# Architecture (canonical doc moved)

The canonical architecture document is now:

- `project-docs/architecture.md`

This `docs/reference/architecture.md` file is kept as a pointer to avoid maintaining two competing sources of truth.

## Best Practices

### Code Organization
1. One role = one responsibility
2. Idempotent tasks
3. Proper handler usage
4. Template for configuration
5. Defaults for flexibility

### Security
1. Vault for all secrets
2. Least privilege principle
3. Regular updates
4. Audit logging
5. Network segmentation

### Operations
1. Test in check mode
2. Use tags for selective runs
3. Document changes
4. Version control everything
5. Monitor and alert