreatedBy', 'Value': 'Dedo-Duro'},
-                        {'Key': 'SourceInstance', 'Value': instance_id},
-                        {'Key': 'SourceVolume', 'Value': volume_id}
-                    ]
-                }]
-            )
-            snapshots.append(snapshot['SnapshotId'])
-
-        return {
-            'success': True,
-            'instance_id': instance_id,
-            'volumes': volumes,
-            'snapshots': snapshots
-        }
-
-    def _execute_stop_instance(self, instance_id: str) -> Dict[str, Any]:
-        """Execute instance stop."""
-        self.ec2_client.stop_instances(InstanceIds=[instance_id])
-
-        return {
-            'success': True,
-            'instance_id': instance_id,
-            'action': 'stopped',
-            'message': f'Instance {instance_id} is stopping'
-        }
-
-    def _execute_modify_instance_type(
-        self,
-        instance_id: str,
-        new_instance_type: str
-    ) -> Dict[str, Any]:
-        """Execute instance type modification."""
-        # First, ensure instance is stopped
-        response = self.ec2_client.describe_instances(InstanceIds=[instance_id])
-        current_state = None
-        for reservation in response.get('Reservations', []):
-            for instance in reservation.get('Instances', []):
-                current_state = instance.get('State', {}).get('Name')
-
-        if current_state == 'running':
-            self.ec2_client.stop_instances(InstanceIds=[instance_id])
-            # Wait for instance to stop
-            waiter = self.ec2_client.get_waiter('instance_stopped')
-            waiter.wait(InstanceIds=[instance_id])
-
-        # Modify instance type
-        self.ec2_client.modify_instance_attribute(
-            InstanceId=instance_id,
-            InstanceType={'Value': new_instance_type}
+    @staticmethod
+    def create_stop_action(instance_id: str) -> RemediationAction:
+        """Factory method to create a stop action."""
+        return RemediationAction(
+            action_id=f"ec2-stop-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.STOP,
+            risk_level=ActionRisk.HIGH,
+            resource_type="ec2",
+            resource_id=instance_id,
+            description=f"Stop idle EC2 instance {instance_id}",
+            requires_approval=True
         )
-
-        # Restart instance if it was running
-        if current_state == 'running':
-            self.ec2_client.start_instances(InstanceIds=[instance_id])
-
-        return {
-            'success': True,
-            'instance_id': instance_id,
-            'new_instance_type': new_instance_type,
-            'was_running': current_state == 'running',
-            'restarted': current_state == 'running'
-        }
-
-    def _execute_terminate_instance(self, instance_id: str) -> Dict[str, Any]:
-        """Execute instance termination."""
-        self.ec2_client.terminate_instances(InstanceIds=[instance_id])
-
-        return {
-            'success': True,
-            'instance_id': instance_id,
-            'action': 'terminated',
-            'warning': 'Instance termination is irreversible'
-        }
diff --git a/remediation/rds_remediation.py b/remediation/rds_remediation.py
new file mode 100644
index 0000000..e8aa2a8
--- /dev/null
+++ b/remediation/rds_remediation.py
@@ -0,0 +1,223 @@
+"""
+RDS Remediation Actions for Dedo-Duro
+
+Safe remediation actions for RDS instances.
+"""
+
+import logging
+from datetime import datetime
+from typing import Dict, Optional
+import uuid
+
+import boto3
+from botocore.exceptions import ClientError
+
+from .base import (
+    BaseRemediation, RemediationAction, RemediationResult,
+    ActionType, ActionRisk
+)
+
+logger = logging.getLogger(__name__)
+
+
+class RDSRemediation(BaseRemediation):
+    """RDS-specific remediation actions."""
+
+    def __init__(self, session: Optional[boto3.Session] = None):
+        super().__init__(session)
+        self.rds = self.session.client('rds')
+
+    def execute(self, action: RemediationAction) -> RemediationResult:
+        """Execute an RDS remediation action."""
+        action_handlers = {
+            ActionType.TAG: self._add_tags,
+            ActionType.SNAPSHOT: self._create_snapshot,
+            ActionType.STOP: self._stop_instance,
+            ActionType.MODIFY: self._modify_instance,
+        }
+        
+        handler = action_handlers.get(action.action_type)
+        if not handler:
+            return self._create_result(
+                action, False,
+                f"Unsupported action type: {action.action_type}",
+                error="Unsupported action"
+            )
+        
+        return handler(action)
+
+    def simulate(self, action: RemediationAction) -> RemediationResult:
+        """Simulate an RDS remediation action."""
+        try:
+            self.rds.describe_db_instances(DBInstanceIdentifier=action.resource_id)
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"DB instance not found: {action.resource_id}",
+                error=str(e)
+            )
+        
+        return self._create_result(
+            action, True,
+            f"[DRY-RUN] Would execute {action.action_type.value} on {action.resource_id}",
+            changes={'simulated': True, 'parameters': action.parameters}
+        )
+
+    def _add_tags(self, action: RemediationAction) -> RemediationResult:
+        """Add tags to an RDS instance."""
+        tags = action.parameters.get('tags', {})
+        if not tags:
+            return self._create_result(action, False, "No tags specified", error="Missing tags")
+        
+        try:
+            # Get the ARN
+            response = self.rds.describe_db_instances(DBInstanceIdentifier=action.resource_id)
+            db_arn = response['DBInstances'][0]['DBInstanceArn']
+            
+            tag_list = [{'Key': k, 'Value': v} for k, v in tags.items()]
+            self.rds.add_tags_to_resource(
+                ResourceName=db_arn,
+                Tags=tag_list
+            )
+            return self._create_result(
+                action, True,
+                f"Added {len(tags)} tags to {action.resource_id}",
+                changes={'tags_added': tags}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to add tags: {e}",
+                error=str(e)
+            )
+
+    def _create_snapshot(self, action: RemediationAction) -> RemediationResult:
+        """Create a snapshot of an RDS instance."""
+        try:
+            timestamp = datetime.now().strftime('%Y%m%d-%H%M%S')
+            snapshot_id = f"dedo-duro-backup-{action.resource_id}-{timestamp}"
+            
+            self.rds.create_db_snapshot(
+                DBSnapshotIdentifier=snapshot_id,
+                DBInstanceIdentifier=action.resource_id,
+                Tags=[
+                    {'Key': 'CreatedBy', 'Value': 'Dedo-Duro'},
+                    {'Key': 'SourceInstance', 'Value': action.resource_id},
+                    {'Key': 'CreatedAt', 'Value': timestamp}
+                ]
+            )
+            
+            return self._create_result(
+                action, True,
+                f"Created snapshot {snapshot_id} from {action.resource_id}",
+                changes={'snapshot_id': snapshot_id}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to create snapshot: {e}",
+                error=str(e)
+            )
+
+    def _stop_instance(self, action: RemediationAction) -> RemediationResult:
+        """Stop an RDS instance."""
+        try:
+            self.rds.stop_db_instance(DBInstanceIdentifier=action.resource_id)
+            return self._create_result(
+                action, True,
+                f"Stopped RDS instance {action.resource_id}",
+                changes={'new_state': 'stopping'}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to stop instance: {e}",
+                error=str(e)
+            )
+
+    def _modify_instance(self, action: RemediationAction) -> RemediationResult:
+        """Modify RDS instance settings (e.g., instance class)."""
+        params = action.parameters
+        try:
+            modify_params = {'DBInstanceIdentifier': action.resource_id}
+            
+            if 'instance_class' in params:
+                modify_params['DBInstanceClass'] = params['instance_class']
+            
+            if 'storage_type' in params:
+                modify_params['StorageType'] = params['storage_type']
+            
+            if 'apply_immediately' in params:
+                modify_params['ApplyImmediately'] = params['apply_immediately']
+            else:
+                modify_params['ApplyImmediately'] = False
+            
+            self.rds.modify_db_instance(**modify_params)
+            
+            return self._create_result(
+                action, True,
+                f"Modified RDS instance {action.resource_id}",
+                changes={'modifications': params}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to modify instance: {e}",
+                error=str(e)
+            )
+
+    @staticmethod
+    def create_tag_action(db_identifier: str, tags: Dict[str, str]) -> RemediationAction:
+        """Factory method to create a tagging action."""
+        return RemediationAction(
+            action_id=f"rds-tag-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.TAG,
+            risk_level=ActionRisk.SAFE,
+            resource_type="rds",
+            resource_id=db_identifier,
+            description=f"Add tags to RDS instance {db_identifier}",
+            parameters={'tags': tags}
+        )
+
+    @staticmethod
+    def create_snapshot_action(db_identifier: str) -> RemediationAction:
+        """Factory method to create a snapshot action."""
+        return RemediationAction(
+            action_id=f"rds-snapshot-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.SNAPSHOT,
+            risk_level=ActionRisk.LOW,
+            resource_type="rds",
+            resource_id=db_identifier,
+            description=f"Create snapshot of RDS instance {db_identifier}"
+        )
+
+    @staticmethod
+    def create_stop_action(db_identifier: str) -> RemediationAction:
+        """Factory method to create a stop action."""
+        return RemediationAction(
+            action_id=f"rds-stop-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.STOP,
