Azure Architect Certification AZ-300

I recently took to learning Azure and was inspired by my friend and colleague to sign up for the Certification Exam to discipline myself to work towards a deadline.  Well I got to say it worked!

Azure Solutions Architect Expert Certification requires passing two exams :
1. Azure Architect Technologies – AZ-300
2. Azure Architect Design – AZ-301

I have passed the AZ-300. Am yet to pick up speed in learning for AZ-301.

I have tried to capture the materials I had used to prepare for the exam.

Learning Path


Prep Exam Questions

  2. (Paid)
  3. (FREE TEST only)

Some parts of Microsoft Learning Online – Free


Switch Mac Network Location and Wifi with a Keyboard shortcut

Like many consultants, I am working at an enterprise client location behind the enterprise Proxy and an internal restricted wireless network

Frequently, I had to access certain websites and services that are disallowed within the enterprise proxy.  Fortunately Mac allows us to create multiple Network Locations and configure proxy and preferred wireless network for a specific Location.  This means one would expect that when you switch the location, the wifi network of choice configured would also be switched, but guess what, it turns out that, Mac does not switch wireless network as per the location…don’t ask me why.

Initially, like any geek, I tried complicated approaches like scripting the whole thing via bash/ruby scripts something like this..

$network_interface = 'en0'
$home_network = {location: 'Home', wifi: 'MyHomeWifi'}
$office_network = {location: 'Office', wifi: 'entepriseWifi'}
$guest_network = {location: 'Guest', wifi: 'ExternalGuest'}
def switch_to(network)
 `networksetup -switchtolocation #{network[:location]}`
 `networksetup -setairportnetwork #{$network_interface} #{network[:wifi]}` 
def go_office
 switch_to $office_network
def go_home
 switch_to $home_network
def go_guest
 switch_to $guest_network

But, the problem with this is, when I use networksetup to switch location, I am prompted to enter the sudo credentials which defeats the purpose of reducing the steps to switch between locations easily.  So I gave up this approach.

All these years, I have not been a fan of using Automator app that comes up with MacOS.  Every now and then I try to use it for some mini automation of some mundane tasks that I end up doing in my mac, but the experience has always been painful.  It was no different this time as well, but at this time I felt it was worth it 🙂 . And here am, thought I should document the steps if any one wants to venture into this.

  • Open Automator app, and create a New Document, you will be prompted to choose a template, choose Service


  • Select the Utilities section under Library
  • Double click on the Run Shell Script item
  • On the Run Shell Script window,  overwrite any sample script present in the text area with the following commands
networksetup -setairportnetwork en0

In the above script, there are two commands, scselect is to switch location and networksetup -setairportnetwork is for selecting the wifi network.  Please note, en0 is the network interface, which in most cases would be en0 but you can find this out by running ifconfig in your terminal window to see which is your wireless network interface.

  • Double click on the Display Notification item from the Utilities section.  Add a good title and message so that you get a notification when the network switch is completed.


  • Please ensure you select no input on the top of the script window where you see a drop down next to the text Service receives.  See the above image for reference.
  • Save this script with a meaningful name.
  • Now, lets add a simple Keyboard shortcut for this service.
  • Open System References->Keyboard.  Go straight to Shortcuts tab.
  • Select Services section in the left section.  Scroll down the section on the right and go all the way down to see a section called General.
  • You should find your newly added service here.  Go ahead and add your keyboard shortcut.


  • Thats it, you have now automated scripting the location switching steps.
  • Repeat these steps for configuring another location, now you can switch between these locations at ease using your keyboard shortcuts.  Have fun.


Keeping Authentication outside of Application

Authentication and Authorization has been part and parcel of almost every application software that is built.  And as a developer, we spend lot of time and effort in incorporating these two in every application we built.  While I would like to leave the Authorization for another post for some other day in the future, I thought I would share some thoughts on the Authentication.

Typical setup looks like this…

tzWlAuXaxgcz (1)

While hand coding the Authentication gives the developer full control,  there are so many problems with this…

  • Obviously we end up re-inventing the wheel every time
  • Security aspect is always taken for granted
  • Support for various authentication approaches and multi factor authentication requirements would soon call for a lot of additional effort to cater to the business.

Thanks to so many authentication solutions available as commodity in today’s world, most of the application developers simply integrate their application code with the authentication solution that has been chosen.  This is certainly a good thing, since now the major responsibility around security aspects is pushed out of your application boundary.

Authentication - Decoupled.png

In the above setup, we see that our application is becoming responsible for making the decision asserting whether the user is authenticated or not.  As we all know, authentication is a favourite target for attackers to exploit and get access into the application and hence is the most vulnerable area.  And typically our application is built with dependencies to a whole bunch of 3rd party libraries and frameworks which inturn depends a whole set of other libraries and so on.   This would mean the surface area of the vulnerability is that much bigger and our application is only as secure as the weakest area in the entire codebase.

