Complete reference for all key patterns stored in ElastiCache (Valkey). Covers price cache, API key cache, cluster stats, usage log indexes, adaptive governor, rate limiting, public endpoint caches, LRS report counters, real-time usage counters, stress tier cache, KCC dashboard, translation engine state, and deduplication keys.
| Property | Value |
|---|---|
| Endpoint | master.trinity-beast-cache.ptsbmm.use2.cache.amazonaws.com:6379 |
| Node Type | cache.r7g.2xlarge (8 vCPU, 52.8 GB) |
| Engine | Valkey 7.2 |
TLS | Enabled |
| Client Library | go-redis UniversalClient (works with both cluster and standalone mode) |
| Connection Pool | 300 per container (1,200 total across 4 ECS containers) |
Cached cryptocurrency prices written by the Kraken prewarm batch and REST fallback path. Read on every LPO price request when the Tier 2 (in-memory) cache misses.
| Field | Type | Description |
|---|---|---|
asset | string | Cryptocurrency ticker (BTC, ETH, SOL, etc.) |
price | float | Current price in USD |
timestamp | string (ISO 8601) | When the price was fetched |
readable_timestamp | string | Human-readable timestamp |
source | string | Price source (coinbase-ws, gemini-ws, kraken-ws, gateio-ws, cryptocom-ws, okx-ws, kraken-prewarm) |
latency_ms | integer | Source fetch latency in milliseconds |
cached | boolean | Always false when written; set to true when served from cache |
Full API key records cached as hashes. Populated by the sync job on a regular cycle and on cache miss by the API key store. Every inbound API request reads this key for authentication and rate limit enforcement.
| Field | Type | Description |
|---|---|---|
id | string (uuid) | API key record ID |
user_id | string (uuid) | Owner user ID |
name | string | Subscriber name |
tier | string | Subscription tier |
query_limit | integer | Monthly query limit |
current_usage | integer | Current month's query count |
rate_limit_qps | integer | Queries per second limit |
burst_limit | integer | Token bucket burst capacity |
burst_tokens | float | Current token balance |
api_key | string | The API key string |
minimum_wait_seconds | float | Min time between throttled requests |
revoked | boolean | Whether the key is disabled |
lrs_enabled | boolean | Whether unlimited LRS reports are enabled |
last_used | string (ISO 8601) | Last API call timestamp |
created_at | string (ISO 8601) | Key creation date |
last_success | string (ISO 8601) | Last successful API call |
/admin/invalidate-key endpoint
All runtime application parameters from the Aurora application_parameters table, cached as a single hash. No TTL — persists until explicitly overwritten. Read on every config poll cycle by all containers.
Contains all 56+ application parameters from Aurora. Example fields include:
| Example Field | Description |
|---|---|
adaptive_max_concurrent | Max concurrent requests before adaptive throttling |
cache_pool_size | ElastiCache connection pool size per container |
coinbase_prewarm_assets | Comma-separated list of assets to prewarm from Coinbase |
gemini_prewarm_assets | Comma-separated list of assets to prewarm from Gemini |
kraken_prewarm_assets | Comma-separated list of assets to prewarm from Kraken |
log_level | Application log level (debug, info, warn, error) |
cache_ttl_seconds | Default cache TTL for price entries |
/admin/reload-params, /admin/system-modeLoadApplicationParameters on every config poll cycle
Sorted sets that index usage log entries by timestamp. The global index plus per-API-key and per-asset indexes enable fast range queries for LRS reports without scanning the full dataset.
Score: Unix timestamp | Members: Usage log UUIDs
Score: Unix timestamp | Members: Usage log UUIDs
Score: Unix timestamp | Members: Usage log UUIDs
Individual usage log entries stored as hashes. Each entry is a complete snapshot of a single LPO API request. Written by the sync job from Aurora and retained for 93 days.
| Field | Type | Description |
|---|---|---|
api_key_id | string | API key that made the request |
asset | string | Cryptocurrency asset queried |
price | float | Price returned |
source | string | Price source |
cached | boolean | Whether served from cache |
latency_ms | integer | Source fetch latency |
duration_ms | integer | Total request processing time |
ip_address | string | Client IP address |
timestamp | string (ISO 8601) | When the request occurred |
readable_timestamp | string | Human-readable timestamp |
cache_age_seconds | float | Age of cached price at time of request |
cluster_node | string | ECS container that handled the request |
region | string | AWS region |
monthly_usage | integer | Subscriber's usage count at time of request |
monthly_limit | integer | Subscriber's limit at time of request |
mv_usage_daily materialized view in Aurora and served to the analytics dashboard via /dashboard/api/admin/daily-rollup. The view is refreshed every 5 minutes by the pg_cron job tbi-mv-usage-daily-refresh running natively inside Aurora — no Lambda, no EventBridge. The Valkey usage-log indexes above remain the fast lane for live per-entry LRS report range queries; the materialized view is the efficient source for day-level aggregates. The two complement each other — live per-entry reads from Valkey, day-level rollups from Aurora. See the Aurora Data Dictionary (section 4.5) for the view schema.