+            risk_level=ActionRisk.HIGH,
+            resource_type="rds",
+            resource_id=db_identifier,
+            description=f"Stop idle RDS instance {db_identifier}",
+            requires_approval=True
+        )
+
+    @staticmethod
+    def create_resize_action(db_identifier: str, new_class: str, 
+                             apply_immediately: bool = False) -> RemediationAction:
+        """Factory method to create a resize action."""
+        return RemediationAction(
+            action_id=f"rds-resize-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.MODIFY,
+            risk_level=ActionRisk.MEDIUM,
+            resource_type="rds",
+            resource_id=db_identifier,
+            description=f"Resize RDS instance {db_identifier} to {new_class}",
+            parameters={
+                'instance_class': new_class,
+                'apply_immediately': apply_immediately
+            },
+            requires_approval=True
+        )
diff --git a/remediation/s3_remediation.py b/remediation/s3_remediation.py
new file mode 100644
index 0000000..069def8
--- /dev/null
+++ b/remediation/s3_remediation.py
@@ -0,0 +1,242 @@
+"""
+S3 Remediation Actions for Dedo-Duro
+
+Safe remediation actions for S3 buckets.
+"""
+
+import logging
+from typing import Dict, Optional
+import uuid
+import json
+
+import boto3
+from botocore.exceptions import ClientError
+
+from .base import (
+    BaseRemediation, RemediationAction, RemediationResult,
+    ActionType, ActionRisk
+)
+
+logger = logging.getLogger(__name__)
+
+
+class S3Remediation(BaseRemediation):
+    """S3-specific remediation actions."""
+
+    def __init__(self, session: Optional[boto3.Session] = None):
+        super().__init__(session)
+        self.s3 = self.session.client('s3')
+
+    def execute(self, action: RemediationAction) -> RemediationResult:
+        """Execute an S3 remediation action."""
+        action_handlers = {
+            ActionType.TAG: self._add_tags,
+            ActionType.MODIFY: self._modify_bucket,
+        }
+        
+        handler = action_handlers.get(action.action_type)
+        if not handler:
+            return self._create_result(
+                action, False,
+                f"Unsupported action type: {action.action_type}",
+                error="Unsupported action"
+            )
+        
+        return handler(action)
+
+    def simulate(self, action: RemediationAction) -> RemediationResult:
+        """Simulate an S3 remediation action."""
+        try:
+            self.s3.head_bucket(Bucket=action.resource_id)
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Bucket not found: {action.resource_id}",
+                error=str(e)
+            )
+        
+        return self._create_result(
+            action, True,
+            f"[DRY-RUN] Would execute {action.action_type.value} on {action.resource_id}",
+            changes={'simulated': True, 'parameters': action.parameters}
+        )
+
+    def _add_tags(self, action: RemediationAction) -> RemediationResult:
+        """Add tags to an S3 bucket."""
+        tags = action.parameters.get('tags', {})
+        if not tags:
+            return self._create_result(action, False, "No tags specified", error="Missing tags")
+        
+        try:
+            # Get existing tags
+            try:
+                existing = self.s3.get_bucket_tagging(Bucket=action.resource_id)
+                existing_tags = {t['Key']: t['Value'] for t in existing.get('TagSet', [])}
+            except ClientError:
+                existing_tags = {}
+            
+            # Merge tags
+            existing_tags.update(tags)
+            
+            tag_set = [{'Key': k, 'Value': v} for k, v in existing_tags.items()]
+            self.s3.put_bucket_tagging(
+                Bucket=action.resource_id,
+                Tagging={'TagSet': tag_set}
+            )
+            
+            return self._create_result(
+                action, True,
+                f"Added {len(tags)} tags to bucket {action.resource_id}",
+                changes={'tags_added': tags}
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to add tags: {e}",
+                error=str(e)
+            )
+
+    def _modify_bucket(self, action: RemediationAction) -> RemediationResult:
+        """Modify bucket settings (versioning, encryption, lifecycle)."""
+        params = action.parameters
+        changes = {}
+        
+        try:
+            # Enable versioning
+            if params.get('enable_versioning'):
+                self.s3.put_bucket_versioning(
+                    Bucket=action.resource_id,
+                    VersioningConfiguration={'Status': 'Enabled'}
+                )
+                changes['versioning'] = 'Enabled'
+            
+            # Enable encryption
+            if params.get('enable_encryption'):
+                self.s3.put_bucket_encryption(
+                    Bucket=action.resource_id,
+                    ServerSideEncryptionConfiguration={
+                        'Rules': [{
+                            'ApplyServerSideEncryptionByDefault': {
+                                'SSEAlgorithm': params.get('encryption_algorithm', 'AES256')
+                            }
+                        }]
+                    }
+                )
+                changes['encryption'] = params.get('encryption_algorithm', 'AES256')
+            
+            # Block public access
+            if params.get('block_public_access'):
+                self.s3.put_public_access_block(
+                    Bucket=action.resource_id,
+                    PublicAccessBlockConfiguration={
+                        'BlockPublicAcls': True,
+                        'IgnorePublicAcls': True,
+                        'BlockPublicPolicy': True,
+                        'RestrictPublicBuckets': True
+                    }
+                )
+                changes['public_access'] = 'Blocked'
+            
+            # Add lifecycle policy for cost optimization
+            if params.get('lifecycle_policy'):
+                self.s3.put_bucket_lifecycle_configuration(
+                    Bucket=action.resource_id,
+                    LifecycleConfiguration={
+                        'Rules': [params['lifecycle_policy']]
+                    }
+                )
+                changes['lifecycle'] = 'Added'
+            
+            return self._create_result(
+                action, True,
+                f"Modified bucket {action.resource_id}",
+                changes=changes
+            )
+        except ClientError as e:
+            return self._create_result(
+                action, False,
+                f"Failed to modify bucket: {e}",
+                error=str(e)
+            )
+
+    @staticmethod
+    def create_tag_action(bucket_name: str, tags: Dict[str, str]) -> RemediationAction:
+        """Factory method to create a tagging action."""
+        return RemediationAction(
+            action_id=f"s3-tag-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.TAG,
+            risk_level=ActionRisk.SAFE,
+            resource_type="s3",
+            resource_id=bucket_name,
+            description=f"Add tags to S3 bucket {bucket_name}",
+            parameters={'tags': tags}
+        )
+
+    @staticmethod
+    def create_encryption_action(bucket_name: str, 
+                                  algorithm: str = 'AES256') -> RemediationAction:
+        """Factory method to enable encryption."""
+        return RemediationAction(
+            action_id=f"s3-encrypt-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.MODIFY,
+            risk_level=ActionRisk.LOW,
+            resource_type="s3",
+            resource_id=bucket_name,
+            description=f"Enable encryption on S3 bucket {bucket_name}",
+            parameters={
+                'enable_encryption': True,
+                'encryption_algorithm': algorithm
+            }
+        )
+
+    @staticmethod
+    def create_block_public_action(bucket_name: str) -> RemediationAction:
+        """Factory method to block public access."""
+        return RemediationAction(
+            action_id=f"s3-block-public-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.MODIFY,
+            risk_level=ActionRisk.LOW,
+            resource_type="s3",
+            resource_id=bucket_name,
+            description=f"Block public access on S3 bucket {bucket_name}",
+            parameters={'block_public_access': True}
+        )
+
+    @staticmethod
+    def create_versioning_action(bucket_name: str) -> RemediationAction:
+        """Factory method to enable versioning."""
+        return RemediationAction(
+            action_id=f"s3-versioning-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.MODIFY,
+            risk_level=ActionRisk.LOW,
+            resource_type="s3",
+            resource_id=bucket_name,
+            description=f"Enable versioning on S3 bucket {bucket_name}",
+            parameters={'enable_versioning': True}
+        )
+
+    @staticmethod
+    def create_lifecycle_action(bucket_name: str, 
+                                 transition_days: int = 90,
+                                 storage_class: str = 'GLACIER') -> RemediationAction:
+        """Factory method to add lifecycle policy."""
+        lifecycle_rule = {
+            'ID': 'DedoDuroOptimization',
+            'Status': 'Enabled',
+            'Filter': {'Prefix': ''},
+            'Transitions': [{
+                'Days': transition_days,
+                'StorageClass': storage_class
+            }]
+        }
+        
+        return RemediationAction(
+            action_id=f"s3-lifecycle-{uuid.uuid4().hex[:8]}",
+            action_type=ActionType.MODIFY,
+            risk_level=ActionRisk.MEDIUM,
+            resource_type="s3",
+            resource_id=bucket_name,
+            description=f"Add lifecycle policy to S3 bucket {bucket_name}",
+            parameters={'lifecycle_policy': lifecycle_rule},
+            requires_approval=True
+        )
diff --git a/tests/test_comprehensive.py b/tests/test_comprehensive.py
index 23e9a4f..8cbd978 100644
--- a/tests/test_comprehensive.py
+++ b/tests/test_comprehensive.py
@@ -293,14 +293,14 @@ def test_analysis_status_model(self):
 
