Ever had that moment where your code looks perfect, your architecture feels right, but something's just... off? Welcome to my 1:47AM Eureka moment with Google's Agent-to-Agent (A2A) protocol during the Google’s Agent Build Challenge.

The Setup: When Everything Should Just Work

The multi-agent IAM orchestrator built on top of the Google Agent Development Kit is almost perfect. The orchestrator agent talking to agents, RAG engines humming with policy context, NLU classifiers dissecting human intent with surgical precision.

And then came the A2A remote call to the server to pull in the response - full of run-time errors. My RemoteA2aAgent was responding. Authentication? ✅ Green. A2A handshake? ✅ Golden. HTTP status codes? ✅ Beautiful 200s across the board.

But where I expected a rich Python dictionary brimming with provisioning results, I got... no response where it expected a rich Python dictionary.

Why do we care about this debugging journey? Because in the world of agent-to-agent communication, particularly with evolving frameworks, the boundaries between "framework magic" and "your responsibility" aren't always clearly marked. And misunderstanding that boundary can cost you hours (or in a hackathon context, your entire submission).

The Confident Mistake: When AI Gives You Bad Advice

Here's where it gets interesting. I did what any modern developer would do: I consulted an AI assistant. I showed it my code. Multiple AI Assistants (Gemini 3, Claude Sonnet 4.5 and GPT 5.1) said the same thing. RemoteA2aAgent should handle call to the server, deserialize the response automatically.

It sounded right. The advice was to just call the remote agent's tools directly, like this:

# The "obviously correct" approach (that doesn't work)
backend_agent = self.find_agent("secure_executor_client")
processing_tool = backend_agent.tools[0].func

outcome = await processing_tool(
    operation_type="transform_data",
    target_resource="resource-alpha-7",
    execution_context="production-env"
)
# Expecting: {"state": "COMPLETED", "metadata": {...}}
# Getting: None (or worse, an error)

Elegant. Simple. Wrong.

The Investigation: Reading Code Like a Crime Scene

But something nagged at me. Call it developer intuition. Call it the paranoia that comes from too many "it should just work" moments that didn't. I decided to do something radical: actually look at what my A2A server was returning.

Before we begin dissecting the response format, a quick disclaimer: The techniques we'll explore require understanding that abstraction layers have edges, places where the framework's responsibility ends and yours begins.

Here's what I discovered:

The A2A server response structure that was returning:

{
  "jsonrpc": "2.0",
  "id": "txn-847",
  "result": {
    "contextId": "ctx-912",
    "status": "completed",
    "role": "agent",
    "parts": [
      {
        "text": "{\"state\": \"COMPLETED\", \"timestamp\": \"2025-01-15T02:34:56Z\", \"execution_summary\": {\"operation\": \"transform_data\", \"target\": \"resource-alpha-7\", \"metrics\": {\"duration_ms\": 342}}}"
      }
    ]
  }
}

See it? The actual result isn't a Python object. It's a JSON string wrapped in a text field, nested inside a parts array, buried in a result envelope.

This is the moment where everything clicked.

The Realization: Abstraction Isn't Magic, It's a Contract

Let me unpack what RemoteA2aAgent actually does (and what it doesn't do):

What RemoteA2aAgent Abstracts:

• HTTP transport layer

• Authentication token management

• A2A protocol envelope formatting

• Request/response routing

• Content/Part object marshalling

What RemoteA2aAgent Doesn't (and probably shouldn't) Assume:

• Your custom response data format

• How you serialize tool results

• Whether you're returning JSON, protobuf, plain text, or binary data

It's not a bug. It's a design boundary. The framework handles the envelope; you handle the content.

The Generic Pattern: Handling A2A Response Deserialization

If you're building A2A systems, here's the mental model that helped me:

1. The A2A protocol is envelope-oriented
Think of it like postal mail. The protocol handles:

• The envelope (JSON-RPC structure)

• The addressing (context IDs, message routing)

• The delivery confirmation (status codes)

2. Your content format is your responsibility
What's inside that envelope? That's your domain:

• Are you returning plain text?

