Advanced Load Balancing on AWS
ALB, NLB, Global Accelerator, and traffic management patterns for high-availability architectures.
Amazon Bedrock AgentCore Runtime
AWS's serverless hosting platform for AI agents. GA October 2025. Each session runs in a dedicated microVM with isolated CPU/memory. Pay-per-second billing — no charge during LLM/tool I/O wait. Supports LangGraph, Strands, CrewAI, and any Python framework.
Amazon Bedrock Guardrails
Amazon Bedrock Guardrails — managed content safety layer for FM applications. Six policy types: content filters, denied topics, word filters, sensitive information redaction, grounding checks (hallucination), and contextual grounding. AIF-C01 Domain 5 core.
Amazon EKS — Elastic Kubernetes Service
Managed Kubernetes on AWS: control plane management, node groups, Fargate profiles, and IRSA.
Amazon EventBridge
Serverless event bus for decoupling producers from consumers across AWS services, SaaS, and custom applications.
Amazon Q (Business and Developer)
Amazon Q is AWS's GenAI assistant family — Q Business (enterprise GenAI over company data, permission-aware) and Q Developer (AI coding assistant). AIF-C01 tests Q Business vs Kendra: Q Business returns synthesised answers; Kendra returns document passages.
Amazon SageMaker Sub-Services
SageMaker sub-services — Canvas (no-code ML), Autopilot (AutoML), Ground Truth (data labelling), Data Wrangler (feature prep), Feature Store, Pipelines (MLOps), Model Monitor (drift), Clarify (bias/explainability), JumpStart (foundation models). AIF-C01 Domain 3 core.
Ansible
Agentless configuration management and automation tool. Uses SSH to push configuration to remote hosts — no daemon, no agent installed on targets. Written in Python; tasks are YAML playbooks.
Argo Rollouts
Progressive delivery controller for Kubernetes. Extends Deployments with canary, blue-green, and analysis-driven rollout strategies.
ArgoCD
GitOps continuous delivery for Kubernetes. Watches a Git repository; reconciles cluster state to match. The cluster tells Argo what's running; Git tells Argo what should be running.
AWS Analytics Services
AWS analytics services decision guide — Athena (serverless SQL on S3), EMR (managed Spark), Glue (serverless ETL), Kinesis (real-time streaming), OpenSearch (log search), QuickSight (BI), Redshift (data warehouse).
AWS API Gateway
Fully managed API layer. Routes HTTP requests to Lambda, ECS, EC2, or any HTTP backend.
AWS CDK
AWS Cloud Development Kit. Define AWS infrastructure in TypeScript, Python, Java, or Go.
AWS Core Services
The foundational services every cloud engineer needs to know. AWS dominates cloud (33% market share, 2026). These ten services underpin the vast majority of production architectures.
AWS ECS — Elastic Container Service
AWS-native container orchestration. Simpler than Kubernetes — no control plane to manage, no YAML manifests.
AWS ElastiCache
Managed Redis and Memcached in AWS. ElastiCache handles node provisioning, patching, failure detection, and replication. Use Redis for most workloads — richer data structures, persistence, pub/sub.
AWS Fargate
Serverless compute engine for containers — run ECS or EKS workloads without managing EC2 instances.
AWS Lambda — Patterns and Production
Lambda beyond hello-world. Cold starts, concurrency, event sources, and deployment patterns that matter for production workloads.
AWS Lambda Powertools
Production-grade observability, idempotency, and batch processing for Lambda — the standard library for serious Lambda work.
AWS Networking — Advanced
Beyond basic VPC: multi-VPC architectures, transit gateway, PrivateLink, WAF, DNS failover, and network performance patterns.
AWS Pre-Built AI Recognition Services
AWS pre-built AI services — Rekognition (vision), Comprehend (NLP), Lex (chatbots), Polly/Transcribe (speech), Translate (language), Textract (documents), Kendra (search), Personalize (recommendations), Forecast (time series). No ML expertise required.
AWS RDS & Aurora
Managed relational database services. RDS manages MySQL, PostgreSQL, MariaDB, Oracle, SQL Server.
AWS SageMaker
Managed ML platform: training, model registry, real-time inference endpoints, and batch transform — the bridge between cloud engineering and AI engineering.
AWS Security and Compliance
Security Hub, GuardDuty, Config, Inspector, and WAF — the AWS security control plane.
AWS Service Ecosystem
Overview of the AWS service ecosystem for AI practitioners — compute, storage, AI/ML, observability, and security services.
AWS SQS and SNS
The messaging backbone of AWS event-driven architectures. SQS = queue (point-to-point). SNS = pub/sub (one-to-many fan-out).
AWS Step Functions
Serverless orchestration for distributed workflows. Coordinates Lambda functions, ECS tasks, SQS, SNS, DynamoDB, and 200+ AWS services into reliable state machines.