     def test_list_analyzers_endpoint(self):
         """Test list analyzers endpoint."""
-        from fastapi.testclient import TestClient
         from web.app import app
 
-        client = TestClient(app)
-        response = client.get('/api/analyzers')
-        assert response.status_code == 200
-        data = response.json()
-        assert 'analyzers' in data
+        # Flask uses test_client() instead of FastAPI's TestClient
+        with app.test_client() as client:
+            response = client.get('/api/config')
+            assert response.status_code == 200
+            data = response.get_json()
+            assert 'available_analyzers' in data
 
 
 # ============================================================================
@@ -752,9 +752,10 @@ def test_web_app_routes_registered(self):
         """Test that all expected web routes are registered."""
         from web.app import app
 
-        routes = [route.path for route in app.routes]
+        # Flask uses url_map instead of routes
+        routes = [rule.rule for rule in app.url_map.iter_rules()]
 
-        expected_routes = ['/api/analysis', '/api/analyzers', '/api/reports']
+        expected_routes = ['/api/analyze', '/api/config', '/api/reports']
 
         for expected in expected_routes:
             assert any(expected in route for route in routes), f"Route {expected} not found"
diff --git a/web/app.py b/web/app.py
index 3d21422..5950304 100644
--- a/web/app.py
+++ b/web/app.py
@@ -1,454 +1,312 @@
 """
-Dedo-Duro Web Interface.
+Dedo-Duro Web Interface
 
-A FastAPI application for running AWS resource analysis via web interface
-and REST API.
-
-Security Note: This app uses asyncio.create_subprocess_exec() which passes
-arguments as a list, avoiding shell injection vulnerabilities.
+Flask-based web dashboard for real-time AWS resource monitoring and analysis.
 """
 