Indexes and data for LRS report request logs. Mirrors the Aurora report_usage_logs table in ElastiCache for fast report-on-report queries.
Score: Unix timestamp | Members: Report usage log UUIDs
Score: Unix timestamp | Members: Report usage log UUIDs
| Field | Type | Description |
|---|---|---|
api_key_id | string | API key that requested the report |
report_type | string | Report type (usage/summary/report-usage/report-summary) |
format | string | Output format (json/csv/tsv/text) |
filters | string (JSON) | Query filters applied |
row_count | integer | Number of rows returned |
duration_ms | integer | Processing time |
ip_address | string | Client IP address |
timestamp | string (ISO 8601) | When the report was requested |
readable_timestamp | string | Human-readable timestamp |
cluster_node | string | ECS container that handled the request |
region | string | AWS region |
protocol | string | TCP or UDP |
status_code | integer | HTTP status returned |
Each ECS container publishes a JSON snapshot of its runtime metrics to ElastiCache every 3 seconds. Read by /admin/cluster-stats and /public/status for cluster-wide aggregation.
Node names: BeastMain, BeastMirror, BeastLRS, BeastWebhook
| Field | Type | Description |
|---|---|---|
uptime_seconds | float | Container uptime in seconds |
tcp_requests | integer | Total TCP requests handled |
udp_requests | integer | Total UDP requests handled |
lrs_requests | integer | Total LRS report requests |
total_rps | float | Requests per second (all protocols) |
syncmap_hits | integer | Tier 1 (local sync.Map) cache hits |
elasticache_hits | integer | Tier 2 (ElastiCache) cache hits |
cache_misses | integer | Full cache misses (REST fallback) |
errors_5xx | integer | Server error count |
errors_4xx | integer | Client error count |
rate_limit_hits | integer | Rate limit rejections |
bg_work_dropped | integer | Background tasks dropped (pool full) |
/admin/cluster-stats, /public/status, KCC daily dashboard
Distributed counters and flags used by the adaptive governor to coordinate throttling decisions across all three ECS containers. Uses a hash tag {adaptive:lpo} to ensure all keys land on the same shard for atomic operations.
successes to calculate the success rate.
true, all containers reduce outbound requests to protect upstream price sources. Evaluated on every inbound request.
Per-API-key rate limit state stored in ElastiCache for cluster-wide enforcement. The token bucket algorithm tracks remaining tokens and last refill time. Read and updated on every API request.
| Field | Type | Description |
|---|---|---|
tokens | float | Current token balance in the bucket |
last_refill | float (unix) | Timestamp of last token refill |
Stores the collected daily infrastructure metrics as a single JSON blob. Written by bash scripts/kcc.sh daily-collect and read by the CLI daily command and the KCC Live Dashboard.
Contains a comprehensive snapshot of all infrastructure metrics: service health, ECS cluster stats, Valkey metrics, Lambda status, nightly sync results, SQS queue depth, and 7-day website analytics.
daily-collect command (via /admin/valkey endpoint)daily command, KCC Live Dashboard (docs/dashboard.html)
Prevents double-processing of Stripe checkout session completion events. The receipt Lambda writes the full response after processing and checks for existence before re-processing.
Contains: Full Lambda response JSON from the receipt processing
Prevents duplicate processing of Stripe webhook events. Stripe may deliver the same event multiple times; this key ensures idempotent handling.
Tracks the last-synced timestamp for incremental data synchronization from Aurora to ElastiCache. The sync job reads these marks to determine which new records need to be copied.
usage_logs timestamp. The sync job queries Aurora for all usage_logs with timestamp > this value.
report_usage_logs timestamp. The sync job queries Aurora for all report_usage_logs with timestamp > this value.
Cached responses for the public observability endpoints. These avoid repeated AWS API calls (CloudWatch, S3) by caching the aggregated results in Valkey with short TTLs.
