docs: correct phantom companion-repo references (azure-aks/Bicep → landing-zone)

CLAUDE.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-AKS-specific GitOps configuration for ArgoCD addon lifecycle management. Part of a multi-cloud strategy (`eks-gitops`, `gke-gitops`, `aks-gitops`). Companion to [azure-aks](https://github.com/nanohype/azure-aks) (Bicep/Terraform infrastructure).
+AKS-specific GitOps configuration for ArgoCD addon lifecycle management. Part of a multi-cloud strategy (`eks-gitops`, `aks-gitops`). Companion to [landing-zone](https://github.com/nanohype/landing-zone) (OpenTofu/Terragrunt infrastructure).
 
 ## Directory Structure
 
@@ -86,7 +86,7 @@ task render                 # Render manifests to rendered/ directory
 ## Relationship to Parent Repo
 
 - This is the AKS variant of a multi-cloud GitOps strategy
-- `azure-aks` (Bicep/Terraform) deploys ArgoCD and creates the App-of-Apps Application pointing to this repo
+- `landing-zone` (OpenTofu) deploys ArgoCD and creates the App-of-Apps Application pointing to this repo
 - Bootstrap addons (cert-manager, external-secrets, etc.) are managed by this repo at wave 0
 - Cluster secret labels (set by IaC) drive environment selection in ApplicationSets
 

README.md

@@ -1,6 +1,6 @@
 # AKS GitOps Repository
 
-GitOps configuration for AKS cluster addons, managed by ArgoCD. Part of a multi-cloud GitOps strategy (`eks-gitops`, `gke-gitops`, `aks-gitops`).
+GitOps configuration for AKS cluster addons, managed by ArgoCD. Part of a multi-cloud GitOps strategy (`eks-gitops`, `aks-gitops`).
 
 **AI clients / agents start here:** [`AGENTS.md`](AGENTS.md). For the stack-wide view, see the [Platform Reference](https://github.com/nanohype/nanohype/blob/main/docs/platform-reference.md).
 
@@ -15,7 +15,7 @@ GitOps configuration for AKS cluster addons, managed by ArgoCD. Part of a multi-
 
 ## Companion Repository
 
-This repository is the AKS variant of a multi-cloud GitOps strategy. Infrastructure is provisioned by [azure-aks](https://github.com/nanohype/azure-aks) (Bicep/Terraform), which deploys ArgoCD and creates the App-of-Apps Application pointing to this repository.
+This repository is the AKS variant of a multi-cloud GitOps strategy. Infrastructure is provisioned by [landing-zone](https://github.com/nanohype/landing-zone) (OpenTofu/Terragrunt), which deploys ArgoCD and creates the App-of-Apps Application pointing to this repository.
 
 ## Architecture
 

docs/architecture/overview.md

@@ -2,11 +2,11 @@
 
 ## GitOps Model
 
-This repository implements the **App-of-Apps** pattern for ArgoCD. It is the AKS variant of a multi-cloud GitOps strategy (`eks-gitops`, `gke-gitops`, `aks-gitops`). The IaC infrastructure ([azure-aks](https://github.com/nanohype/azure-aks)) deploys ArgoCD and creates a root Application that points to this repository's `applicationsets/` directory.
+This repository implements the **App-of-Apps** pattern for ArgoCD. It is the AKS variant of a multi-cloud GitOps strategy (`eks-gitops`, `aks-gitops`). The IaC infrastructure ([landing-zone](https://github.com/nanohype/landing-zone)) deploys ArgoCD and creates a root Application that points to this repository's `applicationsets/` directory.
 
 ```mermaid
 graph TD
-    IaC[azure-aks IaC] -->|deploys| ArgoCD
+    IaC[landing-zone OpenTofu] -->|deploys| ArgoCD
     IaC -->|creates| AppOfApps[App-of-Apps Application]
     AppOfApps -->|references| AppSets[ApplicationSets]
     AppSets -->|generates| BootApps[Bootstrap Apps]
@@ -118,4 +118,4 @@ addons/<category>/<addon>/
 
 Cluster workloads authenticate to Azure resources via [Azure Workload Identity](https://azure.github.io/azure-workload-identity/). Service accounts carry an `azure.workload.identity/client-id` annotation that the federated credential maps to a Managed Identity. This is the AKS analogue of EKS IRSA.
 
-The cluster must have OIDC issuer and Workload Identity enabled (provisioned by `azure-aks` IaC). External Secrets, External DNS, Velero, Loki/Tempo (if using blob storage), KEDA, OpenCost, Argo Workflows, and Karpenter all use this pattern.
+The cluster must have OIDC issuer and Workload Identity enabled (provisioned by `landing-zone` (OpenTofu)). External Secrets, External DNS, Velero, Loki/Tempo (if using blob storage), KEDA, OpenCost, Argo Workflows, and Karpenter all use this pattern.