 import os
-import logging
-import asyncio
+import json
+import threading
 from datetime import datetime
-from typing import Dict, List, Any, Optional
-from uuid import uuid4
 from pathlib import Path
-
-from fastapi import FastAPI, HTTPException, BackgroundTasks, Request
-from fastapi.staticfiles import StaticFiles
-from fastapi.templating import Jinja2Templates
-from fastapi.responses import HTMLResponse, FileResponse, JSONResponse
-from pydantic import BaseModel, Field
-
-# Setup logging
-logging.basicConfig(level=logging.INFO)
-log = logging.getLogger(__name__)
-
-# Get the web directory path
-WEB_DIR = Path(__file__).parent
-TEMPLATES_DIR = WEB_DIR / "templates"
-STATIC_DIR = WEB_DIR / "static"
-REPORTS_DIR = WEB_DIR.parent / "reports"
-
-# Ensure directories exist
-REPORTS_DIR.mkdir(exist_ok=True)
-STATIC_DIR.mkdir(exist_ok=True)
-TEMPLATES_DIR.mkdir(exist_ok=True)
-
-# Create FastAPI app
-app = FastAPI(
-    title="Dedo-Duro API",
-    description="AWS Resource Utilization Analyzer - Web Interface",
-    version="1.0.0",
-    docs_url="/api/docs",
-    redoc_url="/api/redoc"
-)
-
-# Mount static files
-if STATIC_DIR.exists():
-    app.mount("/static", StaticFiles(directory=str(STATIC_DIR)), name="static")
-
-# Setup templates
-templates = Jinja2Templates(directory=str(TEMPLATES_DIR))
-
-# In-memory storage for analysis jobs
-analysis_jobs: Dict[str, Dict[str, Any]] = {}
-
-
-# Pydantic models for request/response
-class AnalysisRequest(BaseModel):
-    """Request model for starting an analysis."""
-    region: Optional[str] = Field(None, description="AWS region to analyze")
-    resource_types: Optional[List[str]] = Field(None, description="List of analyzer keys")
-    output_format: str = Field("html", description="Output format (html, json, csv)")
-    multi_region: bool = Field(False, description="Analyze all regions")
-    environment_filter: Optional[str] = Field(None, description="Filter by environment tag")
-    profile: Optional[str] = Field(None, description="AWS profile to use")
-
-
-class AnalysisStatus(BaseModel):
-    """Status of an analysis job."""
-    job_id: str
-    status: str  # pending, running, completed, failed
-    started_at: Optional[datetime]
-    completed_at: Optional[datetime]
-    progress: int  # 0-100
-    message: Optional[str]
-    report_url: Optional[str]
-    error: Optional[str]
-
-
-class AnalysisResponse(BaseModel):
-    """Response after starting an analysis."""
-    job_id: str
-    message: str
-    status_url: str
-
-
-class ReportListItem(BaseModel):
-    """A report in the list."""
-    filename: str
-    created_at: datetime
-    size_bytes: int
-    format: str
-    download_url: str
-
-
-async def run_analysis_task(job_id: str, request: AnalysisRequest):
-    """
-    Background task to run the analysis.
-
-    Uses create_subprocess_exec with argument list (not shell) for security.
-    """
-    import sys
-
-    job = analysis_jobs.get(job_id)
-    if not job:
-        return
-
-    job['status'] = 'running'
-    job['started_at'] = datetime.utcnow()
-    job['progress'] = 10
-    job['message'] = 'Starting analysis...'
+from typing import Dict, List, Optional, Any
+
+from flask import Flask, render_template, jsonify, request, send_from_directory
+
+try:
+    from pydantic import BaseModel
+    HAS_PYDANTIC = True
+except ImportError:
+    HAS_PYDANTIC = False
+
+# Import core modules
+import sys
+sys.path.insert(0, str(Path(__file__).parent.parent))
+
+from config import AnalysisConfig, ReportConfig
+from core.analyzer import AWSResourceManager as AWSResourceAnalyzer
+
+
+# Pydantic models for API
+if HAS_PYDANTIC:
+    class AnalysisRequest(BaseModel):
+        """Request model for starting an analysis."""
+        region: Optional[str] = None
+        resource_types: Optional[List[str]] = None
+        output_format: str = 'html'
+        multi_region: bool = False
+        environment: Optional[str] = None
+
+    class AnalysisStatus(BaseModel):
+        """Model for analysis status response."""
+        job_id: Optional[str] = None
+        status: str = 'pending'
+        started_at: Optional[datetime] = None
+        completed_at: Optional[datetime] = None
+        progress: int = 0
+        message: Optional[str] = None
+        report_url: Optional[str] = None
+        error: Optional[str] = None
+        # Additional fields for backwards compatibility
+        running: bool = False
+        current_analyzer: Optional[str] = None
+        last_run: Optional[str] = None
+else:
+    # Fallback for when pydantic is not available
+    class AnalysisRequest:
+        def __init__(self, region=None, resource_types=None, output_format='html',
+                     multi_region=False, environment=None):
+            self.region = region
+            self.resource_types = resource_types
+            self.output_format = output_format
+            self.multi_region = multi_region
+            self.environment = environment
+
+    class AnalysisStatus:
+        def __init__(self, running=False, progress=0, current_analyzer=None,
+                     last_run=None, error=None):
+            self.running = running
+            self.progress = progress
+            self.current_analyzer = current_analyzer
+            self.last_run = last_run
+            self.error = error
+
+app = Flask(__name__,
+            template_folder='templates',
+            static_folder='static')
+
+# Global state for analysis tracking
+analysis_state: Dict[str, Any] = {
+    'running': False,
+    'progress': 0,
+    'current_analyzer': None,
+    'results': None,
+    'last_run': None,
+    'error': None
+}
+
+# Store historical reports
+reports_dir = Path(__file__).parent.parent / 'reports'
+reports_dir.mkdir(exist_ok=True)
+
+
+@app.route('/')
+def index():
+    """Main dashboard page."""
+    return render_template('index.html')
+
+
+@app.route('/api/status')
+def get_status():
+    """Get current analysis status."""
+    return jsonify({
+        'running': analysis_state['running'],
+        'progress': analysis_state['progress'],
+        'current_analyzer': analysis_state['current_analyzer'],
+        'last_run': analysis_state['last_run'],
+        'error': analysis_state['error']
+    })
+
+
+@app.route('/api/analyze', methods=['POST'])
+def start_analysis():
+    """Start a new analysis run."""
+    if analysis_state['running']:
+        return jsonify({'error': 'Analysis already in progress'}), 400
+
+    # Get configuration from request
+    data = request.get_json() or {}
+
+    # Start analysis in background thread
+    thread = threading.Thread(target=run_analysis, args=(data,))
+    thread.daemon = True
+    thread.start()
+
+    return jsonify({'message': 'Analysis started', 'status': 'running'})
+
+
+@app.route('/api/analyze/stop', methods=['POST'])
+def stop_analysis():
+    """Stop the current analysis."""
+    if not analysis_state['running']:
+        return jsonify({'error': 'No analysis running'}), 400
+
+    # Set flag to stop (analyzers should check this)
+    analysis_state['stop_requested'] = True
+    return jsonify({'message': 'Stop requested'})
+
+
+@app.route('/api/results')
+def get_results():
+    """Get the latest analysis results."""
+    if analysis_state['results']:
+        return jsonify(analysis_state['results'])
+    return jsonify({'error': 'No results available'}), 404
+
+
+@app.route('/api/reports')
+def list_reports():
+    """List all historical reports."""
+    reports = []
+    for f in reports_dir.glob('*.json'):
+        stat = f.stat()
+        reports.append({
+            'name': f.name,
+            'date': datetime.fromtimestamp(stat.st_mtime).isoformat(),
+            'size': stat.st_size
+        })
+    reports.sort(key=lambda x: x['date'], reverse=True)
+    return jsonify(reports)
+
+
+@app.route('/api/reports/<filename>')
+def get_report(filename: str):
+    """Get a specific report by filename."""
+    filepath = reports_dir / filename
+    if not filepath.exists() or not filepath.suffix == '.json':
+        return jsonify({'error': 'Report not found'}), 404
+
+    with open(filepath) as f:
+        return jsonify(json.load(f))
+
+
+@app.route('/api/config')
+def get_config():
+    """Get current analysis configuration."""
+    return jsonify({
+        'available_analyzers': [
+            'ec2', 'rds', 's3', 'ebs', 'lambda', 'dynamodb',
+            'elasticache', 'cloudfront', 'efs', 'route53',
+            'eks', 'sagemaker', 'security_privacy', 'cost_explorer',
+            'rto', 'eks_session', 'eks_deployment'
+        ],
+        'default_regions': ['us-east-1', 'us-west-2', 'eu-west-1'],
+        'environment_options': ['prod', 'test', 'dev', 'all']
+    })
+
+
+@app.route('/api/alerts')
+def get_alerts():
+    """Get current alert thresholds and active alerts."""
+    return jsonify({
+        'thresholds': {
+            'cost_increase_percent': 20,
+            'idle_resource_days': 30,
+            'security_critical': True,
+            'savings_threshold_usd': 100
+        },
+        'active_alerts': get_active_alerts()
+    })
+
+
+@app.route('/api/alerts', methods=['PUT'])
+def update_alerts():
+    """Update alert thresholds."""
+    data = request.get_json()
+    # In production, save to config file or database
+    return jsonify({'message': 'Thresholds updated', 'thresholds': data})
+
+
+def run_analysis(config_data: Dict):
+    """Run analysis in background thread."""
+    global analysis_state
+
+    analysis_state['running'] = True
+    analysis_state['progress'] = 0
+    analysis_state['error'] = None
+    analysis_state['stop_requested'] = False
 
     try:
-        # Build command as list (safe from injection)
-        cmd = [sys.executable, 'main.py']
-
-        if request.region:
-            cmd.extend(['--region', request.region])
-
-        if request.resource_types:
-            cmd.extend(['--resource-types', ','.join(request.resource_types)])
+        # Create configuration
+        resource_types = config_data.get('resource_types', ['ec2', 'rds', 's3'])
+        regions = config_data.get('regions', ['us-east-1'])
+        environment = config_data.get('environment')
+
+        analysis_config = AnalysisConfig(
+            resource_types=resource_types,
+            regions=regions,
+            environment_filter=environment
+        )
 
-        cmd.extend(['--output-format', request.output_format])
+        report_config = ReportConfig(
+            output_format='json',
+            include_recommendations=True
+        )
 
-        # Generate unique output filename
-        timestamp = datetime.utcnow().strftime('%Y%m%d_%H%M%S')
-        output_file = REPORTS_DIR / f"analysis_{job_id}_{timestamp}.{request.output_format}"
-        cmd.extend(['--output-file', str(output_file)])
+        # Initialize analyzer
+        analyzer = AWSResourceAnalyzer(analysis_config, report_config)
 
-        if request.multi_region:
-            cmd.append('--multi-region')
+        # Run analysis with progress tracking
+        total_analyzers = len(resource_types)
+        for i, resource_type in enumerate(resource_types):
+            if analysis_state.get('stop_requested'):
+                break
 
-        if request.environment_filter:
-            cmd.extend(['--environment', request.environment_filter])
+            analysis_state['current_analyzer'] = resource_type
+            analysis_state['progress'] = int((i / total_analyzers) * 100)
 
