Queen of San Diego — Tech Blog

Under the hood at queenofsandiego.com

```html

Multi-Domain Executive Intelligence Pipeline: Deploying Real-Time C-Suite Analytics Across Four Business Entities

Over the past development session, we built and deployed a comprehensive executive reporting system that generates real-time, role-specific intelligence reports across JADA Charter, Queen of San Diego, Quick Dump Now, and Dangerous Centaur. This infrastructure enables C-suite stakeholders to make data-driven decisions by automatically synthesizing operational, financial, technical, and marketing metrics across disparate business units.

What Was Done

We created and deployed two parallel reporting tools to push executive summaries to stakeholders via Amazon SES:

  • send_exec_reports.py — Primary orchestrator that generates five domain-specific reports (CEO, CTO, Accounting Officer, CMO, CFO) and dispatches them to designated recipients
  • send_exec_reports_2.py — Secondary version for extended deployment across three additional domains (3028 51st St Rental property operations, Expert Yacht Delivery logistics, and DangerousCentaur client portfolio billing)

Each report is tailored to the recipient's decision-making authority, presenting only the KPIs, shortfalls, and action items relevant to that function.

Technical Architecture & Implementation

Email Transport Layer

We leverage Amazon SES (Simple Email Service) for all outbound reporting. The system reads SES credentials from repos.env, stored at the repository root level. Configuration variables include:

  • SES_REGION — AWS region endpoint (us-west-2)
  • SES_ACCESS_KEY_ID and SES_SECRET_ACCESS_KEY — IAM credentials with ses:SendEmail and ses:SendRawEmail permissions
  • SES_FROM_ADDRESS — Verified sender identity (admin@queenofsandiego.com)

The SES sender identity must be verified in the AWS SES console prior to sending; we confirmed admin@queenofsandiego.com was pre-verified, allowing direct hardcoding in the script.

import boto3
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart

ses_client = boto3.client(
    'ses',
    region_name=os.getenv('SES_REGION'),
    aws_access_key_id=os.getenv('SES_ACCESS_KEY_ID'),
    aws_secret_access_key=os.getenv('SES_SECRET_ACCESS_KEY')
)

message = MIMEMultipart('alternative')
message['Subject'] = subject_line
message['From'] = sender_email
message['To'] = recipient_email
message.attach(MIMEText(body, 'html'))

ses_client.send_raw_email(
    Source=sender_email,
    Destinations=[recipient_email],
    RawMessage={'Data': message.as_string()}
)

Report Generation Pipeline

Each report is constructed as a structured Python dictionary, then serialized to HTML format with semantic styling. The five core reports address:

  • CEO Report — Asset inventory (4 operating entities, 8+ revenue streams), critical shortfalls (empty pipeline, no revenue tracking, zero OTA presence, DangerousCentaur billing gap), 9 missing KPIs, and a 30-day priority action plan
  • CTO Report — Stack audit for each domain (Python/Lambda, HTML/S3, Route53 DNS, DynamoDB), 6 security gaps (hardcoded Stripe keys in codebase, plaintext repos.env, unauthenticated GAS endpoints, missing WAF on CloudFront distributions), AWS cost analysis (~$50–84/month), UX/analytics gaps, and 10 engineering actions
  • Accounting Report — Revenue recognition issues, full chart of accounts, expense audit by category, identification of missing accounting system, 4-phase roadmap to profitability through Q1 2027
  • CMO Report — Channel visibility matrix, business case for 3,676-person email blast (modeled at $10K–50K per concert booking), OTA deployment sequencing (Sailo → GetMyBoat → Viator/Google Travel), QDN local SEO roadmap, 30/60/90-day milestones
  • CFO Report — Monthly burn rate ($7–9K/month), capital deployment tiers (zero-cost initiatives, low-cost improvements, revenue-generating projects), break-even analysis (6 charters/month), monthly revenue targets through Q4 2026, non-negotiable financial guardrails

Extended reports cover:

  • Property Operations (3028 51st St) — Rental occupancy, maintenance spend, lease compliance
  • Expert Yacht Delivery — Logistics cost per nautical mile, fleet utilization, delivery pipeline health
  • DangerousCentaur Billing — Client invoice aging, collection rate, unbilled hours recovery

Recipient Routing & Multi-Domain Dispatch

The scripts maintain a recipient manifest that routes reports to appropriate stakeholders:

recipients = {
    'ceo': ['c.b.ladd@gmail.com', 'admin@queenofsandiego.com'],
    'cto': ['sergio@example.com', 'admin@queenofsandiego.com'],
    'accounting': ['finance@example.com'],
    'cmo': ['marketing@example.com'],
    'cfo': ['cfo@example.com']
}

BCC to admin@queenofsandiego.com ensures all executive communication is logged for compliance and audit trails.

Infrastructure & Deployment

AWS SES Configuration

  • Region: us-west-2 (co-located with primary application infrastructure)
  • Sending Limits: Initial sandbox mode allows 200 messages/day; production mode lift requires AWS support case
  • Bounce Handling: SNS topic subscription to arn:aws:sns:us-west-2:*:ses-bounce-topic captures delivery failures
  • IAM Policy: Minimal SES actions: ses:SendEmail, ses:SendRawEmail, ses:GetSendStatistics

Repository Structure

Both scripts are stored at the repository root for easy access during deployment cycles:

/Users/cb/Documents/repos/tools/
├── send_exec_reports.py       (primary 5-report orchestrator)
├── send_exec_reports_2.py     (extended 8-report version)
└── repos.env                  (SES credentials, environment variables)

The repos.env file is excluded from version control (.gitignore) but symlinked or sourced during execution.

Key Decisions & Rationale

Why SES over SendGrid or Mailgun? SES integrates natively with IAM, requires no third-party API keys, and costs ~$0.10 per 1,000 emails. Given the multi-domain architecture and need for compliance logging, native AWS integration reduces operational complexity.