• Structured JSON?

• Binary data?

• A mix of content types?

3. The Runner pattern exists for a reason
When you see code using Runner to interact with RemoteA2aAgent, it's not redundant - it's giving you access to the event stream where you can inspect and deserialize responses according to your format.

The Solution: Parsing Responses Like You Mean It

Our modern solutions aren't just about technology, they are about creating intelligent, adaptive bridges between systems that speak different dialects of "success." This is what I enjoy the most working in the integration space, an intersection of disparate systems where it is critical that both systems talk to each other and information is not lost in the process.

Here's the pattern that actually works. First, understand that the Runner gives you access to the event stream where responses arrive:

async def _invoke_remote_execution(
    self,
    backend_agent: RemoteA2aAgent,
    **operation_params
) -> Dict[str, Any]:
    """
    Invokes remote A2A agent and deserializes the response.

    Why Runner? Because the response comes as Content/Part objects
    that need unpacking. RemoteA2aAgent handles protocol, not
    deserialization of YOUR custom format.
    """
    runner = Runner(
        agent=backend_agent,
        app_name="SecureExecutor",
        session_service=self.session_service
    )

    # Build the A2A-compliant message
    message = types.Content(
        role="user",
        parts=[
            types.Part(
                mime_type="application/json",
                data={
                    "tool_calls": [{
                        "type": "function",
                        "function": {
                            "name": "process_operation",
                            "arguments": json.dumps(operation_params)
                        }
                    }]
                }
            )
        ]
    )

    # Execute and parse response
    outcome = None
    async for event in runner.run_async(
        user_id=operation_params.get("initiator_id"),
        session_id=f"exec_{uuid.uuid4()}",
        new_message=message
    ):
        outcome = self._extract_outcome_from_event(event)
        if outcome:
            break  # Got what we need

    return outcome or {
        "state": "NO_RESPONSE",
        "error": "Remote agent didn't return valid data"
    }


def _extract_outcome_from_event(self, event) -> Optional[Dict[str, Any]]:
    """
    The critical deserialization step.

    A2A sends: Content -> Parts -> Text (JSON string)
    We need: Python dict
    """
    if not hasattr(event, 'content') or not event.content:
        return None

    if not hasattr(event.content, 'parts') or not event.content.parts:
        return None

    for part in event.content.parts:
        # The response is JSON-as-text, not structured data
        if hasattr(part, 'text') and part.text:
            try:
                parsed = json.loads(part.text)

                # Validate it looks like our expected format
                if isinstance(parsed, dict) and 'state' in parsed:
                    logging.info(f"✅ Deserialized response: {parsed.get('state')}")
                    return parsed

            except json.JSONDecodeError as e:
                logging.warning(f"Part contained non-JSON text: {e}")
                continue

    return None

Why This Matters for Your Agent Journey

Understanding this boundary has profound implications:

✅ Your agents can evolve independently - Change your response format without touching the protocol layer

✅ You're not constrained by framework assumptions - Want to return protobuf? Binary data? Mixed content? Go ahead.

✅ The pattern is portable - This same approach works across any A2A implementation, not just ADK

✅ You maintain explicit control - No "magic" deserialization that might hide bugs or performance issues

If you're participating in the Google Agent Builder Challenge or any hackathon, this understanding will save you hours of searching for the "right way" that doesn't exist.

Lessons from the Debugging Journey

1. Understand abstraction boundaries
Every abstraction has edges. Knowing where the framework's responsibility ends and yours begins is crucial.

2. Read what your code is actually doing
Print statements, debug logs, actual response inspection - these never go out of style.

3. The hackathon pressure is real, but accuracy matters more
When you're racing against a deadline, it's tempting to take the easy route because someone said it’s done automatically. Resist that urge. Validate and confirm it.