-        if request.profile:
-            cmd.extend(['--profile', request.profile])
+        # Get results
+        results = analyzer.analyze_all()
 
-        job['progress'] = 20
-        job['message'] = 'Running analyzers...'
+        # Save results
+        timestamp = datetime.now().strftime('%Y%m%d_%H%M%S')
+        report_file = reports_dir / f'analysis_{timestamp}.json'
+        with open(report_file, 'w') as f:
+            json.dump(results, f, indent=2, default=str)
 
-        # Run the analysis using create_subprocess_exec (arguments as list, no shell)
-        # This is safe from command injection as arguments are passed directly
-        process = await asyncio.create_subprocess_exec(
-            *cmd,
-            stdout=asyncio.subprocess.PIPE,
-            stderr=asyncio.subprocess.PIPE,
-            cwd=str(WEB_DIR.parent)
-        )
+        analysis_state['results'] = results
+        analysis_state['last_run'] = datetime.now().isoformat()
+        analysis_state['progress'] = 100
 
-        # Wait for completion with timeout
-        try:
-            stdout, stderr = await asyncio.wait_for(
-                process.communicate(),
-                timeout=1800  # 30 minute timeout
-            )
-        except asyncio.TimeoutError:
-            process.kill()
-            raise
-
-        # Update progress during execution
-        job['progress'] = 90
-
-        if process.returncode == 0:
-            job['status'] = 'completed'
-            job['progress'] = 100
-            job['message'] = 'Analysis completed successfully'
-            job['completed_at'] = datetime.utcnow()
-
-            if output_file.exists():
-                job['report_url'] = f"/api/reports/{output_file.name}"
-            else:
-                # Try to find the default output file
-                default_file = WEB_DIR.parent / f"aws-optimization-report.{request.output_format}"
-                if default_file.exists():
-                    # Move to reports directory
-                    import shutil
-                    final_path = REPORTS_DIR / f"analysis_{job_id}_{timestamp}.{request.output_format}"
-                    shutil.move(str(default_file), str(final_path))
-                    job['report_url'] = f"/api/reports/{final_path.name}"
-        else:
-            job['status'] = 'failed'
-            job['error'] = stderr.decode() if stderr else 'Analysis failed'
-            job['message'] = 'Analysis failed'
-
-    except asyncio.TimeoutError:
-        job['status'] = 'failed'
-        job['error'] = 'Analysis timed out after 30 minutes'
-        job['message'] = 'Analysis timed out'
     except Exception as e:
-        job['status'] = 'failed'
-        job['error'] = str(e)
-        job['message'] = f'Error: {str(e)}'
-        log.exception(f"Analysis job {job_id} failed")
-
-
-# API Routes
-@app.get("/", response_class=HTMLResponse)
-async def home(request: Request):
-    """Render the home page."""
-    template_path = TEMPLATES_DIR / "index.html"
-    if not template_path.exists():
-        # Return a basic HTML page if template doesn't exist
-        return HTMLResponse(content="""
-        <!DOCTYPE html>
-        <html>
-        <head>
-            <title>Dedo-Duro - AWS Resource Analyzer</title>
-            <style>
-                body { font-family: Arial, sans-serif; margin: 40px; background: #f5f5f5; }
-                .container { max-width: 800px; margin: 0 auto; background: white; padding: 30px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }
-                h1 { color: #232f3e; }
-                .btn { background: #ff9900; color: white; padding: 12px 24px; border: none; border-radius: 4px; cursor: pointer; font-size: 16px; text-decoration: none; display: inline-block; }
-                .btn:hover { background: #ec7211; }
-                .info { background: #e7f3ff; padding: 15px; border-radius: 4px; margin: 20px 0; }
-                a { color: #0073bb; }
-            </style>
-        </head>
-        <body>
-            <div class="container">
-                <h1>Dedo-Duro</h1>
-                <p>AWS Resource Utilization Analyzer</p>
-                <div class="info">
-                    <p><strong>API Documentation:</strong></p>
-                    <ul>
-                        <li><a href="/api/docs">Swagger UI</a></li>
-                        <li><a href="/api/redoc">ReDoc</a></li>
-                    </ul>
-                </div>
-                <h2>Quick Start</h2>
-                <p>Start an analysis via the API:</p>
-                <pre>POST /api/analysis
-{
-  "region": "us-east-1",
-  "output_format": "html"
-}</pre>
-                <p>Or use the command line:</p>
-                <pre>python main.py --region us-east-1 --output-format html</pre>
-            </div>
-        </body>
-        </html>
-        """)
-    return templates.TemplateResponse("index.html", {"request": request})
-
-
-@app.post("/api/analysis", response_model=AnalysisResponse)
-async def start_analysis(request: AnalysisRequest, background_tasks: BackgroundTasks):
-    """Start a new analysis job."""
-    job_id = str(uuid4())[:8]
-
-    # Validate inputs to prevent any injection attempts
-    if request.region and not request.region.replace('-', '').replace('_', '').isalnum():
-        raise HTTPException(status_code=400, detail="Invalid region format")
-
-    if request.environment_filter and not request.environment_filter.isalpha():
-        raise HTTPException(status_code=400, detail="Invalid environment filter")
-
-    if request.output_format not in ['html', 'json', 'csv']:
-        raise HTTPException(status_code=400, detail="Invalid output format")
-
-    if request.resource_types:
-        for rt in request.resource_types:
-            if not rt.replace('_', '').isalnum():
-                raise HTTPException(status_code=400, detail=f"Invalid resource type: {rt}")
-
-    if request.profile and not request.profile.replace('-', '').replace('_', '').isalnum():
-        raise HTTPException(status_code=400, detail="Invalid profile name")
-
-    # Create job entry
-    analysis_jobs[job_id] = {
-        'job_id': job_id,
-        'status': 'pending',
-        'started_at': None,
-        'completed_at': None,
-        'progress': 0,
-        'message': 'Job queued',
-        'report_url': None,
-        'error': None,
-        'request': request.model_dump()
-    }
-
-    # Start background task
-    background_tasks.add_task(run_analysis_task, job_id, request)
-
-    return AnalysisResponse(
-        job_id=job_id,
-        message="Analysis started",
-        status_url=f"/api/analysis/{job_id}/status"
-    )
-
-
-@app.get("/api/analysis/{job_id}/status", response_model=AnalysisStatus)
-async def get_analysis_status(job_id: str):
-    """Get the status of an analysis job."""
-    # Validate job_id format
-    if not job_id.isalnum() or len(job_id) > 16:
-        raise HTTPException(status_code=400, detail="Invalid job ID format")
-
-    job = analysis_jobs.get(job_id)
-    if not job:
-        raise HTTPException(status_code=404, detail="Job not found")
-
-    return AnalysisStatus(
-        job_id=job['job_id'],
-        status=job['status'],
-        started_at=job['started_at'],
-        completed_at=job['completed_at'],
-        progress=job['progress'],
-        message=job['message'],
-        report_url=job['report_url'],
-        error=job['error']
-    )
-
-
-@app.get("/api/analysis", response_model=List[AnalysisStatus])
-async def list_analyses():
-    """List all analysis jobs."""
-    return [
-        AnalysisStatus(
-            job_id=job['job_id'],
-            status=job['status'],
-            started_at=job['started_at'],
-            completed_at=job['completed_at'],
-            progress=job['progress'],
-            message=job['message'],
-            report_url=job['report_url'],
-            error=job['error']
-        )
-        for job in analysis_jobs.values()
-    ]
-
-
-@app.get("/api/reports", response_model=List[ReportListItem])
-async def list_reports():
-    """List all available reports."""
-    reports = []
-
-    if REPORTS_DIR.exists():
-        for file in REPORTS_DIR.iterdir():
