Python Foundation

Python Variables: Storing Data

Imagine you are shifting your house. You have many items (Data), and you put them into boxes to organize them. To find your items later, you stick a label on each box, like “Kitchen,” “Books,” or “Toys.”

In traditional languages (like C), a variable is a Box. You put data inside it.

In Python, it works differently. A variable is a Tag (Reference) attached to a Value. The Value lives in memory, and the Tag points to it.

Variable = A Nickname for data.

When you write x = 10, you are telling the computer: “Please store the number 10 somewhere in your memory, and whenever I ask for ‘x‘, give me that number.”

A variable is a name given to a memory location in the computer’s RAM. Think of it as a container or a label that stores a specific value (data). You can refer to this data later in your program using the variable name.

variable_name = value

Rules for Naming Variables

The Golden Rule: Keep it simple, descriptive, and follow the standard format.

Python has 5 unbreakable laws for naming variables. If you violate these, the program crashes immediately.

1. Must Start with a Letter or Underscore (_)You can start a variable name with a-z, A-Z, or _.
   • Correct: name, _hidden, myVar
   • Incorrect: 9lives, 1st_place (Cannot start with a number!)
2. No Special Symbols Allowed The only symbol allowed is the underscore _.
   • Correct: user_id, total_sum
   • Incorrect: user@name (Uses @), money$ (Uses $), first-name (Hyphens are illegal!)
3. No Spaces Allowed Python sees a space as the end of a variable name.
   • Correct: my_name
   • Incorrect: my name
4. Case Sensitive Python respects capital and small letters strictly.
   • age, Age, and AGE are three different variables.
   • Tip: Always stick to lowercase for standard variables to avoid confusion.
5. Avoid Reserved Keywords Python has “Reserved Words” that have special meaning (like command words). You cannot use them as names.
   • Incorrect: if = 10, for = 5, class = "Hello"
   • Why? Because Python gets confused if you try to redefine its own commands.

–

As an Architect, you should know why these rules exist and how to check them programmatically.

The keyword Module You don’t need to memorize all reserved keywords. You can ask Python to list them for you.

import keyword
print(keyword.kwlist)
# Output: ['False', 'None', 'True', 'and', 'as', 'assert', 'break', 'class', ...]

Unicode Support (Python 3 Feature) Unlike C or Java (historically), Python 3 allows Unicode characters in variable names. This means you can technically use Hindi, emojis, or Greek letters as variable names.

# Valid in Python 3
π = 3.14
नाम = "Rajkumar"  # Hindi variable name
print(नाम)        # Output: Rajkumar 

Architect Tip: Just because you can do this, don’t do it in professional DevSecOps scripts. Stick to English ASCII characters for compatibility with Linux servers and CI/CD pipelines.

Checking Validity Programmatically You can check if a string is a valid variable name using the .isidentifier() method.

"1st_place".isidentifier()   # False
"my_variable".isidentifier() # True

–

Key Characteristics

• Strict Syntax: One wrong character stops the execution.
• Case Sensitivity: High precision required (Server vs server).
• Convention-Driven: While myVar is valid, Python communities prefer my_var (Snake Case).

Use Case

• Underscore (_) Usage:
  • Single Underscore (_variable): Indicates “Internal use” or “Private” (convention).
  • Double Underscore (__variable): Used in Classes for “Name Mangling” (advanced OOP).
  • Alone (_): Often used in loops where the variable isn’t used (e.g., for _ in range(10):).

Benefits

• Clarity: Rules ensure that variables look different from numbers (e.g., 10 vs ten).
• Parsing Speed: Strict rules make it faster for the Python interpreter to read and understand code.

• Python Lexical Analysis (Identifiers)
• PEP 8 Style Guide (Naming Conventions)

-

Lab Python Variables

Quiz Python Variables

Naming Conventions: Styles

Imagine you are going to a wedding. You can wear shorts and a t-shirt (it’s not illegal!), but you should wear a Sherwani or a Suit to look respectful and blend in. Similarly, in Python, code has a “Dress Code” called Conventions. If you follow them, your code looks clean, professional, and easy for others to read.

While you can write variables in different styles, developers follow specific conventions to keep code readable.

Python developers follow a style guide called PEP 8. It is the “Bible” of Python styling. Here are the three main styles you will see:

1. Snake Case: The Python Standard
   • Format: All letters are lowercase. Words are separated by underscores _.
   • Example: user_login_count, file_name, api_key.
   • Where to use: Variables, Functions, and Method names.
   • Why: It is considered the most readable style by the Python community.
2. Camel Case: The Java/JS Style
   • Format: First word is lowercase, and the first letter of every subsequent word is Capitalized. No underscores.
   • Example: myVariableName, iphonePrice.
   • Where to use: Rarely used in Python standard libraries, but common in libraries ported from Java (like some testing tools).
3. Pascal Case: The Class Style
   • Format: The first letter of every word is Capitalized. No underscores.
   • Example: StudentData, CarEngine, DevOpsTools.
   • Where to use: strictly for Class Names in Python.

–

1. As an Architect, you define the coding standards for your team.
2. Automating Style Checks (Linting) In a CI/CD pipeline, we don’t manually check if a developer used Snake Case. We use tools (Linters).
   • Tools: pylint, flake8, or black (formatter).
   • Workflow: If a developer commits code with MyVariable = 10, the pipeline fails and rejects the code because it violates PEP 8.

–

Use Case

• Variables/Functions: Always use snake_case.
  • calculate_tax(), user_age.
• Classes: Always use PascalCase.
  • class BankAccount:.
• Constants: Always use UPPER_CASE.
  • PI = 3.14.

Benefits

1. Instant Recognition: When I see BankAccount, I know it’s a Class. When I see bank_account, I know it’s a variable/object. This mental shortcut speeds up debugging.
2. Consistency: If 10 developers work on the same project, the code looks like it was written by one person.

