Skip to content

Backend Document (lekhraj Dinkar) 2025

ACM

Backend Document (lekhraj Dinkar) 2025

Docker
Docker
Kubernetes
Kubernetes
- Readme
- Kickoff
  Kickoff
- A2.1 KCAD
  A2.1 KCAD
  - Certification Topics
  - Labs
  - Commands (YAML)
  - 01 Core Concepts
    01 Core Concepts
    
    Container
    
    Pod
    
    ReplicaSet
    
    Deployment
    
    StatefulSets
    
    Namespace
    
    ConfigMap
    
    Secrets with Encryption
    
    Security Context
    
    Service Account
    
    Resource Requirements
    
    Pod Placement
    
    Controllers
    
    PDB
    
    DaemonSet
  - 02 Pod Design
    02 Pod Design
    
    Multi-Container Pods
    
    Labels + Selectors
    
    Deployments
    
    Jobs
  - 03 Observability
    03 Observability
    
    Readiness + Liveness
    
    Logging
    
    Monitor & Debug
  - 04 Services + Networking
    04 Services + Networking
    
    Services
    
    Ingress
    
    Network Policies
  - 05 State Persistence
    05 State Persistence
    
    Volumes
    
    Storage Class
  - 06 Security
    06 Security
    
    Authentication
    
    Kubeconfig File
    
    API Groups
    
    Authorization
    
    Cluster Roles
    
    Admission Controllers
  - 07 Others
    07 Others
    
    API Versioning
    
    CRD
- A2.2 EKS
  A2.2 EKS
  - Cluster Setup
  - Add User + SA
  - Nodegroup + Fargate
  - Developer
    Developer
    
    Getting Started
    
    HPA
    
    Deployment
  - Code Guide
    Code Guide
    
    MCP Cluster
    
    Ingress Annotation
    
    Pod Annotation
    
    SA Annotation
    
    External Secret
    
    External Secret v2
    
    IRSA
- A2.3 Helm
  A2.3 Helm
  - Helm Chart Kickoff
Terraform
Terraform
Harness / CD pipleine
Harness / CD pipleine
- kick_off
- delegates
- bash
AWS
AWS
- 00 AWS DVA-C02
  00 AWS DVA-C02
  - DVA Overview
  - CLI & SDK
  - CloudFormation
  - CI/CD
  - SAM
  - CDK
  - Handson
- 01 AWS Compute
  01 AWS Compute
  - EC2
  - ECS
  - EKS
  - Lambda Intro
  - Lambda CLI
  - Lambda Triggers
  - Lambda Event/Context
  - App Runner
  - Step Functions
- 02 AWS Storage
  02 AWS Storage
  - S3 Basics
  - S3 Advanced
  - EBS & EFS
  - FSx
  - Snow Family
- 03 AWS Database
  03 AWS Database
  - RDS
  - Aurora
  - DynamoDB SSA
  - DynamoDB Ops
  - DAX
- 05 AWS Decouple
  05 AWS Decouple
  - SQS
  - SNS
  - KDS
  - KDF
  - Active MQ
  - EventBridge
  - MSK
- 06 AWS Networking
  06 AWS Networking
- 07 AWS Security
  07 AWS Security
  - IAM
  - SSO & DirectoryService
  - cognito_SAA
  - KMS SSA
  - KMS DVA
  - Secrets Manager
  - SSM-param-store
  - ACM ACM
    Table of contents
    
    1. certificate:
    
    2. Generate certificate
    
    by internal / ACM
    
    bt External provider
    
    3. certificate: Validation method
    
    4. ACM: integration with services
  - WAF+FirewallManager
  - AWS Sheild
  - HSM DVA
  - more
- 08 AWS Monitoring
  08 AWS Monitoring
- 09 AWS Analytics
  09 AWS Analytics
  - Athena
  - Redshift
  - QuickSight
  - Glue ETL
- 10 AWS DR & Migration
  10 AWS DR & Migration
- 11 AWS Practice
  11 AWS Practice
  - Practice Test
Java
Java
- Java 7
- Java 8
- Java 9-11
- Java 11-17
- Java 17-21
Springboot
Springboot
- 00 lombok mvn git
- 01 Spring Core
  01 Spring Core
- 02 Spring Boot
  02 Spring Boot
- 03 Web
  03 Web
- 04 Data Layer
  04 Data Layer
- 05 Security
  05 Security
- 06 ETL SpringBatch
  06 ETL SpringBatch
  - index
  - SpringBatch
Messaging
Messaging
- Messaging Protocols Overview
- 01 Kafka
  01 Kafka
- 02 RabbitMQ
  02 RabbitMQ
  - Kickoff
  - Project Overview
Database
Database
- 01 RDBMS
  01 RDBMS
Architecture
Architecture
- Overview
- 01 Web Security
  01 Web Security
- 02 Modern Web Architecture
  02 Modern Web Architecture
  - Kickoff 2024
  - Twelve-Factor App
- 03 Microservices
  03 Microservices
- 04 Project 1 (PROJ-1)
  04 Project 1 (PROJ-1)
Observability
Observability

ACM (regional)¶

1. certificate:¶

private
cert can be used inside org
public
cert for public internet

2. Generate certificate¶

by internal / ACM¶

ACM generate cert
import to ACM
ACM automatically renews public certificates 60 days before expiration

bt External provider¶

eg: digicert
generate cert for FQDN or with wildcard
dev1.outbound.aws.org.com,
dev2.outbound.aws.org.com
*.outbound.aws.org.com
*.aws.org.com
import to ACM
no auto re-new
AWS-Config
- rule:acm-cert-expiracy-check to:
- sends eventBridge event to expiration, before 45 days (default)
- can catch event --> SNS alert, lambda,
- can change days from 45 to something else.

3. certificate: Validation method¶

email
receive validatin email, follow the link in email and validate it.
will receive email expiry.
dns : just, create cname entry in R53 with above dns

4. ACM: integration with services¶

CloudFront
can monitor days to expiry as a metric for ACM certificates
can build alarms to monitor certificates based on days to expiry
R-53
ELB : ALB, NLB, ...
API gateway (3 types)
edge-optimized : keep ACM cert in us-east-1
regional + private(with In vpc)
- keep ACM cert in same region