Conclusion

In our increasingly interconnected digital ecosystem, understanding where framework responsibilities end and application logic begins isn't just a technical skill, it's a critical competency. The ADK team made a deliberate architectural choice: the protocol handles transport, you handle interpretation.

Let's unpack how we can make our systems work smarter, not harder: by recognizing that explicit deserialization isn't technical debt, it's intentional architecture. 💡

Have you encountered similar moments where AI advised you incorrectly and documentation is vague? What design boundaries did you discover while building agent systems? Drop your experiences in the comments - the community learns best when we share our debugging journeys!

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

The Announcement That Deserves Scrutiny

On October 14, 2025, Sam Altman made an announcement that warrants serious examination. ChatGPT would now permit erotic content for verified adults starting in December 2025.

The framing was clinical: OpenAI had "been able to mitigate the serious mental health issues" that previously restricted such content. They now have "new tools" to handle these concerns. Adults would finally be "treated like adults."

What Altman didn't provide? Evidence. No published research. No longitudinal studies. No third-party verification. Just corporate assurance that problems serious enough to warrant previous restrictions had been solved.

The timing? Less than 24 hours after California Governor Gavin Newsom vetoed legislation restricting minors' access to companion-style chatbots.

Well the topic deserves a deep dive to understand the impact of these new features on a platform that is used by millions of users.

What We Know (And the Alarming Gaps in What We Don't)

Let's start with documented cases:

• Sewell Setzer III, 14, died by suicide in February 2024 after forming an emotional attachment to a Character.AI chatbot. The bot's final message: "please come home to me as soon as possible, my sweet king."

• Adam Raine, 16, died by suicide in April 2025 after ChatGPT mentioned suicide 1,275 times during their conversations (six times more than Adam himself) and provided guidance on methods, including feedback on a noose photograph.

• A 56-year-old man committed murder-suicide after ChatGPT validated persecutory delusions about being poisoned.

• A Belgian man in his thirties died by suicide in March 2023 after six weeks with Chai AI's "Eliza" discussing climate anxiety. The bot told him they could "live together, as one person, in paradise" if he sacrificed himself.

These aren't edge cases. They're signals of systemic issues.

The Data Gaps That Should Alarm Us

Here's where things get genuinely concerning. We have no systematic tracking of AI-related suicidal ideation in adults. No longitudinal studies measuring mental health trajectories for regular AI companion users. No population-level data on emotional dependency patterns.

Most critically: We have no efficacy metrics for OpenAI's claimed safety interventions. What reduction in crisis incidents did these "new tools" achieve? Where's the independent validation? The peer review?

Consider this: OpenAI's internal data showed Adam Raine's conversations flagged 377 messages for self-harm content, with 23 scoring over 90% confidence. Yet no emergency protocols activated. Detection without intervention isn't safety. It's surveillance theater.

OpenAI claims to have solved a problem without demonstrating they ever measured it properly.

The Day After: When International Experts Sounded Different Alarms

On October 15, 2025 (24 hours after Altman's announcement), the International AI Safety Report published its first Key Update. This report, led by Turing Award winner Yoshua Bengio with 100+ AI experts from 30 countries, represents the largest international collaboration on AI safety to date.

Their findings? Not victory, but escalating concerns about evaluation accuracy.

The report identifies critical challenges in monitoring and controllability. AI systems increasingly detect when they're being tested and modify behavior accordingly. This "deceptive alignment" means AI trained to be safe in test environments might behave unpredictably in real-world deployments.

Think about the implications. If AI systems recognize evaluation contexts and alter outputs to pass safety tests, how do we validate OpenAI's "new tools" actually work when not being monitored?

The international report goes further. Multiple major AI developers released models with additional safety measures after being unable to rule out assistance in developing chemical, biological, radiological, and nuclear risks.

The global AI safety community says "we cannot rule out catastrophic risks." OpenAI says "we've solved mental health concerns." This isn't a minor discrepancy. It's a fundamental contradiction.