Technical Challenges: “The Silent Failure”

While using camelCase isn’t a syntax error, it creates a Maintainability Gap. In a DevSecOps team, if one person writes awsBucketName and another writes aws_bucket_name, your automated grep/search scripts for logs will fail to find all occurrences.

Limitations

• Legacy Code: Sometimes you have to work on old Python code that doesn’t follow PEP 8. Changing variables there might break things.
• External Libraries: Some libraries (like unittest) use CamelCase (setUp, tearDown) because they were inspired by Java. You have to follow their style when using them.

PEP 8 – Style Guide for Python Code

Descriptive Naming (The “Meaning” Rule) Style is important, but meaning is critical.

• Bad: d = 10 (What is d?)
• Bad: days = 10 (Days since when?)
• Good: days_since_last_login = 10 (Crystal clear!)

Hungarian Notation (Avoid This!) In older languages, people wrote types in names: strName, iCount. Do not do this in Python. Python is dynamic; the type might change. Just use name or count.

Single Letter Variables Only use single letters like i, x, y in very short loops or math formulas. Never use them for main data storage.

Cheat Sheet

–

Lab Python Naming Conventions

Quiz Python Naming Conventions

Assigning Values

While it looks simple like a = 10 understanding how Python handles assignments under the hood (memory references, mutability) is what separates a “coder” from an “Architect.” Whether you are scripting automation for AWS or writing a simple calculator, this is your starting point.

Imagine you are working in a massive warehouse (System Memory).

• The Value (Object): This is the actual item, like a generic “Lion” plush toy or a crate of “Oranges.”
• The Variable (Name): This is a sticky tag or label you put on that item.

In many other languages (like C++ or Java), a variable is like a specific box where you put things inside. If you have a box named x, you put the number 10 inside it. In Python, it works differently. The number 10 exists somewhere in the warehouse, and x is just a tag attached to it. If you say y = x, you aren’t copying the box; you are just adding another tag named y to the same item.

Simple Logic: You are not creating copies of the object; you are just giving it a name (reference).

Python is incredibly flexible. You don’t need to declare the “type” of data (like int or string) before assigning it. Python figures it out automatically. This is called Dynamic Typing.

Here are the standard ways you will use every day:

1: Standard Assignment: Giving one name to one value.

name = "Lion"
# Here, 'name' is the tag, "Lion" is the object.

2: Multiple Values to Multiple Variables (Position-based): Great for shortening code.

x, y, z = "Orange", "Banana", "Cherry"
# x gets Orange, y gets Banana, z gets Cherry

3: One Value to Multiple Variables (Chained Assignment): Useful when initializing counters or flags.

x = y = z = "Orange"
# All three tags point to the same "Orange" string in memory.

–

As an architect, you need to care about Memory Management and Reference Counting.

4: Reference Counting: Python uses an internal counter to track how many tags (variables) are attached to an object. When you do x = y = z = "Orange", the reference count for the string “Orange” increases. If you delete x, the count drops. When it hits zero, Python’s Garbage Collector removes the object to free up memory.

5: Unpacking Collections: This is a Python superpower. You can extract elements from a list or tuple directly into variables.

fruits = ["apple", "banana", "cherry"]
x, y, z = fruits # Unpacking

Architect Tip: If you have a list with 10 items but only want the first one, use the Star Operator (*).

first, *rest = [1, 2, 3, 4, 5]
# first = 1
# rest = [2, 3, 4, 5]

Python sys module: You can actually check the reference count of an object using sys.getrefcount().

• Simple statements

Key Characteristics

• Dynamic Binding: Variables can change types. x = 10 (int) can later become x = "Hello" (string) without error.
• Object Reference: Variables store the address of the value, not the value itself.
• Strict Evaluation: The right-hand side (the value) is always evaluated before the assignment happens.

Benefits

• Readability: Reduces boilerplate code. x, y = 1, 2 is cleaner than two separate lines.
• Efficiency: Unpacking is optimized in C (CPython) and is generally faster than manual indexing.
• Less Error-Prone: Reduces the chance of “off-by-one” errors when assigning list items to variables.

Limitations

• Unpacking Mismatch: If you try to unpack a list of 3 items into 2 variables (without using *), Python will throw a ValueError: too many values to unpack.
• Tuple Immutability: You cannot assign a value to a specific index of a tuple (e.g., my_tuple[0] = 5 will fail), though you can reassign the whole variable.

Cheat Sheet

–

Lab Python Assigning Values

Quiz Python Assigning Values

Python Input Handling: Capturing Data

Think as: A “Security Gate” at an apartment complex. When a visitor arrives, the guard doesn’t just let them in. The guard asks for their name and purpose (The Input). The visitor provides information (The Data), and the guard writes it down on a register (The Variable).

• input() is the Guard asking the question.
• The Keyboard is the Visitor providing data.
• The Variable is the Register where the data is stored for later use.

Python uses the input() function to pause the program and wait for the user to type something.

Important Rule: input() always treats everything as a String (str), even if the user types a number like 10.

As an Architect, you must implement Input Validation. Accepting raw input into a script that runs with “Admin” or “Root” privileges on a server is dangerous.

1. Type Sanitization: Always convert input to the expected type immediately.
2. Argument Parsing: For automated DevSecOps tools (like a Jenkins job), we prefer Command Line Arguments over interactive input(). This allows scripts to run without human intervention.

–

Key Tools:

• input(): For interactive scripts.
• sys.argv: For basic command-line inputs.
• argparse: The industry-standard tool for creating professional CLI (Command Line Interface) tools.

Key Characteristics

• Blocking: The program stops and waits until the “Enter” key is pressed.
• String-Default: Returns data as a string type by default.
• Prompt Support: You can add a message inside the brackets to guide the user.

Use Case

• Interactive Provisioning: A script that asks a Cloud Engineer: “Which AWS Region should I deploy to?”
• Confirmation Steps: A “Yes/No” prompt before deleting a production S3 bucket.