-            if file.is_file() and file.suffix in ['.html', '.json', '.csv']:
-                stat = file.stat()
-                reports.append(ReportListItem(
-                    filename=file.name,
-                    created_at=datetime.fromtimestamp(stat.st_mtime),
-                    size_bytes=stat.st_size,
-                    format=file.suffix[1:],
-                    download_url=f"/api/reports/{file.name}"
-                ))
-
-    # Sort by creation time, newest first
-    reports.sort(key=lambda x: x.created_at, reverse=True)
-    return reports
-
-
-@app.get("/api/reports/{filename}")
-async def download_report(filename: str):
-    """Download a specific report."""
-    # Validate filename to prevent path traversal
-    if '..' in filename or '/' in filename or '\\' in filename:
-        raise HTTPException(status_code=400, detail="Invalid filename")
-
-    # Additional validation: only allow alphanumeric, underscore, hyphen, and dot
-    import re
-    if not re.match(r'^[a-zA-Z0-9_\-\.]+$', filename):
-        raise HTTPException(status_code=400, detail="Invalid filename characters")
-
-    file_path = REPORTS_DIR / filename
-    if not file_path.exists():
-        raise HTTPException(status_code=404, detail="Report not found")
-
-    # Ensure the file is within REPORTS_DIR (defense in depth)
-    try:
-        file_path.resolve().relative_to(REPORTS_DIR.resolve())
-    except ValueError:
-        raise HTTPException(status_code=400, detail="Invalid file path")
-
-    # Determine content type
-    content_types = {
-        '.html': 'text/html',
-        '.json': 'application/json',
-        '.csv': 'text/csv'
-    }
-    content_type = content_types.get(file_path.suffix, 'application/octet-stream')
-
-    return FileResponse(
-        path=str(file_path),
-        media_type=content_type,
-        filename=filename
-    )
-
-
-@app.delete("/api/reports/{filename}")
-async def delete_report(filename: str):
-    """Delete a specific report."""
-    # Validate filename
-    if '..' in filename or '/' in filename or '\\' in filename:
-        raise HTTPException(status_code=400, detail="Invalid filename")
-
-    import re
-    if not re.match(r'^[a-zA-Z0-9_\-\.]+$', filename):
-        raise HTTPException(status_code=400, detail="Invalid filename characters")
-
-    file_path = REPORTS_DIR / filename
-    if not file_path.exists():
-        raise HTTPException(status_code=404, detail="Report not found")
-
-    # Ensure the file is within REPORTS_DIR
-    try:
-        file_path.resolve().relative_to(REPORTS_DIR.resolve())
-    except ValueError:
-        raise HTTPException(status_code=400, detail="Invalid file path")
-
-    file_path.unlink()
-    return {"message": f"Report {filename} deleted"}
-
-
-@app.get("/api/analyzers")
-async def list_analyzers():
-    """List available analyzers."""
-    return {
-        "analyzers": [
-            {"key": "ec2", "desc": "EC2 instance analysis"},
-            {"key": "rds", "desc": "RDS database analysis"},
-            {"key": "s3", "desc": "S3 bucket analysis"},
-            {"key": "ebs", "desc": "EBS volume analysis"},
-            {"key": "elb", "desc": "Load balancer analysis"},
-            {"key": "lambda", "desc": "Lambda function analysis"},
-            {"key": "dynamodb", "desc": "DynamoDB table analysis"},
-            {"key": "elasticache", "desc": "ElastiCache analysis"},
-            {"key": "eks_sessions", "desc": "EKS session monitoring"},
-            {"key": "eks_deployments", "desc": "EKS deployment analysis"},
-            {"key": "cost_explorer", "desc": "Cost Explorer analysis"},
-            {"key": "rto_analysis", "desc": "DR/RTO analysis"},
-        ]
-    }
-
-
-@app.get("/api/health")
-async def health_check():
-    """Health check endpoint."""
-    return {
-        "status": "healthy",
-        "version": "1.0.0",
-        "active_jobs": len([j for j in analysis_jobs.values() if j['status'] == 'running'])
-    }
-
-
-# Run with: uvicorn web.app:app --reload --host 0.0.0.0 --port 8000
-if __name__ == "__main__":
-    import uvicorn
-    uvicorn.run(app, host="0.0.0.0", port=8000)
+        analysis_state['error'] = str(e)
+    finally:
+        analysis_state['running'] = False
+        analysis_state['current_analyzer'] = None
+
+
+def get_active_alerts() -> List[Dict]:
+    """Get list of active alerts based on last analysis results."""
+    alerts = []
+
+    if not analysis_state['results']:
+        return alerts
+
+    results = analysis_state['results']
+
+    # Check for high-cost resources
+    if 'ec2' in results:
+        for resource in results['ec2'].get('resources', []):
+            savings = resource.get('potential_monthly_savings', 0)
+            if savings and savings > 100:
+                alerts.append({
+                    'type': 'cost',
+                    'severity': 'warning',
+                    'resource': resource.get('InstanceId'),
+                    'message': f'Potential savings of ${savings:.2f}/month'
+                })
+
+    # Check for security issues
+    if 'security_privacy' in results:
+        for finding in results['security_privacy'].get('findings', []):
+            if finding.get('severity') == 'critical':
+                alerts.append({
+                    'type': 'security',
+                    'severity': 'critical',
+                    'resource': finding.get('resource'),
+                    'message': finding.get('description')
+                })
+
+    return alerts
+
+
+# Health check endpoint
+@app.route('/health')
+def health():
+    """Health check endpoint for load balancers."""
+    return jsonify({'status': 'healthy', 'timestamp': datetime.now().isoformat()})
+
+
+if __name__ == '__main__':
+    # Development server
+    app.run(host='0.0.0.0', port=5000, debug=True)
diff --git a/web/static/app.js b/web/static/app.js
new file mode 100644
index 0000000..77f98b4
--- /dev/null
+++ b/web/static/app.js
@@ -0,0 +1,214 @@
+// Dedo-Duro Dashboard JavaScript
+
+// Tab Navigation
+document.querySelectorAll('.tab').forEach(tab => {
+    tab.addEventListener('click', () => {
+        document.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
+        document.querySelectorAll('.tab-content').forEach(c => c.classList.remove('active'));
+        
+        tab.classList.add('active');
+        document.getElementById(tab.dataset.tab).classList.add('active');
+    });
+});
+
+// Polling interval for status updates
+let statusInterval = null;
+
+// Start polling for status updates
+function startStatusPolling() {
+    statusInterval = setInterval(fetchStatus, 2000);
+}
+
+// Stop polling
+function stopStatusPolling() {
+    if (statusInterval) {
+        clearInterval(statusInterval);
+        statusInterval = null;
+    }
+}
+
+// Fetch current status
+async function fetchStatus() {
+    try {
+        const response = await fetch('/api/status');
+        const data = await response.json();
+        updateStatusDisplay(data);
+    } catch (error) {
+        console.error('Error fetching status:', error);
+    }
+}
+
+// Update status display
+function updateStatusDisplay(data) {
+    const statusBadge = document.querySelector('#analysis-status .status-badge');
+    const progressBar = document.getElementById('progress-bar');
+    const startBtn = document.getElementById('start-btn');
+    const stopBtn = document.getElementById('stop-btn');
+    
+    if (data.running) {
+        statusBadge.textContent = 'Running';
+        statusBadge.className = 'status-badge running';
+        progressBar.style.display = 'block';
+        document.querySelector('.progress-fill').style.width = data.progress + '%';
+        const analyzerText = data.current_analyzer ? 'Analyzing: ' + data.current_analyzer : '';
+        document.getElementById('current-analyzer').textContent = analyzerText;
+        startBtn.style.display = 'none';
+        stopBtn.style.display = 'inline-block';
+    } else {
+        statusBadge.textContent = data.error ? 'Error' : 'Idle';
+        statusBadge.className = 'status-badge ' + (data.error ? 'error' : 'idle');
+        progressBar.style.display = 'none';
+        startBtn.style.display = 'inline-block';
+        stopBtn.style.display = 'none';