GET /public/infrastructure. Contains CloudFront requests/bandwidth, WAF blocked counts, SQS queue depth, Lambda invocations/errors, GuardDuty findings, and CloudWatch alarm states. Refreshed every 60 seconds (CloudWatch metrics have 5-minute granularity anyway).
GET /public/site-assets. Contains S3 bucket file counts by type (pages, docs, images, videos, total). Refreshed every hour — file counts only change on website deploys.
Per-API-key report limit tracking cached in Valkey for fast enforcement without Aurora queries on every report request.
Mirrors the Aurora report_count table for a single API key. Fields: monthly_limit, monthly_count, daily_count, daily_limit, reset_month, last_report_date. Read on every LRS report request to check limits before querying data. Written by the LRS counter after each successful report generation.
Per-API-key daily usage counters incremented on every price request. Used for the usage warning system (green/yellow/red thresholds) and the monthly_usage field in price responses.
Tracks daily request counts per API key. Hash field is the date (YYYY-MM-DD), value is the count. Incremented atomically via HINCRBY on every price request. Read to compute monthly_usage by summing all date fields in the current month. 48-hour TTL ensures old date fields expire naturally.
Pre-computed LRS report responses cached for stress-tier API keys. Avoids expensive ElastiCache range queries during stress testing — the stress tier gets instant cached responses while production tiers always run the real query pipeline.
POST /admin/seed-stress-report.
POST /admin/seed-stress-report.
Caches translations from AWS Translate for Impact Map pin captions. Used when users view map pins in non-English languages — the pin caption text is translated on-the-fly and cached to avoid repeat API calls. This is the only remaining use of AWS Translate in the system (document translation uses the custom Bedrock-powered engine).
| Component | Description |
|---|---|
{lang} | Target language code (e.g., ur, es, hi, ar) |
{text_hash} | Hex-encoded representation of the source English text |
Example: translate:ur:46616d696c7920467265656420... → "فیملی فریڈ - لیجر ہمیشہ کے لئے عبور ہوگیا"
Writer: POST /translate endpoint (on cache miss)
Reader: POST /translate endpoint (on cache hit — returns immediately)
Estimated Keys: ~100 pins × 11 non-English languages = ~1,100 keys maximum
Keys used by the custom Bedrock-powered document translation engine. Tracks active and completed jobs, per-pair progress, job history, idempotency deduplication, and daily spend caps. These keys provide real-time status for the /admin/translate/status endpoint and the dashboard SPA translation panel.
| Field | Type | Description |
|---|---|---|
state | string | Job state: queued, running, succeeded, failed, cancelled |
docs | string (JSON array) | Document filenames being translated |
langs | string (JSON array) | Target language codes |
submitted_at | string (ISO 8601) | When the job was submitted |
started_at | string (ISO 8601) | When processing began |
completed_at | string (ISO 8601) | When processing finished |
step_function_arn | string | ARN of the Step Function execution |
progress:{doc}:{lang} | string | Per-pair progress (dynamic fields, one per doc-language pair being processed) |
progress:{doc}:{lang} fields that update as each pair completes. Status endpoint reads this first — falls back to Aurora only for aged-out completed jobs.
Writer: Translation admin handler (on submit), Step Function callbacks (on progress/completion)
Reader: GET /admin/translate/status/{job_id}, GET /dashboard/api/translate/history
Estimated Keys: ~50 jobs retained (all completed jobs persist until manual cleanup)
Writer: Translation admin handler (on job start/complete)
Reader: POST /admin/translate (concurrency check), GET /admin/translate/queue
{completed_at:ISO,doc_count:N,failed:N,job_id:ID,lang_count:N,state:STATE,succeeded:N}. Used by the history endpoint for fast listing without hitting Aurora. Capped at 200 entries — oldest trimmed on insert.
Writer: Finalize Lambda (on job completion)
Reader: GET /admin/translate/history, GET /dashboard/api/translate/history
X-Idempotency-Key header within 24 hours, the existing job_id is returned instead of creating a duplicate.
Writer: POST /admin/translate (on first submission with idempotency key)
Reader: POST /admin/translate (deduplication check)
Writer: Translation worker (ECS Fargate task, after each pair)
Reader: POST /admin/translate (spend cap check), GET /admin/translate/health
Kill switch: Set autoops:bedrock:kill to 1 to halt all translation regardless of spend
Stores pre-built full-text search indexes for all 32 technical documents across 12 languages (384 total documents). Each language has its own index key containing a JSON array of section entries (doc title, section heading, URL, and ~500 chars of content per section). Built nightly by the /admin/build-search-index endpoint and queried by the public /search endpoint. The search API reads the index matching the user's language, returning results with native-language titles, snippets, and URLs.
search:index:en, search:index:es, search:index:pt, search:index:fr, search:index:de, search:index:ru, search:index:hi, search:index:ur, search:index:pa, search:index:ar, search:index:ja, search:index:zh. Each is a JSON-encoded array of SearchIndexEntry objects containing: doc_title, section (heading text), url (language-specific path), and content (plain text excerpt, max 500 chars).