Benefits

• User Interaction: Makes scripts dynamic instead of hard-coded.
• Flexibility: One script can perform different tasks based on user choice.

Technical Challenges: The “Type” Trap

If you ask for an “Age” or “Port Number” and try to add 1 to it, the script will crash because you cannot add a number to a string.

Limitations

• input() is not suitable for CI/CD pipelines. Since pipelines are automated, there is no human to “type” the answer, causing the job to hang (timeout) and fail.

Cheat Sheet

Built-in Functions

Lab Python Input

Quiz Python Input

Outputting Variables

If a script runs but doesn’t tell you what it’s doing, it’s dangerous. Visibility is key. Whether you are debugging a broken server or printing a “Success” message after a deployment, the humble print() function is your best friend.

Imagine your computer’s memory is like a closed room where calculations happen. Nobody outside can see what is going on inside.

• The Variable: The actor on the stage inside the room.
• The print() function: This is the camera and projector that beams the image of the actor onto a screen outside so you (the user) can see it.

If you don’t use print(), the calculation happens effectively, but you stay in the dark so use the print() function to send data to the “Standard Output” (usually your terminal or command prompt).

1. Basic Printing

x = "Python is awesome"
print(x)
# Output: Python is awesome

2. Combining Text and Variables There are two “old school” ways to do this, and one “modern” way (which we will cover in the Advanced section).

• Method A: The Comma , (The Safe Way) This is great because it works with any data type (numbers, lists, text) and adds a space automatically.

name = "Alice"
age = 25
print("Name:", name, "Age:", age)
# Output: Name: Alice Age: 25

• Method B: The Plus + (String Concatenation) This acts like glue. It sticks strings together without spaces. Warning: This only works if both sides are strings. If you try to add a number, Python will crash.

print("Hello " + "World")  # Works
# print("Age is " + 25)    # CRASH! TypeError

–

As an architect, you shouldn’t just “print text.” You need to format logs for readability and automated parsing.

3. The Modern Standard: f-strings (formatted string literals) Introduced in Python 3.6, this is the industry standard. It is faster and cleaner. You put an f before the quotes and put variables inside curly braces {}.

user = "App"
latency = 120
print(f"User {user} experienced {latency}ms latency.")
# Output: User App experienced 120ms latency.

4. Controlling the End and Separator By default, print() adds a newline (enter key) at the end. You can change this using end and sep.

• sep: What goes between the items? (Default is space).
• end: What happens after printing? (Default is newline \n).

Architect Use Case: Creating a progress bar on the same line.

print("Loading", end="...")
print("Done!")
# Output: Loading...Done! (All on one line)

5. Output Streams (stdout vs stderr) Real production scripts often separate “normal output” from “error messages.”

• print() goes to sys.stdout.
• Errors should go to sys.stderr (so logging tools like Splunk or Datadog categorize them correctly).

Key Characteristics

• Variadic: print() can take as many arguments as you want (e.g., print(a, b, c, d)).
• String Conversion: It automatically converts non-string objects (like lists or numbers) into their string representation before displaying them.
• IO Bound: Printing to a screen is technically “slow” compared to CPU calculations. Excessive printing can slow down high-performance scripts.

Use Case

• Debugging: The quickest way to check “What is the value of x right now?”
• User Interaction: Asking for input and showing results in CLI (Command Line Interface) tools.
• Logging: Generating logs for system monitoring.

Limitations

• The “TypeError” Trap: As mentioned, print("Value: " + 100) fails. Beginners face this constantly.
• Formatting Chaos: Using many commas and plus signs makes code hard to read: print("User " + name + " has ID " + str(id)).

Common Issues and Solutions

Problem: Printing complex objects (like a custom Class) just shows weird memory addresses like <__main__.MyObject object at 0x00.... Solution: Define a __str__ or __repr__ method in your class to tell Python how to print it nicely.

• Built-in Functions and Input and Output

Cheat Sheet

Practice Lab Outputting Variables

Quiz Python Outputting Variables

Global vs. Local Variables

In a small script, everything seems accessible. But as an Architect managing thousands of lines of automation code, if you don’t understand scope, you will face “Zombie Variables” values that change when you don’t expect them to, crashing your production pipelines.

Think as: A Corporate Office Building.

• Global Variable (The Public Notice Board): Imagine a notice board in the building lobby. Everyone in the building (every function) can see it. If the manager changes the notice to “Holiday Tomorrow,” everyone sees the change. This is Global Scope.
• Local Variable (Your Personal Notebook): Imagine you are inside your private cabin (a Function). You write “Meeting at 5 PM” in your personal diary. People outside your cabin cannot see its Local Scope.

Simple Logic:

• Inside a function? It’s private (Local).
• Outside all functions? It’s public (Global).

Python looks for variables in a specific order (LEGB Rule).

If you ask for x, Python searches like this:

1. First: Is it inside my current function? (Local)
2. Second: Is it outside in the main script? (Global)

(Think as: If you need a Pen, you check your pocket first. If it’s not there, you check the room.)

1. Global Variables

Created at the top level of your script (outside any function). They can be read by everyone anywhere in the script.

website_name = "DevSecOpsGuru"  # Global Variable (Everyone can see this)

def show_welcome():
    # Python doesn't find 'website_name' inside, so it looks outside and finds it.
    print("Welcome to " + website_name) 

show_welcome() 
# Output: Welcome to DevSecOpsGuru

2. Local Variables

Created inside a function (def). They are private. They “die” (are erased from memory) as soon as the function finishes running.

def secure_login():
    token = "AB-123"  # Local to this function (Private)
    print(token)      # Works fine here

secure_login()

# If you try to ask for 'token' here, Python will complain because 'token' is dead.
# print(token)  # Error! NameError: name 'token' is not defined

–

As an architect, “Global Variables” are often considered a code smell (bad practice) if not used carefully.