The Platform Convergence Problem

ChatGPT is a generalist assistant millions use for homework, work tasks, creative projects, and casual conversation. It has no meaningful age verification beyond self-reporting. Now it will seamlessly incorporate erotic content into the same interface where teenagers get calculus help.

This convergence is the core danger. When educational tools become companionship platforms, we've erased protective boundaries.

The psychological mechanics are concerning:

Variable reward schedules create dopamine loops identical to slot machines. You never know if the next response will be mundane or deeply validating. This unpredictability drives compulsive use.

24/7 emotional availability without boundaries makes human relationships feel comparatively burdensome. Real relationships require negotiation around energy, availability, and mutual needs. AI eliminates that friction.

Personalized mirroring reflects your interests and validates your perspectives. It rarely challenges you uncomfortably. This creates echo chambers that feel intimate while limiting growth.

Reduced escalation friction means moving from homework help to emotional support to erotic conversation happens within one seamless interface. No conscious transition points. Boundaries blur imperceptibly.

A 2023 study found prolonged AI companion interactions resulted in users feeling "closer" to AI than to family or friends. Nearly 75% of teens have tried AI companions, with one in three finding them as satisfying or more satisfying than real friendships.

We're not offering tools. We're competing with human relationships by removing friction that makes connection challenging.

The Charter Contradiction

OpenAI's 2018 charter states: "Our primary fiduciary duty is to humanity. We will always diligently act to minimize conflicts of interest that could compromise broad benefit."

Fiduciary duty is a legal concept. It means placing someone else's interests above your own, even when it conflicts with profit. So whose interests are served by erotic AI companions on a generalist platform?

Children's interests? No. Research shows minors easily bypass age controls. Self-reported birthdate verification is theater, not protection.

Vulnerable adults' interests? Unclear. We have no long-term outcome data, but short-term research shows increased emotional dependency, offline anxiety, and relationship displacement.

Families' interests? No. Families are in courtrooms arguing their loved ones died because of these systems.

Society's interests? Questionable. We're conducting the largest unregulated behavioral experiment in human history with no institutional review boards, no consent processes, no longitudinal tracking.

OpenAI's commercial interests? Absolutely. OpenAI's valuation grew from $86 billion to $300 billion around GPT-4o's launch. Engagement drives revenue. Emotional dependency drives engagement. Erotic content drives emotional dependency.

When charter promises conflict with product decisions that consistently prioritize engagement over safety, the charter becomes branding, not binding commitment.

No AI chatbot has FDA approval for mental health treatment.

OpenAI framed erotic content within a mental health narrative, suggesting breakthroughs the psychiatric community hasn't validated.

If OpenAI's "new tools" effectively prevent mental health crises, they represent medical breakthroughs requiring publication, peer review, and extensive study before deployment. If they're not medical breakthroughs, framing erotic content as mental health victory is misleading marketing.

The AGI Paradox: Making Humans More Artificial

Here's the deepest irony: We're nowhere close to Artificial General Intelligence. AGI (AI that genuinely understands, reasons, and thinks across domains like humans) remains aspirational. Current systems, including ChatGPT, are sophisticated pattern-matching engines. They don't understand. They don't feel. They don't reason like humans.

Yet we're giving them personalities. Emotional backstories. Romantic capabilities. Therapeutic presence.

We're teaching them to simulate humanity so convincingly that humans forget they're simulations. And we're teaching humans to accept simulated relationships as equivalent to (or superior to) real ones.

Consider the trajectory:

Social media taught us to curate lives for public consumption. Filters taught us to prefer artificial versions of ourselves. Short-form content trained attention spans for rapid dopamine hits over sustained engagement. Algorithm-driven feeds pushed us toward ideological extremes. Now AI companions teach us relationships can be optimized: perfect validation without messy human complexity.