Azure Core Services
Microsoft Azure. Third cloud globally but dominant in enterprise (Microsoft 365 integration, Entra ID as de facto corporate identity).
Blue-Green and Advanced Deployment Strategies
Zero-downtime deployment patterns with instant rollback capability.
CDN and Edge Patterns
Content delivery networks and edge computing: moving content and computation closer to users to reduce latency and origin load. Critical for global applications.
Cloud Migration
Planning and executing workload migrations to AWS: the 6 Rs, wave planning, and the tools that make it work.
Cloud Monitoring
Observability for cloud infrastructure. You cannot improve what you cannot measure. The three pillars: metrics (what is happening), logs (why it happened), traces (where time was spent).
Cloud Networking
Network design underpins security, performance, and cost in cloud architectures. The same concepts — VPC, subnets, routing, firewalls — appear in all three major clouds with different names.
Cloud Security
Securing AWS infrastructure: IAM least privilege, preventive controls (SCPs, resource policies), detective controls (GuardDuty, CloudTrail, Security Hub), and network security (WAF, Security Groups, N...
Cloud-Native Patterns
Design principles and patterns for applications built to run on cloud infrastructure: containerised, dynamically orchestrated, microservices-oriented, and built for scale and resilience.
Container Security
Securing the container lifecycle: from image build to runtime in Kubernetes. Containers reduce attack surface compared to VMs but introduce their own threat model.
Data Engineering on Cloud
Building data pipelines and analytics infrastructure on AWS. From S3 data lake to queryable analytics with Athena, Glue, and Redshift.
Disaster Recovery
Planning and executing recovery from catastrophic failures — region outages, data corruption, ransomware, accidental mass deletion.
Docker
Container runtime. Packages an application and its dependencies into a portable, reproducible image that runs identically in dev, CI, and production.
FinOps and Cloud Cost Management
Engineering discipline for understanding, controlling, and optimising cloud spend.
GCP Core Services
Google Cloud Platform. Second cloud for most teams; first cloud for ML/AI workloads and analytics. GCP leads on Kubernetes (invented it), BigQuery, and Vertex AI. 12% market share (2026).
GitHub Actions
CI/CD built into GitHub. Triggered by events (push, PR, schedule, manual). Runs jobs in parallel or sequence across GitHub-hosted or self-hosted runners.
GitOps Patterns
GitOps uses Git as the single source of truth for infrastructure and application state. A GitOps operator continuously reconciles the actual cluster state toward what's declared in Git.
Helm — Advanced Patterns
Beyond `helm install`. Hooks, library charts, OCI registries, testing, and patterns for production-grade chart management.
Infrastructure Monitoring on AWS
CloudWatch, X-Ray, Synthetics, and SLO-driven alerting for AWS workloads.
KEDA — Kubernetes Event-Driven Autoscaling
KEDA (Kubernetes Event-Driven Autoscaling) extends Kubernetes HPA to scale workloads based on external event sources — Kafka consumer lag, SQS queue depth, Prometheus metrics, Redis list length, and 6...
Kubernetes
Open-source container orchestration. Declare desired state; the control plane makes it so and keeps it so. The standard production substrate for containerised workloads.
Kubernetes Operators
Operators extend Kubernetes with domain-specific knowledge.
Multi-Tenancy Patterns
Serving multiple customers from shared infrastructure.
Observability Stack
The three pillars of observability: metrics (what's broken), logs (why it broke), traces (where it broke).
Platform Engineering
Building and operating an Internal Developer Platform (IDP) that enables product teams to self-serve infrastructure, deployments, and tooling — without needing deep ops expertise.
Pulumi
Infrastructure as Code using real programming languages. Write AWS/GCP/Azure resources in TypeScript, Python, Go, or .NET.
Quality Gates in GitOps Delivery
Quality gates in a GitOps flow split across two distinct planes — CI gates (PR checks before a commit lands in Git) and GitOps gates (sync hooks, analysis runs, and promotion policies that execute after Git already holds the desired state). QA practitioners own both planes.
Secrets Management
Credentials, API keys, database passwords, TLS certificates — anything that grants access must be managed, rotated, and audited.
Serverless Patterns
Architectural patterns for serverless compute — Lambda, Cloud Run, Azure Functions.
Service Mesh
A service mesh handles cross-cutting network concerns for microservices: mTLS, retries, circuit breaking, traffic shaping, and observability — without touching application code.
Terraform
Infrastructure as Code tool by HashiCorp (now part of IBM, with community fork OpenTofu under MPL 2.0). Declare infrastructure in HCL, run plan-apply-destroy.
VPC Design Patterns
Network architecture patterns for secure, scalable AWS deployments — from single-account to multi-account.