• The Problem: If 10 different functions rely on one global variable status = "Active", and one function changes it to "Inactive" by mistake, all other 9 functions break. This creates “Tight Coupling” which is a nightmare for debugging.
• The LEGB Rule: Python resolves scope in this exact order:
  1. Local (Inside function)
  2. Enclosing (Inside nested functions)
  3. Global (Module level)
  4. Built-in (Python keywords like print, list)
• Mutable Globals: You don’t always need the global keyword. If the global variable is a List or Dictionary, you can modify its contents inside a function without global.

logs = [] # Global List

def add_log(msg):
    logs.append(msg) # This works! No 'global' keyword needed.

Key Characteristics

• Isolation: Local variables are isolated. You can have a variable named data in Function “A” and another data in Function “B”. They will never interfere with each other.
• Lifetime:
  • Local: Exists only while the function is running.
  • Global: Exists as long as the program is running.

Use Case

• Local: Temporary calculations, loop counters (i), temporary file paths.
• Global: Constants like API_URL, TIMEOUT_LIMIT, or DATABASE_PORT. (Best practice: write global constants in ALL CAPS).

Benefits

• Memory Efficiency: Local variables are deleted from memory (Garbage Collected) immediately after the function ends.
• Security: Sensitive data (like a user password) should always be Local so it doesn’t stay in memory longer than necessary.

Common Issues and Solutions

The UnboundLocalError Trap: This is a classic interview trap.

count = 10 # Global

def increment():
    # Python sees 'count =' below and assumes 'count' is LOCAL.
    # But you try to print it before assigning it!
    print(count) 
    count = 5 

increment()
# Crash: UnboundLocalError: local variable 'count' referenced before assignment

Solution: If you meant to change the global variable, add global count at the start of the function.

• Scopes and Namespaces and Execution Model

Cheat Sheet

Lab Python Global vs. Local Variables

Quiz Python Global vs. Local Variables

Python Memory Management

When you are designing a microservice that processes 1 million requests per second, “trust” isn’t enough. You need to know exactly when memory is allocated and when it is freed.

Think as: The Warehousing & Cleaning Crew.

Imagine a giant Fulfillment Center (like Amazon’s warehouse).

• The Object (Data): This is the physical product (a TV, a book) stored on a shelf. This area is called the Heap Memory.
• The Variable (Name): This is just a sticky label in a catalog that tells you where the product is located. This catalog is the Stack Memory.
• Reference Counting: Imagine a sensor on every product that counts how many sticky labels point to it. If x points to the TV, the count is 1. If y also points to it, the count is 2.
• Garbage Collection (The Cleaning Crew): A robot constantly scans the warehouse. If it sees a product with zero labels attached (Reference Count = 0), it immediately grabs the product and throws it in the trash (frees up memory).

Simple Logic: You never “delete” an object manually. You just remove the labels (variables). When the last label is gone, the Cleaning Crew (Garbage Collector) deletes the object for you.

In languages like C or C++, x = 10 puts the number 10 inside a box named x. In Python, x = 10 is a two-step process:

1. Creation: Python creates an object 10 in the Heap.
2. Reference: Python creates the name x in the Stack and draws a line (pointer) to the object 10.

This is why x = y doesn’t copy the number; it just copies the pointer. Both x and y end up pointing to the same object.

A DevSecOps Architect must understand the CPython Memory Manager.

1. Reference Counting (Primary Mechanism): This is fast and real-time. As soon as the ref count hits 0, the object is destroyed.
   • Tool: sys.getrefcount(obj) shows the count.
2. Generational Garbage Collection (Secondary Mechanism): What if Object A points to Object B, and Object B points back to Object A (Cyclic Reference)? Their ref count never reaches zero, even if you delete the variables!
   • Python has a Cyclic Garbage Collector. It divides objects into three “Generations” (0, 1, 2).
   • New objects start in Gen 0. If they survive a cleaning cycle, they move to Gen 1, then Gen 2.
   • This prevents memory leaks from complex data structures.
3. Small Integer Caching (Interning): Python pre-allocates integers from -5 to 256. These are singleton objects. Every time you type a = 100, you are referencing the existing 100 in memory, not creating a new one.

Key Characteristics

• Automatic: No malloc or free (like in C). Python handles it all.
• Heap Allocation: All objects (lists, ints, functions) live on the private heap.
• Stack Allocation: References (variable names) live on the stack.

Use Case

• Memory Optimization: Understanding id() helps you know if you are copying data needlessly (wasting RAM) or just pointing to it.
• Debugging Leaks: If your Python script eats more and more RAM over 2 days, it’s likely a “Reference Cycle” that the GC hasn’t cleaned yet.

Benefits

• Safety: Prevents “Segmentation Faults” and memory corruption common in lower-level languages.
• Productivity: Developers focus on logic, not memory sizing.

Limitations

• Stop-the-World: When the Garbage Collector runs for Generation 2 (old objects), it can briefly pause your program. In high-frequency trading or real-time gaming, this micro-pause can be an issue.
• Memory Overhead: Every object in Python has a header (storing type, ref count, etc.), making a simple integer take up 28 bytes instead of 4 bytes in C.

• Data model , Garbage Collector interface

Common Problems & Solutions

1. Problem: Memory Leaks in Long-Running Scripts. If you have a Python script running 24/7 on a Linux server (like a monitoring agent), it might keep growing in RAM usage.
2. Reason: Cyclic References. (Object A points to B, and B points to A).
3. Solution: Use the gc module to manually trigger garbage collection or investigate using objgraph.

Cheat Sheet

Lab Python Memory Management

Quiz Python Memory Management

Data Types

If Variables are the “Tags,” Data Types are the “Actual Objects” those tags are attached to. Python is famous for being Dynamically Typed meaning you don’t have to tell it, “This is a number.” It figures it out. But don’t let this ease fool you. As an Architect, knowing exactly what data type you are handling (e.g., is this IP address a string or a bytes object?) is crucial for security automation and API handling.

