Cheatsheets

AI models (Claude, GPT, Codex), Azure OpenAI, Copilot, Security Copilot custom agents, MDASH, Bedrock, FastAPI, MCP, grounding strategies, and responsible AI policy setup.

Installation, static and dynamic inventory, ad-hoc commands, playbook structure, roles, variables, Jinja2 templates, vault encryption, collections, and common modules.

CLI setup, named profiles, S3 operations, EC2, IAM, EKS kubeconfig, and CloudFormation deploy commands.

Authentication helpers for Az PowerShell and Azure CLI (interactive and SPN), policy assignment queries, and common az commands.

az devops CLI, YAML pipelines, templates and extends governance, Workload Identity Federation service connections, agent and container jobs, environments and approvals, the permission model, and anti-patterns.

Script boilerplate, strict mode, colour output helpers, argument parsing, PATH deduplication, and directory-iteration patterns.

Azure-native IaC - tooling and CLI, parameters and .bicepparam files, modules, the private Bicep registry (ACR), loops and conditions, deployment scopes, user-defined types, Key Vault secret passthrough, what-if, deployment stacks, and CI/CD.

Text-wrangling tools - jq for JSON, yq for YAML, sed stream editing, awk field processing, and the PowerShell/Windows equivalents (Select-String, ConvertFrom-Json, findstr, Test-NetConnection).

Docker setup scripts, Podman pod creation, Docker Compose examples, Kubernetes pod manifests, and nginx reverse proxy configs.

VS Code and JetBrains Toolbox setup for Azure DevOps engineering - extensions, settings.json, Terraform and Python integration, Copilot toggle, keybindings, and Linux-specific quirks.

dotnet CLI, interfaces, classes, records, pattern matching, LINQ, async patterns, dependency injection, Azure SDK authentication, Key Vault, Blob Storage, ARM, Kusto SDK, Log Analytics, and xUnit testing.

Configuration templates, core operations, branching, remotes, undoing changes, history inspection, and bulk automation scripts for GitHub and Azure DevOps.

Workflow syntax, events and triggers, expressions and contexts, secrets and least-privilege GITHUB_TOKEN permissions, OIDC cloud auth, reusable workflows, runners, containers, caching, environments, and supply-chain hardening.

GitLab CI/CD - .gitlab-ci.yml syntax, stages and the needs DAG, rules and workflow, masked/protected variables, OIDC id_tokens and Vault secrets, includes/extends/components, runners, Docker-in-Docker, caching and artifacts, protected environments, security scanners, and Terraform.

Modules, types, interfaces, error handling, generics, goroutines, channels, HTTP server, slog, testing, and Azure SDK authentication with blob storage and Key Vault.

KQL fundamentals, time filtering, string ops, aggregations, joins, and threat hunting queries across Defender and Sentinel tables - processes, network, identity, email, alerts, and incidents.

Production Linux ops - permissions and ACLs, users and sudo, processes and signals, systemd units and timers, journald, package managers, networking, firewalls, SSH hardening, LVM and storage, performance triage, security hardening, plus workstation and WSL2 setup.

Production reverse proxy - config layout, hardened TLS snippets, proxying and WebSockets, upstreams and load balancing, security headers, rate limiting, caching, structured logging, performance tuning, and location-matching rules.

Azure auth helpers, resource provider registration, Terraform pipeline functions, module management, and Sentinel watchlist export.

Virtual environment helpers, uv package manager, FastAPI, async patterns, Azure SDK authentication, metadata service queries, and Terraform utilities.

nmap, netcat, curl, openssl, PowerShell recon, JavaScript console, git secret hunting, grep/ripgrep regex patterns, ffuf web fuzzing, SSH tunnelling, socat encrypted shells, and SQLMap injection testing.

Practical snippets for Azure infrastructure - number formatting, type conversions, dynamic blocks, state management, OS detection, and workflow automation.

nvm setup, tsconfig, core types, generics, utility types, classes, discriminated unions, async patterns, Next.js App Router, server actions, route handlers, and Vitest testing.

Windows admin for engineers - winget and Scoop, system inventory, processes and services, networking and firewall, disk and storage, users, scheduled tasks, event logs, registry, DISM/sfc repair, remote management, Windows Update, WSL2, and Sysinternals.