Ensure code maintainability and extendability. Do not hardcode configuration into source code; use a dedicated config.ini file. Design solutions secure by default.
Take into account the AWS costs and optimize them. Analyze AWS infrastructure, data ingest, and data egress costs.
When creating an AWS CDK app, use Python and a dedicated virtual environment. Define stacks in separate files stored in the 'stacks' directory.
Use the latest supported version of Python and ARM for Lambda functions. Do not embed Lambda source code into CDK Stack or Construct; put it into a separate file. Create dedicated CloudWatch LogGroups for every Lambda with a default retention of one year and ensure that Lambda's logger uses that LogGroup. Add a log-level environment variable to Lambdas to enable changing the log's verbosity.
Enable proxy when integrating API Gateway with Lambda; add resource("{proxy+}") and capture any method.
Use OWASP Top 10 security guidelines during design and implementation.