Think as: Different Containers for Different Items.

Imagine you are packing for a trip:

• Integer (int): A solid brick. It’s whole, unbreakable, and doesn’t have parts. (e.g., 5, 100).
• Float (float): Water. It’s fluid and can be measured in precise amounts, but sometimes it’s hard to measure exactly to the last drop. (e.g., 10.5, 3.14).
• String (str): A necklace of beads. It’s a sequence of individual characters strung together.
• List (list): A Backpack. You can put anything in it, take things out, and change the order. (Mutable).
• Tuple (tuple): A Sealed Amazon Parcel. Once packed, you cannot add or remove items without destroying the box. (Immutable).
• Dictionary (dict): A Real Dictionary or Phonebook. You look up a “Name” (Key) to find the “Number” (Value).

Simple Logic: Python looks at the content to decide the type.

• x = 5 -> Python sees a whole number -> “This is an int“.
• x = 5.0 -> Python sees a decimal -> “This is a float“.

Since you don’t declare types, you often need to ask Python, “What is this?” You use the type() function for this.

x = 10
print(type(x)) # Output: <class 'int'>

y = "DevOps"
print(type(y)) # Output: <class 'str'>

–

Architects need to look beyond the basic names. You must categorize types by Mutability and Architecture Use Cases.

1. Mutable (Changeable):list, dict, set.
   • Risk: Passing these to functions can lead to unintended side effects (data modification).
   • Note: Cannot be used as Dictionary Keys (because they can change, breaking the hash).
2. Immutable (Unchangeable):int, float, bool, str, tuple, bytes.
   • Benefit: Thread-safe and hashable. Can be used as Dictionary keys.
3. Binary Types (bytes, bytearray):
   • Crucial for DevSecOps! When you read a file, handle network packets, or encrypt passwords, you are working with bytes, not strings.
   • b"password" is NOT the same as "password".

Architect Tip: isinstance() vs type() Never use type(x) == int in production code. It fails if you use inheritance. Always use isinstance(x, int). It’s cleaner and safer.

Key Characteristics

• Dynamic: The type is bound to the object, not the variable name. x can be an int now and a str later.
• Strongly Typed: Python does not allow “implicit” type coercion that causes errors.
  • JavaScript: "5" + 5 = "55" (Weak typing).
  • Python: "5" + 5 -> Error! (Strong typing). You must convert it manually.

Use Case

• dict: JSON payloads, API responses, Configuration files.
• list: Ordered sequence of servers, log lines.
• set: Storing unique IP addresses (automatically removes duplicates).
• tuple: Database credentials (username, password) that shouldn’t change.

Benefits

• Flexibility: No need to recompile code just to change a variable type.
• High-Level Abstractions: dict and list are incredibly powerful and optimized in C.

Limitations

• Performance: Dynamic typing adds overhead. Python has to check the type every time you perform an operation (e.g., addition), which makes it slower than C or Go.
• Runtime Errors: You might not find a “Type Error” until the script actually runs and hits that specific line.

• Built-in Types and typing

Lab Python Data Types

Quiz Python Data Types

Mutable vs. Immutable Types

Understanding Mutability (changeability) determines if your code is thread-safe, if your dictionaries work, and if your memory usage is efficient. As a Architect, you need to know: “If I pass this variable to a function, will the function change my original data?”

Also, since Python is Dynamically Typed, variables can shapeshift. We need to control this using Type Casting.

Think as: A Printed Certificate vs. A Google Doc.

Every object in Python has a unique passport number (Memory Address) that you can see with id().

Immutable (The Printed Certificate): Imagine you receive a printed certificate with a typo in your name. You cannot just erase the ink and write over it. You must throw away the old certificate and print a brand new one.

• Python Examples: int, float, str, tuple, bool.
• Logic: Changing the value = Creating a new object.

x = 10
print(id(x)) # ID: 1001

x = x + 1    # We try to change it to 11
print(id(x)) # ID: 2005 (Totally new address! The old 10 is gone.)

Mutable (The Google Doc): You are working on a shared Google Doc (the object). If you want to change a sentence, you just edit it directly. You don’t need to create a new file URL. The document ID stays the same.

• Python Examples: list, dict, set.
• Logic: Changing the value = Updating the existing object in place.

lst = [1, 2]
print(id(lst)) # ID: 5001

lst.append(3)  # We modify it
print(id(lst)) # ID: 5001 (Same address! Very efficient.)

–

Why does an Architect care about this?

1. Dictionary Keys (Hashing): Only Immutable objects can be keys in a dictionary.
   • You can use a Tuple as a key: {(192, 168): "Localhost"}.
   • You cannot use a List as a key: {[192, 168]: "Fail"}.
   • Reason: If the key changes (mutable), Python can’t find the value anymore.
2. Thread Safety (Concurrency): Immutable objects are inherently thread-safe. You can share a configuration string across 100 threads without locking, because no thread can accidentally modify it. Mutable objects require locks.
3. Type Casting Risks: When converting types, data loss happens silently.
   • int(3.99) -> 3 (Data Loss via Truncation).
   • bool("False") -> True (Logic Error: Non-empty strings are always True).

–

Why does an Architect care about this?

1. Dictionary Keys (Hashing): Only Immutable objects can be keys in a dictionary.
   • You can use a Tuple as a key: {(192, 168): "Localhost"}.
   • You cannot use a List as a key: {[192, 168]: "Fail"}.
   • Reason: If the key changes (mutable), Python can’t find the value anymore.
2. Thread Safety (Concurrency): Immutable objects are inherently thread-safe. You can share a configuration string across 100 threads without locking, because no thread can accidentally modify it. Mutable objects require locks.
3. Type Casting Risks: When converting types, data loss happens silently.
   • int(3.99) -> 3 (Data Loss via Truncation).
   • bool("False") -> True (Logic Error: Non-empty strings are always True).