Writer: POST /admin/build-search-index (admin endpoint, triggered by KCC build-search command or nightly sync job)
Reader: GET /search?q=term&lang=ja (public endpoint — reads search:index:{lang}, scores matches, returns top 20 results with native-language snippets)
Size: ~500 KB per language × 12 = ~6 MB total (~1,000+ sections per language)
Rebuild Time: ~30 seconds (fetches 384 docs from CloudFront across 12 languages, parses HTML, extracts text, stores 12 index keys)
search:index:en. Will be removed in a future version once all clients use the per-language keys.
State keys used by the autonomous operations system (Layer 1–5). These keys track threat analysis results, self-heal counts, action logs, notification cooldowns, and weekly release notes for the subscriber newsletter.
severity, summary, patterns (array), recommendations (array), auto_actions (array). Rebuilt every 5 minutes by tbi-ops-bedrock-analyze Lambda. Empty/missing when infrastructure is quiet (analysis skipped).
Writer: tbi-ops-bedrock-analyze Lambda (every 5 min via EventBridge)
Reader: tbi-ops-digest Lambda (daily/weekly summaries), KCC threat commands
action-type|severity|description. Used by the daily digest to summarize what AutoOps did in the last 24 hours.
Writer: All AutoOps Lambdas (on every action taken)
Reader: tbi-ops-digest Lambda
tbi-ops-self-heal Lambda each time it restarts a task or force-deploys a service. Used in daily reports and threat analysis context.
digest (narrative text), generated_at, and type fields. Overwritten each morning at 6 AM EST.
tbi-ops-digest Lambda as primary context for the weekly newsletter (last 7 days of reports fed to Bedrock). Typical size: 20–50 KB per day depending on session count.
Writer: trinity-beast-sync-job (nightly, backfills all dates from manifest)
Reader: tbi-ops-digest Lambda (weekly newsletter generation)
Writer: tbi-ops-notify Lambda (on notification send)
Reader: tbi-ops-bedrock-analyze Lambda (checks before invoking notify)
{ISO-timestamp}|{note text}. Appended via KCC release-notes command at the end of each development session. Read by tbi-ops-digest Lambda on Monday morning and passed to Bedrock to generate the "What's New" section of the weekly subscriber newsletter. Cleared automatically after the newsletter sends successfully.
Writer: KCC release-notes command (RPUSH)
Reader: tbi-ops-digest Lambda (weekly newsletter pipeline)
Cleared by: tbi-ops-digest Lambda (after successful newsletter send) or KCC release-notes-clear command
Keys used by the customer dashboard (/dashboard) for passwordless magic link authentication, session management, rate limiting, email change verification, and audit logging.
email, roles (array), created_at, last_seen, ip, user_agent, impersonated_by (set when admin is impersonating). TTL slides on every authenticated request. Key is the SHA-256 hash of the raw Bearer token — the raw token is never stored server-side.
Writer: ConfirmMagicLinkHandler (on successful magic link validation)
Reader: RequireSession middleware (every authenticated API call)
Deleted by: LogoutHandler, invalidateSessionsByEmail (on email change)
email, requested_at, ip, user_agent. Consumed atomically via GETDEL on first use — cannot be replayed. Auto-expires after 15 minutes if unused.
Writer: RequestMagicLinkHandler (on magic link request)
Reader: ConfirmMagicLinkHandler (atomic GETDEL — single use)
old_email, new_email, requested_at, ip. Consumed atomically via GETDEL when the user clicks the confirmation link. On confirmation, updates users.email in Aurora, updates Stripe customer email, and invalidates all sessions for the old email.
Writer: EmailChangeHandler (on email change request)
Reader: ConfirmEmailChangeHandler (atomic GETDEL — single use)
login ip=1.2.3.4, api-key-revealed, email-changed from=old@x.com to=new@x.com). Max 500 entries — oldest trimmed on insert. Events logged: login, logout, magic-link-requested, api-key-revealed, billing-portal-opened, impersonation-start, impersonation-end, email-change-requested, email-changed, profile-updated.
Writer: All dashboard handlers (via auditLog() helper)
Reader: Admin support tools, future ticket history panel