eksctl ClusterConfig YAML, kubeconfig with aws eks update-kubeconfig, VPC CNI Secondary IP Mode and Prefix Delegation, pod density per instance type, and cluster verification.
Hierarchies with get-parameters-by-path, String/StringList/SecureString types, Standard vs Advanced tiers, Parameter Policies, CDK dynamic references, and SSM vs Secrets Manager decision criteria.
AWSPENDING/AWSCURRENT/AWSPREVIOUS version lifecycle, the 4 rotation function steps, Single User vs Alternating Users, native RDS rotation, custom rotator, and resilient applications.
AWS Budgets with automatic actions (SCP, IAM, stop instances), mandatory tag hierarchy for chargeback, Tag Policies, AWS Config for compliance, and cost allocation models.
GetCostAndUsage API with tag filters and AmortizedCost, Cost Anomaly Detection with monitors and thresholds, Compute Optimizer for EC2/Fargate rightsizing, and cost governance pipeline.
Spot Instances with up to 90% discount, price-capacity-optimized allocation strategies, instance type diversification, interruption handling via IMDS and EventBridge, and Auto Scaling with mixed instances.
Compute Savings Plans, EC2 Instance Savings Plans and Reserved Instances compared by flexibility, discount and risk. ROI calculation, break-even and over-commitment.
X-Ray Groups with filter expressions, sampling rules by endpoint, annotations vs metadata, distributed trace navigation ALB→Lambda→DynamoDB, and latency diagnosis.
Composite Alarms with AND/OR/NOT logical expressions, anomaly detection with ML dynamic band, alarm actions with Lambda and SSM, and alarm states with missing data treatment.
Logs Insights queries to aggregate errors by endpoint, extract fields with parse, timeseries with bin(), auto-discovered fields, and reusable saved queries.
Custom metrics via EMF in Lambda without API calls, EMF document structure, EMF vs PutMetricData, high-resolution metrics, Powertools Metrics, and high-cardinality pitfalls.
Global Tables v2019 multi-region, last-writer-wins conflict resolution, MREC vs MRSC, rWRU/rWCU cost, DAX with Global Tables, and regional write patterns.
Atomic TransactWriteItems with multiple entities, ConditionExpression for optimistic locking, 2x transaction cost, ClientRequestToken for idempotency, and isolation levels.
DAX cluster architecture, item cache vs query cache, write-through, strongly consistent reads, node sizing, cost-benefit calculation, and patterns where DAX does not help.
DynamoDB Streams anatomy, delivery and ordering guarantees, Lambda event source mapping, event filtering, CDC pattern for OpenSearch, and fan-out to multiple consumers.
GSI with sparse index and write sharding, write amplification with multiple GSIs, GSI throttling back-pressure on base table, LSI vs GSI, and real index cost calculation.
Adjacency list for many-to-many, composite sort keys for hierarchies, GSI overloading for multiple access patterns, and when single-table creates more problems than it solves.
Access patterns first paradigm, generic PK and SK with entity prefixes, item collections, GetItem and Query operations with begins_with and BETWEEN, and single-table design.
NLB for TCP/UDP with static IP and PrivateLink, Gateway Load Balancer for inline inspection with GENEVE, preserve client IP by target type, and North-South topology with GLB.
Native OIDC authentication on ALB with Cognito, mTLS with trust store for machine-to-machine, and WAF Web ACL with managed rules for L7 protection.
Listener rules with multiple conditions (path + header + query string), weighted target groups for ALB canary releases, fixed response for health checks, and CDK/CLI deploy.
Choosing between Lambda@Edge and CloudFront Functions based on latency, body access, cost and deploy. Header injection, URL rewrite, JWT authentication at edge, and CDK deploy.
Structured JSON logs with correlation fields, X-Ray active tracing with custom subsegments, Lambda Insights for per-invocation metrics, and correlation across all three pillars.
Parallel for concurrent branches, inline and distributed Map for iteration, InputPath/Parameters/ResultPath/OutputPath pipeline, and Retry with backoff + Catch by error type.
State machine with Task, Choice, Wait, Succeed and Fail, Standard vs Express Workflow guarantees, execution history for diagnostics, and integration patterns with Lambda and SQS.
Lambda Layers for shared dependencies, external Extensions in the Lambda lifecycle, and Powertools for structured logging, tracing and metrics with minimal code.
Event source mapping for SQS with batch size and bisect-on-error, event filters to process only specific events, partial batch response, and retry and DLQ behavior per source.
Execution environment lifecycle, cold start factors, Provisioned Concurrency, SnapStart for Java/.NET, and PC vs on-demand cost calculation.
FireLens with Fluent Bit for multi-destination log routing, enhanced Container Insights for per-task metrics, and X-Ray daemon as sidecar for distributed tracing.
ECS Service with CODE_DEPLOY deployment type, AppSpec for blue/green, test hooks after traffic shift, automatic rollback with CloudWatch Alarms, and canary/linear strategies.
Capacity Providers for Fargate and Fargate Spot with weights, Application Auto Scaling with custom metrics, backlog per task for SQS, and Spot cost savings calculation.
Fargate awsvpc model with ENI per task, granular security groups, Task Role vs Execution Role, VPC endpoints for private subnets, and ECS Exec for debugging.
ECS Service with ALB Target Group, health checks with grace period, AWS Cloud Map for service-to-service discovery, and when to use each approach.
Complete task definition with multiple containers (sidecar pattern), awslogs driver for CloudWatch, EFS volumes, and CPU/memory limits per task vs per container.
Cached context lookups in cdk.context.json, feature flags to control migration behaviors, and cdk.json structure for teams with reproducible CI.
CustomResource with Provider and AwsCustomResource to provision resources not natively supported, and Aspects to traverse and validate all constructs in a stack automatically.
Sequential and parallel stages with Wave, validation ShellSteps between stages, envFromCfnOutputs, self-mutation in action, and debugging asset publishing failures.
Cross-account bootstrap with --trust, CodeStar Connections with GitHub via OIDC, CDK Pipeline with Source + Build + UpdatePipeline, and self-mutation.
Infrastructure unit tests with aws-cdk-lib/assertions, hasResourceProperties, matchers, Capture, snapshot tests and combined testing strategy.
Lambda deploy with bundled dependencies via NodejsFunction and PythonFunction, DockerImageFunction, and how assets are staged to S3/ECR by CDK.
Multiple stacks with distinct environments, Stage for multi-account, cross-stack references, and when to use stack per account vs nested stacks.
Distinction between L1 (CfnBucket), L2 (Bucket) and L3 (patterns) constructs, escape hatches, Construct Hub, and when each level is appropriate.
CDK v2 project initialization in TypeScript/Python, cdk bootstrap, construct structure, and cdk synth, cdk diff and cdk deploy commands.
Changesets to review changes before applying, drift detection to find divergences, and stack policies to protect critical resources from accidental replacement.
Complete YAML template with typed Parameters, Resources with Ref and Fn::GetAtt, Outputs exported across stacks, and deploy via aws cloudformation deploy with changesets.
SSO profile configuration with IAM Identity Center, assume-role for cross-account context switching, pagination with --page-size and --max-items, and filtering with --query and JMESPath.