+        
+        if (data.error) {
+            console.error('Analysis error:', data.error);
+        }
+    }
+    
+    if (data.last_run) {
+        document.getElementById('last-run').textContent = new Date(data.last_run).toLocaleString();
+    }
+}
+
+// Start analysis
+document.getElementById('analysis-form').addEventListener('submit', async (e) => {
+    e.preventDefault();
+    
+    const formData = new FormData(e.target);
+    const resourceTypes = formData.getAll('resource_types');
+    const regionsStr = formData.get('regions');
+    const regions = regionsStr.split(',').map(function(r) { return r.trim(); }).filter(function(r) { return r; });
+    const environment = formData.get('environment') || null;
+    
+    try {
+        const response = await fetch('/api/analyze', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                resource_types: resourceTypes,
+                regions: regions,
+                environment: environment
+            })
+        });
+        
+        const data = await response.json();
+        if (response.ok) {
+            startStatusPolling();
+        } else {
+            alert(data.error || 'Failed to start analysis');
+        }
+    } catch (error) {
+        alert('Error starting analysis: ' + error.message);
+    }
+});
+
+// Stop analysis
+document.getElementById('stop-btn').addEventListener('click', async () => {
+    try {
+        await fetch('/api/analyze/stop', { method: 'POST' });
+    } catch (error) {
+        console.error('Error stopping analysis:', error);
+    }
+});
+
+// Fetch and display reports
+async function fetchReports() {
+    try {
+        const response = await fetch('/api/reports');
+        const reports = await response.json();
+        
+        const container = document.getElementById('reports-list');
+        if (reports.length === 0) {
+            container.innerHTML = '<p class="no-data">No reports available.</p>';
+            return;
+        }
+        
+        let html = '';
+        reports.forEach(function(report) {
+            html += '<div class="report-item">';
+            html += '<div><strong>' + report.name + '</strong><br>';
+            html += '<small>' + new Date(report.date).toLocaleString() + '</small></div>';
+            html += '<div><button class="btn btn-primary" onclick="viewReport(\'' + report.name + '\')">View</button></div>';
+            html += '</div>';
+        });
+        container.innerHTML = html;
+    } catch (error) {
+        console.error('Error fetching reports:', error);
+    }
+}
+
+// View a specific report
+async function viewReport(filename) {
+    try {
+        const response = await fetch('/api/reports/' + filename);
+        const data = await response.json();
+        console.log('Report data:', data);
+        alert('Report loaded. Check console for details.');
+    } catch (error) {
+        alert('Error loading report: ' + error.message);
+    }
+}
+
+// Fetch and display alerts
+async function fetchAlerts() {
+    try {
+        const response = await fetch('/api/alerts');
+        const data = await response.json();
+        
+        document.getElementById('alert-count').textContent = data.active_alerts.length;
+        
+        const container = document.getElementById('alerts-list');
+        if (data.active_alerts.length === 0) {
+            container.innerHTML = '<p class="no-data">No active alerts.</p>';
+            return;
+        }
+        
+        let html = '';
+        data.active_alerts.forEach(function(alert) {
+            html += '<div class="alert-item ' + alert.severity + '">';
+            html += '<span><strong>' + alert.type.toUpperCase() + '</strong></span>';
+            html += '<span>' + (alert.resource || 'N/A') + '</span>';
+            html += '<span>' + alert.message + '</span>';
+            html += '</div>';
+        });
+        container.innerHTML = html;
+    } catch (error) {
+        console.error('Error fetching alerts:', error);
+    }
+}
+
+// Save alert thresholds
+document.getElementById('alerts-form').addEventListener('submit', async (e) => {
+    e.preventDefault();
+    
+    const formData = new FormData(e.target);
+    const thresholds = {
+        cost_increase_percent: parseInt(formData.get('cost_increase_percent')),
+        idle_resource_days: parseInt(formData.get('idle_resource_days')),
+        savings_threshold_usd: parseInt(formData.get('savings_threshold_usd')),
+        security_critical: formData.get('security_critical') === 'on'
+    };
+    
+    try {
+        const response = await fetch('/api/alerts', {
+            method: 'PUT',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify(thresholds)
+        });
+        
+        if (response.ok) {
+            alert('Thresholds saved successfully');
+        }
+    } catch (error) {
+        alert('Error saving thresholds: ' + error.message);
+    }
+});
+
+// Initialize
+document.addEventListener('DOMContentLoaded', function() {
+    fetchStatus();
+    fetchReports();
+    fetchAlerts();
+    startStatusPolling();
+});
diff --git a/web/static/style.css b/web/static/style.css
new file mode 100644
index 0000000..480f3d4
--- /dev/null
+++ b/web/static/style.css
@@ -0,0 +1,274 @@
+/* Dedo-Duro Dashboard Styles */
+:root {
+    --primary: #2563eb;
+    --primary-dark: #1d4ed8;
+    --danger: #dc2626;
+    --warning: #f59e0b;
+    --success: #10b981;
+    --gray-100: #f3f4f6;
+    --gray-200: #e5e7eb;
+    --gray-300: #d1d5db;
+    --gray-600: #4b5563;
+    --gray-800: #1f2937;
+}
+
+* {
+    box-sizing: border-box;
+    margin: 0;
+    padding: 0;
+}
+
+body {
+    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+    background: var(--gray-100);
+    color: var(--gray-800);
+    line-height: 1.5;
+}
+
+.container {
+    max-width: 1200px;
+    margin: 0 auto;
+    padding: 2rem;
+}
+
+header {
+    text-align: center;
+    margin-bottom: 2rem;
+}
+
+header h1 {
+    font-size: 2.5rem;
+    color: var(--primary);
+}
+
+.subtitle {
+    color: var(--gray-600);
+    font-size: 1.1rem;
+}
+
+/* Navigation Tabs */
+.tabs {
+    display: flex;
+    gap: 0.5rem;
+    margin-bottom: 2rem;
+    border-bottom: 2px solid var(--gray-200);
+    padding-bottom: 0;
+}
+
+.tab {
+    padding: 0.75rem 1.5rem;
+    border: none;
+    background: none;
+    cursor: pointer;
+    font-size: 1rem;
+    color: var(--gray-600);
+    border-bottom: 2px solid transparent;
+    margin-bottom: -2px;
+    transition: all 0.2s;
+}
+
+.tab:hover {
+    color: var(--primary);
+}
+
+.tab.active {
+    color: var(--primary);
+    border-bottom-color: var(--primary);
+}
+
+/* Tab Content */
+.tab-content {
+    display: none;
+}
+
+.tab-content.active {
+    display: block;
+}
+
+/* Cards */
+.status-cards {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+    gap: 1.5rem;
+    margin-bottom: 2rem;
+}
+
+.card {
+    background: white;
+    padding: 1.5rem;
+    border-radius: 8px;
+    box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
+
+.card h3 {
+    font-size: 0.875rem;
+    color: var(--gray-600);
+    margin-bottom: 0.5rem;
+    text-transform: uppercase;
+    letter-spacing: 0.05em;
+}
+
+/* Status Badge */
+.status-badge {
+    display: inline-block;
+    padding: 0.25rem 0.75rem;
+    border-radius: 9999px;
+    font-size: 0.875rem;
+    font-weight: 500;
+}
+
+.status-badge.idle {
+    background: var(--gray-200);
+    color: var(--gray-600);
+}
+
+.status-badge.running {
+    background: #dbeafe;
+    color: var(--primary);
+}
+
+.status-badge.error {
+    background: #fee2e2;
+    color: var(--danger);
+}
+
+/* Progress Bar */
+.progress {
+    height: 8px;
+    background: var(--gray-200);
+    border-radius: 4px;
+    overflow: hidden;
+    margin: 0.5rem 0;
+}
+
+.progress-fill {
+    height: 100%;
+    background: var(--primary);
+    transition: width 0.3s ease;
+}
+
+/* Forms */
+.form-group {
+    margin-bottom: 1.5rem;
+}
+
+.form-group label {
+    display: block;
+    font-weight: 500;
+    margin-bottom: 0.5rem;
+}
+
+.form-group input[type="text"],
+.form-group input[type="number"],
+.form-group select {
+    width: 100%;
+    padding: 0.75rem;
+    border: 1px solid var(--gray-300);