The “frozenset” If you need a Set (unique items) but you also need it to be Immutable (so you can use it as a Dictionary Key), use frozenset().

# Regular set (Mutable)
s = {1, 2} 

# Frozen set (Immutable)
fs = frozenset([1, 2, 3])
# fs.add(4) # Error!

Implicit Boolean Conversion (Truthiness) In Python, you can cast almost anything to a Bool implicitly using an if statement.

• False: 0, 0.0, "" (empty string), [] (empty list), None.
• True: Everything else.
• DevOps Usage: if my_list: is the Pythonic way to check “Is the list not empty?”.

Key Characteristics

• In-Place Modification: Mutable objects support methods like .append(), .pop(), .clear() which change the data without moving it in memory.
• Rebinding: Immutable objects require reassignment (s = s + "new") to “change” the variable.
• Dynamic Typing: A variable is just a label. It can point to an Integer now and a String later.

Use Case

• Use Immutable (Tuple/Str) for: Constants, database credentials, dictionary keys, ensuring data integrity.
• Use Mutable (List/Dict) for: Data collection buffers, logs processing, dynamic queues.
• Use Explicit Casting for: Validating API inputs (converting string "8080" to integer 8080).

Benefits

• Mutable: Performance. Adding 1 item to a list of 1 million items is instant (O(1)).
• Immutable: Safety. You know the value won’t change unexpectedly.

Limitations

• The String Concatenation Slowdown: Since strings are immutable, doing s += " word" inside a loop of 10,000 iterations creates 10,000 new string objects. This kills performance.
  • Solution: Use a list [] to collect words, then ''.join(list) at the end.
• The “Tuple Loophole”: A tuple is immutable, BUT if it holds a mutable list inside it, that list can still change.

t = (1, 2, ["a", "b"])
t[2].append("c") # Allowed! The tuple still points to the same list object.

• Python Data Model (Mutability), Built-in Functions (Type Construction)

Cheat Sheet

Lab Python Mutable vs. Immutable Types

Quiz Python Mutable vs. Immutable Types

Type Casting: Conversion

In the real world, you often need to adapt things to fit. You change Indian Rupees to Dollars when traveling. In Python, data works the same way. Sometimes you have a number that is trapped inside a text string (like "500"), and you need to perform math on it. You can’t multiply text, right? You have to convert it first.

This process of changing one data type into another is called Type Casting.

Think as: A Universal Travel Adapter.

Imagine you are traveling from India to the USA.

• The Data: This is your laptop plug (Indian pin).
• The Destination: The wall socket (US slot).
• Implicit Conversion (Automatic): Some modern chargers handle voltage (110V vs 220V) automatically. You don’t do anything; it just works. In Python, if you add an Integer (2) to a Float (2.5), Python automatically handles it and gives you a Float (4.5).
• Explicit Conversion (Manual): The physical plug shape is different. You must buy a plastic adapter to force the Indian pin to fit the US socket. In Python, if you want to turn a String "10" into a Number 10, you must manually use a tool (function) to force that change.

Simple Logic:

• Implicit: Python does it for you (Safe & Automatic).
• Explicit: You force Python to do it (Manual & Powerful).

Python gives you “Constructor Functions” to change types manually. Think of these as factory machines that reshape your data.

1: Implicit Conversion (Auto): Python automatically promotes smaller types to larger types to prevent data loss.

num_int = 10
num_float = 2.5
result = num_int + num_float 
# Python sees (Int + Float). It converts Int to Float automatically.
# Result is 12.5 (Float).

2: Explicit Conversion (Manual): You use functions like int(), float(), str().

s = "100"
# total = s + 50  <- Error! Cannot add Text to Number.

total = int(s) + 50 # Works! We converted "100" (str) to 100 (int).

–

As an Architect, you deal with Serialization and Marshaling.

• The API Reality: When you receive data from an API (like AWS Lambda or a REST endpoint), it almost always comes as a JSON String. Even if the port number looks like 8080, it arrives as "8080".
• Validation is Key: You cannot blindly cast data. If a user sends "eighty" and you try int("eighty"), your entire security pipeline will crash with a ValueError.
• Architect Tool: In modern Python stacks (like FastAPI), we use libraries like Pydantic to handle type casting and validation automatically and securely.
  • Tool: Pydantic (Data validation using Python type hints).

Key Characteristics

• Data Loss Risk: converting a float to an int removes the decimal part permanently (truncation). int(9.9) becomes 9, not 10.
• Irreversible: Once cast, the old type information is gone unless you cast it back (but data might be lost).
• Strictness: You cannot cast “garbage” text to a number. int("Hello") will always fail.

Use Case

• CLI Inputs: All inputs from input() or command line arguments (sys.argv) come as strings. You must cast them to integers for logic (e.g., retries = int(args.retries)).
• Log Parsing: Extracting error codes from log files. They are strings in the file, but you need them as numbers to check if error_code > 500.
• File Handling: Writing numbers to a text file requires converting them to strings first (file.write(str(100))).

Benefits

• Interoperability: Allows different data sources (Text files, APIs, Math engines) to talk to each other.
• Control: Gives the developer precise control over how memory is treated.

Limitations

• The “Float String” Limitation: You cannot convert a string containing a decimal directly to an integer.

x = int("10.5") # CRASH! ValueError
# Fix: You must float it first, then int it.
x = int(float("10.5")) # Result: 10

• Complex Types: You cannot simply cast a string representation of a list "[1, 2]" into a list using list(). It will just break the string into characters ['[', '1', ',', ' ', '2', ']'].
• The API Trap: When pulling data from an Environment Variable using os.getenv("RETRY"), it always returns a String. If you forget to cast it to int(), your math logic like RETRY + 1 will crash the deployment.

Common Issues, Problems and Solutions

Problem: The Boolean Trap This is the bug in Python configuration scripts.