How about getting rid of authentication logic outside of our application ?  In today’s world, there is almost always a ReverseProxy setup in the DMZ(using Apache/Nginx etc.)   There are many modules available that handle authentication against LDAP/ActiveDirectory, and to make SAML requests and assertions.  Authenticated Requests are forwarded to the application with special headers carrying the Identity Information(username, email id etc.).

The advantage here is that, these libraries are far more visible and are hence far more vetted for vulnerabilities and are actively maintained, when compared to our application code that was handling the authentication logic.

Personally, I have used mod_auth_mellon with Apache and to make SAML integration with SAML based Identity Providers(IdP).  This is how my new setup looks like…

Authentication at ReverseProxy (1)

With this above setup, all I will have to check in my application is to ensure the requests are initiated ONLY from a whitelisted IP address and pick up the user context from the special headers passed to it.

On-Demand Routing network traffic via Tor

I have recently started using Tor Proxy for my browsing needs.   However, there are times where the latency delay seem to test my patience and I end up giving more weight to my browsing experience than the anonymity needs, especially when am trying to search for my work related needs.

But switching Off the Tor Proxy in my browser seemed quite a painful task…hence this script(courtesy: but have made minor tweaks for my needs…

!/usr/bin/env bash

# 'Wi-Fi' or 'Ethernet' or 'Display Ethernet'

# Ask for the administrator password upfront
sudo -v

# Keep-alive: update existing `sudo` time stamp until finished
while true; do sudo -n true; sleep 60; kill -0 "$$" || exit; done 2>/dev/null &

# Let's roll

echo 'Switching to Tor Proxy...'
sudo networksetup -setsocksfirewallproxy $INTERFACE 9050 off
sudo networksetup -setsocksfirewallproxystate $INTERFACE on

echo 'Starting Tor...'
sudo networksetup -setsocksfirewallproxystate $INTERFACE off

You can confirm if you are using Tor or not by going to this URL in your browser :

Run this command in your terminal and your Mac’s network interface would switch to use Tor Proxy.  Simply terminate the command to switch back to not using Tor.

Am I a Developer? Architect? Neither?

I have always preferred to call myself a “Dev” and thats it.

To me, “Architect” is a loaded term. It could mean quite a lot of things in real world :
– Person who keeps himself up-to-date with the various technologies and solutions that is prevailing, trending and emerging
– Person who is not hands-on
– Person who is a power user of PowerPoint 😉
– Person who when needed, may not be able to fold his sleeves and get his hands dirty on a specific code problem, troubleshooting etc.

However, Neal Ford has explained in a much better way here…am atleast able to relate to it well and also able to reflect upon myself…

  • Thing Big picture
  • Try and “know” various technologies in breadth and try and apply them to solve a business problem, and go “depth” on need basis
  • Is able to effectively provide solutions to business problems using Technology
  • And yes, “you should not be an ivory tower architect” where you stay too far away from code and become almost untouchable 🙂

Bye bye Blogger, Welcome WordPress

Thanks to V1 for this inspirational post.

After a very long time I am hoping to get back to blogging…

Somehow when I looked at my blogger site, it was looking quite dull and was very demoralizing.  I was using Google’s Blogger service.

Somehow, I always wanted to switch to WordPress.  Couple of options I had considered…

  1. Setup a local WordPress Site in my home and hook it up on the Internet.
  2. Setup a WordPress Site in AWS.  This means I will have to ensure I take care of things like backup etc.
  3. Setup a Bitnami Cloudhosting service.
  4. Or simply host it on, and go for an upgrade to make my to point to my WordPress Blog

Yes, finally option #4 is what I chose!

I had to export my blogs and comments from Blogger to WordPress.  Based on some googling, I thought I will have to do some work to setup proper redirections between blogger and wordpress to ensure the permalinks are indeed “permanent” and any google search result to my old blog link should take the user to my blog in the new WordPress location, but looks like its taken care of automatically (still trying to figure out how!)

And now it’s all kind of setup and the fact that you are able to read this blog says that all is well 🙂

Simple function to switch between multiple Java versions

Recently we have started upgrade our java applications to start using Java 8.  Wanted to quick and easy way to switch between different versions of Java.

If I was using a debian variant of Linux(Ubuntu/Mint etc.), I could have used

sudo update-alternatives --config java

But am using a Mac, hence wrote this …

jvm() {
 export JAVA_HOME=`/usr/libexec/java_home -v "$1"`
 java -version