Cheatsheets

AI models (Claude, GPT, Codex), Azure OpenAI, Copilot, Security Copilot custom agents, MDASH, Bedrock, FastAPI, MCP, grounding strategies, and responsible AI policy setup.

Installation, static and dynamic inventory, ad-hoc commands, playbook structure, roles, variables, Jinja2 templates, vault encryption, collections, and common modules.

CLI setup, named profiles, S3 operations, EC2, IAM, EKS kubeconfig, and CloudFormation deploy commands.

Authentication helpers for Az PowerShell and Azure CLI (interactive and SPN), policy assignment queries, and common az commands.

az devops CLI, YAML pipelines, templates and extends governance, Workload Identity Federation service connections, agent and container jobs, environments and approvals, the permission model, and anti-patterns.

Script boilerplate, strict mode, colour output helpers, argument parsing, PATH deduplication, and directory-iteration patterns.

Docker setup scripts, Podman pod creation, Docker Compose examples, Kubernetes pod manifests, and nginx reverse proxy configs.

dotnet CLI, interfaces, classes, records, pattern matching, LINQ, async patterns, dependency injection, Azure SDK authentication, Key Vault, Blob Storage, ARM, Kusto SDK, Log Analytics, and xUnit testing.

Configuration templates, core operations, branching, remotes, undoing changes, history inspection, and bulk automation scripts for GitHub and Azure DevOps.

Workflow syntax, events and triggers, expressions and contexts, secrets and least-privilege GITHUB_TOKEN permissions, OIDC cloud auth, reusable workflows, runners, containers, caching, environments, and supply-chain hardening.

Modules, types, interfaces, error handling, generics, goroutines, channels, HTTP server, slog, testing, and Azure SDK authentication with blob storage and Key Vault.

KQL fundamentals, time filtering, string ops, aggregations, joins, and threat hunting queries across Defender and Sentinel tables - processes, network, identity, email, alerts, and incidents.

Production Linux ops - permissions and ACLs, users and sudo, processes and signals, systemd units and timers, journald, package managers, networking, firewalls, SSH hardening, LVM and storage, performance triage, security hardening, plus workstation and WSL2 setup.

Production reverse proxy - config layout, hardened TLS snippets, proxying and WebSockets, upstreams and load balancing, security headers, rate limiting, caching, structured logging, performance tuning, and location-matching rules.

Azure auth helpers, resource provider registration, Terraform pipeline functions, module management, and Sentinel watchlist export.

Virtual environment helpers, uv package manager, FastAPI, async patterns, Azure SDK authentication, metadata service queries, and Terraform utilities.

nmap, netcat, curl, openssl, PowerShell recon, JavaScript console, git secret hunting, grep/ripgrep regex patterns, ffuf web fuzzing, SSH tunnelling, socat encrypted shells, and SQLMap injection testing.

Practical snippets for Azure infrastructure - number formatting, type conversions, dynamic blocks, state management, OS detection, and workflow automation.

nvm setup, tsconfig, core types, generics, utility types, classes, discriminated unions, async patterns, Next.js App Router, server actions, route handlers, and Vitest testing.

TCP port listeners, Scoop package management, WSL2 configuration, firewall rules, system diagnostics, and environment variable management.