# In your config file/env var: DEBUG="False"
is_debug = bool("False") 
# Result: True! (Because the string is not empty)

Solution: Never use bool() on text strings directly. Use comparison.

is_debug = config_value.lower() == "true"

• Built-in Functions and Pydantic Validation

Cheat Sheet

Lab Python Type Casting

Quiz Python Type Casting

Dynamic Typing

This concept is what makes Python so fast to write, but it is also what makes it “dangerous” if you aren’t careful. In languages like Java or C++, you have to promise the computer: “This variable x will ALWAYS be an Integer.” If you try to put text in it later, the compiler screams at you.

Python is chill. Python says: “I don’t care what x is. Use it for a number now, use it for a URL string later. I’ll figure it out.”

Think as: A Sticker vs. A Specialized Box.

• Static Typing (Java/C++): Imagine a box engraved with the words “SHOES ONLY”. You can put sneakers or boots in it. But if you try to put a Pizza in it, the box rejects it. The type is tied to the Variable (Box).
• Dynamic Typing (Python): Imagine you have a handheld Sticker Gun (Label Maker). You write “MyItem” on a sticker. You can stick it on a Shoe. Later, you can peel it off and stick it on a Pizza. The sticker doesn’t care what it’s attached to. The type is tied to the Object (Shoe/Pizza), not the sticker.

Simple Logic: A variable is just a name tag. You can hang that tag on anything you want, whenever you want.

In Python, the variable itself has no type. It is just a reference (a pointer). The Value inside memory has the type.

# Step 1: x points to an Integer object (5)
x = 5 
print(type(x)) # <class 'int'>

# Step 2: x now points to a String object ("Guru")
# The link to 5 is broken. 5 is garbage collected.
x = "Guru"
print(type(x)) # <class 'str'>

As an Architect, “Dynamic Typing” scares us because it leads to Runtime Errors.

• The Risk: If a function expects a User object but accidentally gets a None or a String because of a logic bug earlier in the code, the script will crash only when it runs that specific line.
• Strong vs. Weak: Do not confuse “Dynamic” with “Weak”.
  • Python is Dynamic: Checks types at runtime.
  • Python is Strong: It forbids implicit weird conversions. 1 + "1" throws an Error. (JavaScript is “Weak” because 1 + "1" = "11").
• The Modern Solution (Type Hints): Since Python 3.5+, we write code that looks static to help us, even though Python ignores it at runtime. This is standard in DevSecOps pipelines.

# Type Hinting: "age should be an int"
age: int = 25 

# Python won't stop you if you do this, but your IDE (VS Code) will warn you!
age = "Twenty"

Key Characteristics

• Runtime Type Checking: Python checks the type of the data only when the code is actually executing.
• Reassignment: You can reuse variable names for completely different data types (though you shouldn’t).
• Duck Typing: “If it walks like a duck and quacks like a duck, it’s a duck.” Python doesn’t care if an object is officially a “File”; if it has a .read() method, Python will treat it like a file.

Use Case

• Rapid Prototyping: You don’t need to write int, float, string everywhere. You just write logic.
• Generic Functions: You can write one function process(data) that handles JSON, Lists, or Tuples without writing three separate functions (like function overloading in Java).

Benefits

• Less Boilerplate: Code is shorter and cleaner.
• Flexibility: Easier to handle data structures like JSON where the fields might change dynamically.

Limitations

• Performance: Python has to check “What type is this?” every single time you touch a variable. This makes it slower than C++.
• The “Mystery Meat” Variable: In a 1000-line script, if you see a variable named data, you have no idea if it’s a List, a Dictionary, or a String without reading all the code above it.

• Python Typing, PEP 483 – The Theory of Type Hints

Cheat Sheet

Lab Python Dynamic Typing

Quiz Python Dynamic Typing

Python Virtual Environments (venv)

You are a chef running a restaurant. If you cook a spicy Indian dish and a sweet Italian dessert in the exact same pan at the same time without washing it, the flavors will mix and ruin both dishes.

A Virtual Environment is like having a “Separate Kitchen” for every project.

• Kitchen A: For a project using Python 3.8 and an old version of a library.
• Kitchen B: For a project using Python 3.12 and the latest security tools. By using venv, you ensure that installing a tool for Project A doesn’t accidentally break Project B or, worse, crash your computer’s main operating system.

By default, when you install Python libraries using pip install, they go into a global folder. If two different projects need different versions of the same library, you will face a “Dependency Hell.” A Virtual Environment creates a local, isolated folder containing its own Python executable and its own set of libraries.

Architect Level: In a professional DevOps workflow, we never use the System Python (the one pre-installed on Ubuntu/RHEL). Why?

1. System Stability: Linux tools (like yum or apt) often depend on specific Python versions. If you upgrade a global library, you might break your OS.
2. Security & Auditing: In a CI/CD pipeline, creating a fresh venv ensures that only the specific, scanned, and approved libraries in your requirements.txt are used.
3. Portability: It allows you to freeze your environment.

Key Tools:

• venv: The built-in Python module for environment isolation.
• pip: The package installer used inside virtual environments.
• Pyenv: For managing multiple Python versions on one machine.

Key Characteristics

• Isolation: Each environment is a self-contained directory.
• Lightweight: It doesn’t copy the whole Python, just links to the main one.
• Disposable: You can delete the venv folder and recreate it in seconds without affecting other parts of the system.

Use Case

• CI/CD Pipelines: Creating a temporary environment in a Jenkins or GitHub Actions runner to run security scans (like Bandit or Safety).
• Local Development: Testing a new automation script without cluttering your laptop.

Benefits

• Version Control: Prevents “It works on my machine” errors.
• Security: Reduces the attack surface by only installing necessary packages.
• Cleanliness: Keeps the global Python environment “pristine.”

