clean up

.gitleaksignore

@@ -23,3 +23,4 @@ ac48444a685bde17f83221a9c0efb6f3fee2ebbb:infra/aws/us-east-2/terraform-backend/m
 8fa97fe4d1e4a477bf69361498a8801050856a3c:infra/aws/us-west-2/route53/main.tf:terraform-sensitive-variable:31
 8fa97fe4d1e4a477bf69361498a8801050856a3c:infra/aws/us-west-2/route53/main.tf:terraform-sensitive-variable:14
 8fa97fe4d1e4a477bf69361498a8801050856a3c:infra/aws/us-east-2/route53/main.tf:terraform-sensitive-variable:54
+ac48444a685bde17f83221a9c0efb6f3fee2ebbb:infra/aws/us-east-2/acm/main.tf:terraform-sensitive-variable:22

docs/INFRASTRUCTURE_BEST_PRACTICES.md

@@ -393,80 +393,6 @@ oidc_principals = {
 
 ---
 
-## Key Takeaways for Sales Engineers
-
-### When Discussing Load Balancers
-
-1. **NLB is the right choice for Coder**
-   - Optimized for long-lived WebSocket connections
-   - Lower latency than ALB
-   - Source IP preservation for audit logs
-   - Static IPs for enterprise firewalls
-
-2. **NLB DOES support TLS termination**
-   - Common misconception that it doesn't
-   - Fully supported via ACM certificates
-   - Show AWS documentation if questioned
-
-3. **ALB only needed if:**
-   - Path-based routing required
-   - WAF integration needed
-   - HTTP-specific features required
-   - None of these apply to standard Coder deployments
-
-### When Discussing Multi-Region
-
-1. **Latency-based routing provides:**
-   - Automatic performance optimization
-   - Built-in failover
-   - No user action required
-
-2. **Region-specific URLs allow:**
-   - Manual region override
-   - Demo flexibility
-   - Testing and troubleshooting
-
-3. **Shared database is critical:**
-   - Users need unified accounts across regions
-   - Workspace state must be accessible everywhere
-   - Consider RDS read replicas for performance
-
-### When Discussing LiteLLM
-
-1. **Separate subdomain approach:**
-   - Keeps architecture simple
-   - No ALB needed
-   - Independent scaling
-   - Clear separation of concerns
-
-2. **Automatic key rotation:**
-   - Security best practice
-   - No manual key management
-   - Zero downtime rotation
-   - AWS Secrets Manager integration
-
-3. **Internal-only option available:**
-   - Maximum security
-   - No external exposure
-   - Simpler architecture
-   - Recommended if no external access needed
-
-### When Discussing Infrastructure as Code
-
-1. **`upgrade_install = true` is critical:**
-   - Enables idempotent Terraform applies
-   - Required for CI/CD pipelines
-   - Prevents deployment failures
-   - Standard best practice
-
-2. **Terraform module structure:**
-   - Reusable across regions
-   - Consistent configuration
-   - Easy to add new regions
-   - Clear separation of concerns
-
----
-
 ## Additional Resources
 
 ### AWS Documentation