+    border-radius: 6px;
+    font-size: 1rem;
+}
+
+.checkbox-group {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 1rem;
+}
+
+.checkbox-group label {
+    display: flex;
+    align-items: center;
+    gap: 0.5rem;
+    font-weight: normal;
+}
+
+/* Buttons */
+.btn {
+    padding: 0.75rem 1.5rem;
+    border: none;
+    border-radius: 6px;
+    font-size: 1rem;
+    cursor: pointer;
+    transition: background 0.2s;
+}
+
+.btn-primary {
+    background: var(--primary);
+    color: white;
+}
+
+.btn-primary:hover {
+    background: var(--primary-dark);
+}
+
+.btn-danger {
+    background: var(--danger);
+    color: white;
+}
+
+.btn-danger:hover {
+    background: #b91c1c;
+}
+
+/* Alerts */
+.alert-item {
+    display: flex;
+    align-items: center;
+    gap: 1rem;
+    padding: 1rem;
+    background: white;
+    border-radius: 6px;
+    margin-bottom: 0.5rem;
+    border-left: 4px solid var(--gray-300);
+}
+
+.alert-item.critical {
+    border-left-color: var(--danger);
+    background: #fef2f2;
+}
+
+.alert-item.warning {
+    border-left-color: var(--warning);
+    background: #fffbeb;
+}
+
+.alert-item.info {
+    border-left-color: var(--primary);
+    background: #eff6ff;
+}
+
+/* Reports List */
+.report-item {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 1rem;
+    background: white;
+    border-radius: 6px;
+    margin-bottom: 0.5rem;
+}
+
+.report-item:hover {
+    background: var(--gray-100);
+}
+
+.no-data {
+    color: var(--gray-600);
+    text-align: center;
+    padding: 2rem;
+}
+
+/* Sections */
+.alerts-section,
+.summary-section {
+    background: white;
+    padding: 1.5rem;
+    border-radius: 8px;
+    margin-bottom: 1.5rem;
+    box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
+
+.alerts-section h2,
+.summary-section h2 {
+    margin-bottom: 1rem;
+    color: var(--gray-800);
+}
diff --git a/web/templates/index.html b/web/templates/index.html
new file mode 100644
index 0000000..9c632e0
--- /dev/null
+++ b/web/templates/index.html
@@ -0,0 +1,137 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Dedo-Duro - AWS Resource Analyzer</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
+</head>
+<body>
+    <div class="container">
+        <header>
+            <h1>Dedo-Duro</h1>
+            <p class="subtitle">AWS Resource Analyzer Dashboard</p>
+        </header>
+
+        <nav class="tabs">
+            <button class="tab active" data-tab="dashboard">Dashboard</button>
+            <button class="tab" data-tab="analysis">Run Analysis</button>
+            <button class="tab" data-tab="reports">Historical Reports</button>
+            <button class="tab" data-tab="alerts">Alerts & Thresholds</button>
+        </nav>
+
+        <!-- Dashboard Tab -->
+        <section id="dashboard" class="tab-content active">
+            <div class="status-cards">
+                <div class="card">
+                    <h3>Analysis Status</h3>
+                    <div id="analysis-status">
+                        <span class="status-badge idle">Idle</span>
+                    </div>
+                    <div id="progress-bar" style="display:none;">
+                        <div class="progress">
+                            <div class="progress-fill" style="width: 0%"></div>
+                        </div>
+                        <span id="current-analyzer"></span>
+                    </div>
+                </div>
+                <div class="card">
+                    <h3>Last Run</h3>
+                    <p id="last-run">Never</p>
+                </div>
+                <div class="card">
+                    <h3>Active Alerts</h3>
+                    <p id="alert-count">0</p>
+                </div>
+            </div>
+
+            <div class="alerts-section">
+                <h2>Active Alerts</h2>
+                <div id="alerts-list"></div>
+            </div>
+
+            <div class="summary-section">
+                <h2>Latest Results Summary</h2>
+                <div id="results-summary">
+                    <p class="no-data">No analysis results available. Run an analysis to see results.</p>
+                </div>
+            </div>
+        </section>
+
+        <!-- Analysis Tab -->
+        <section id="analysis" class="tab-content">
+            <h2>Configure Analysis</h2>
+            <form id="analysis-form">
+                <div class="form-group">
+                    <label>Resource Types</label>
+                    <div class="checkbox-group">
+                        <label><input type="checkbox" name="resource_types" value="ec2" checked> EC2</label>
+                        <label><input type="checkbox" name="resource_types" value="rds" checked> RDS</label>
+                        <label><input type="checkbox" name="resource_types" value="s3" checked> S3</label>
+                        <label><input type="checkbox" name="resource_types" value="ebs"> EBS</label>
+                        <label><input type="checkbox" name="resource_types" value="lambda"> Lambda</label>
+                        <label><input type="checkbox" name="resource_types" value="dynamodb"> DynamoDB</label>
+                        <label><input type="checkbox" name="resource_types" value="elasticache"> ElastiCache</label>
+                        <label><input type="checkbox" name="resource_types" value="eks"> EKS</label>
+                        <label><input type="checkbox" name="resource_types" value="security_privacy"> Security</label>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label for="regions">AWS Regions (comma-separated)</label>
+                    <input type="text" id="regions" name="regions" value="us-east-1" placeholder="us-east-1, us-west-2">
+                </div>
+
+                <div class="form-group">
+                    <label for="environment">Environment Filter</label>
+                    <select id="environment" name="environment">
+                        <option value="">All Environments</option>
+                        <option value="prod">Production</option>
+                        <option value="test">Test</option>
+                        <option value="dev">Development</option>
+                    </select>
+                </div>
+
+                <button type="submit" class="btn btn-primary" id="start-btn">Start Analysis</button>
+                <button type="button" class="btn btn-danger" id="stop-btn" style="display:none;">Stop Analysis</button>
+            </form>
+        </section>
+
+        <!-- Reports Tab -->
+        <section id="reports" class="tab-content">
+            <h2>Historical Reports</h2>
+            <div id="reports-list">
+                <p class="no-data">Loading reports...</p>
+            </div>
+        </section>
+
+        <!-- Alerts Tab -->
+        <section id="alerts" class="tab-content">
+            <h2>Alert Thresholds</h2>
+            <form id="alerts-form">
+                <div class="form-group">
+                    <label for="cost_threshold">Cost Increase Threshold (%)</label>
+                    <input type="number" id="cost_threshold" name="cost_increase_percent" value="20" min="0" max="100">
+                </div>
+                <div class="form-group">
+                    <label for="idle_days">Idle Resource Days</label>
+                    <input type="number" id="idle_days" name="idle_resource_days" value="30" min="1">
+                </div>
+                <div class="form-group">
+                    <label for="savings_threshold">Minimum Savings Alert (USD)</label>
+                    <input type="number" id="savings_threshold" name="savings_threshold_usd" value="100" min="0">
+                </div>
+                <div class="form-group">
+                    <label>
+                        <input type="checkbox" id="security_critical" name="security_critical" checked>
+                        Alert on Critical Security Issues
+                    </label>
+                </div>
+                <button type="submit" class="btn btn-primary">Save Thresholds</button>
+            </form>
+        </section>
+    </div>
+
+    <script src="{{ url_for('static', filename='app.js') }}"></script>
+</body>
+</html>