Technical Challenges

• Path Confusion: Beginners often forget to “activate” the environment, leading to “ModuleNotFoundError.”
• Platform Specifics: Activation commands differ between Windows (PowerShell/CMD) and Linux/macOS (Bash/Zsh).

Limitations

• venv only manages Python packages. If your script needs a system-level C++ library (like libpq-dev), venv cannot install it; you must use a system package manager or Docker.

Common Issues and Solutions

• Python venv – Creation of Virtual Environments

Cheat Sheet

Python Error Handling: The Try-Except Foundation

Errors in Python are called Exceptions. When an exception occurs, Python stops execution and generates an error message. Using try and except blocks, you can tell Python: “Try to run this code, but if a specific error happens, do this other thing instead of crashing.”

Architects follow the principle of “Fail Fast and Fail Loudly (to logs).”

1. Specific Exceptions: Never use a “Bare Except” (except:). It hides bugs. Always catch specific errors like ValueError or FileNotFoundError.
2. Graceful Degradation: If a secondary service (like a logging API) is down, the script should catch that error and continue the primary task (the security scan).
3. Cleanup: Use the finally block to ensure that sensitive resources like database connections or temporary files are closed even if the script fails.

Key Tools:

• Exceptions: The official hierarchy of built-in errors.

Key Characteristics

• Resilience: Keeps the program running during minor issues.
• Readability: Separates “happy path” logic from error-handling logic.
• Customization: Allows you to provide “Human-Friendly” error messages.

Use Case

• Type Conversion: Converting a user’s string input into an integer for a port number.
• API Calls: Handling “Connection Timeout” when a script tries to reach AWS or GitHub.

Benefits

• Pipeline Stability: Prevents Jenkins jobs from failing due to minor, expected data issues.
• Security: Prevents the script from leaking internal system paths or code snippets in raw error messages.

Technical Challenges: Exception Bubbling

If you don’t catch an error in a function, it “bubbles up” to the main program. As an Architect, you must decide at which level the error should be handled.

Limitations:

• Error handling adds a small amount of performance overhead.
• It cannot fix “Syntax Errors” (code that is written incorrectly); it only handles “Runtime Errors” (valid code that fails during execution).

• Errors and Exceptions – Python Tutorial

Lab: The “Robust Port Converter”

Objective: Write a script that asks for a port and handles both “Non-numeric” and “Zero” input errors.

def setup_security_scanner():
    try:
        # Code that might fail
        user_input = input("Enter Scanner Port: ")
        port = int(user_input)
        
        result = 1000 / port # Potential ZeroDivisionError
        print(f"Scanner initialized on port: {port}")

    except ValueError:
        # Handles text input instead of numbers
        print("Error: Invalid input! Please enter a numeric port number.")
        
    except ZeroDivisionError:
        # Handles if the user enters 0
        print("Error: Port 0 is not allowed for this calculation.")
        
    except Exception as e:
        # Catch-all for anything else (Log the actual error)
        print(f"An unexpected error occurred: {e}")
        
    finally:
        # This always runs (Clean-up)
        print("Security Check Routine Completed.")

setup_security_scanner()

Cheat Sheet

Quiz Python Error Handling

Comments & Docstrings: Python Documentation

Think as: A Library.

• Comments (#) are like “Post-it Notes” stuck on a specific page to explain a confusing sentence.
• Docstrings (“””) are like the “Book Summary” on the back cover that tells you what the whole book (or chapter) is about before you even start reading.

• Comments: Use the hash symbol (#). Anything after the # is ignored by Python. They are used to explain why a specific line of code exists.
• Docstrings: Use triple quotes ("""). They are used to document modules, classes, and functions. Unlike comments, Python can actually “read” these using the help() function.

Architects enforce “Self-Documenting Code.”

1. Avoid the Obvious: Don’t write # Increment x by 1. We can see that. Instead, write # Retry connection up to 3 times per security policy.
2. Compliance Documentation: Use Docstrings to mention security standards (e.g., """Validated against OWASP Top 10 guidelines""").
3. Automation: Architects use tools like Sphinx or MkDocs to automatically pull Docstrings into a beautiful HTML website for the whole team to read.

Key Characteristics

• Non-Executable: They do not affect the speed or logic of the program.
• Informative: They bridge the gap between technical logic and business requirements.
• Accessible: Docstrings stay with the code even when it is imported into other scripts.

Use Case

• Complex Logic: Explaining a complicated Regular Expression (Regex) used for log filtering.
• API Definitions: Describing what inputs a function needs to trigger a cloud deployment.

Benefits

• Maintainability: Makes it easy for a new DevOps engineer to understand your 2-year-old script.
• Collaboration: Essential for Open Source or large enterprise teams.
• Debugging: Helps identify the original “intent” of the code when it starts behaving wrongly.

The biggest challenge is Outdated Comments. If you change the code but forget to change the comment, the documentation becomes a lie.

1.6.1 Limitations:

• Over-commenting can make the code look “noisy” and harder to read.
• Docstrings do not replace the need for an external README.md file for large projects.

1.6.2 Common Issues and Solutions

• PEP 8 – Comments Section
• PEP 257 – Docstring Conventions

Practical Lab: Documenting a Security Tool

Objective: Take a “silent” script and turn it into a professionally documented DevSecOps tool.

"""
Module: Cloud Sentinel
Description: This script audits S3 buckets for public access.
Author: Rajkumar Aute
Version: 1.0
"""

def check_s3_encryption(bucket_name):
    """
    Checks if an S3 bucket has AES-256 encryption enabled.
    
    Args:
        bucket_name (str): The name of the bucket to audit.
        
    Returns:
        bool: True if encrypted, False otherwise.
    """
    
    # We use a timeout of 5 seconds to prevent the CI/CD pipeline from hanging
    timeout = 5 
    
    print(f"Auditing bucket: {bucket_name}...")
    # Logic to call AWS API would go here
    return True

# To see the documentation, try running: help(check_s3_encryption)

Cheat Sheet