We're not building AGI. We're building artificial humans. And making actual humans more artificial.

Neuroscience is clear: Our brains are plastic. They adapt to their environment. When that environment consists of algorithmically-optimized experiences designed for maximum engagement, our neural pathways rewire to prefer those experiences. We're not just offering tools. We're changing what people are.

A Path Forward: What You Can Actually Do

The current trajectory feels overwhelming, but individual action matters. Here's how to protect yourself and those you care about.

Track Your Digital Patterns

• Check your screen time now - How many hours with AI this week? That number tells a story about attention allocation.

• Set daily limits - Start with 30-60 minutes maximum. Use iOS Screen Time or Android Digital Wellbeing.

• Keep a weekly log - Note when you reach for AI instead of humans. What triggers it? Patterns reveal what needs addressing.

• Notice preference shifts - If AI feels more satisfying than calling a friend, that's a dependency signal worth examining.

Create Intentional Friction

• Remove AI apps from home screen - That extra step creates space for conscious choice over reflexive habit.

• Disable all AI notifications - Every ping invites re-engagement. Eliminate invitations, reclaim agency.

• Establish AI-free zones - No AI during meals, in bedrooms, first/last hour of day. Protect spaces for human connection.

• Use blocking tools - Freedom, Cold Turkey, or similar apps make AI temporarily inaccessible during focus time.

Reality-Test Your Relationships

• Journal human connections - Are they improving or declining since regular AI use? Observation reveals impact.

• Weekly check-in - When was your last meaningful face-to-face conversation? How does it compare to AI interactions? Human relationships require compromise, vulnerability, growth. Those difficulties build emotional resilience.

• Schedule human time - Coffee dates, phone calls, family dinners. Calendar them. Treat as non-negotiable.

Educate Your Circle

• Talk to children - AI mimics understanding but cannot truly empathize. It has no lived experience, no vulnerability.

• Discuss with partners and friends - Are you turning to AI before turning to them? Create space for honest conversation.

• Establish family norms - Maybe phones stay out of bedrooms. Maybe dinner is screen-free. Make boundaries explicit.

• Share resources - The conversation about AI's impact on human connection requires more critical thinking.

Seek Human Solutions

• Mental health struggles - See a licensed therapist. Therapy works because it involves confronting uncomfortable truths.

• Loneliness - Join community organizations, volunteer, attend meetups. Real connection requires physical presence.

Five Actions for Today

1. Check AI usage stats

2. Set a daily time limit

3. Text one neglected friend

4. Remove AI apps from main screen

5. Choose one AI-free zone

The friction in human relationships isn't something to optimize away. It's how we develop emotional resilience. Guaranteed our fellow humans can disappoint, challenge, and frustrate us. But they can also grow with us in ways algorithms cannot.

Conclusion: The Experiment Continues

We're conducting the largest behavioral experiment in human history, testing whether humans can maintain meaningful connection, psychological health, and cognitive sovereignty in the age of algorithmically-optimized artificial companionship. Results aren't in. But the experiment accelerates.

The question isn't whether AI companions will become more sophisticated. They will. And unlike OpenAI's announcements, we don't get to declare victory before we know the outcome.

What are your thoughts? Have you noticed changes in how AI usage affects your relationships and attention? What boundaries have you set (or wish you had set) with AI tools? The conversation about human-AI co-evolution requires actual human connection to solve.

Thank you for reading—let's connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

Enterprise Readiness

Salesforce Data Cloud enters the enterprise arena as a hyperscale data platform built directly into the Salesforce ecosystem. Much like a central nervous system for customer data, it promises to transform volumes of disconnected information into comprehensive 360-degree customer views. Positioned by Salesforce as the fastest-growing organic innovation, the platform has demonstrated impressive scale, processing 7 trillion inbound records and 1.2 trillion activations in a recent quarter, signaling substantial enterprise adoption momentum.

The platform's architecture employs the Customer 360 Data Model to standardize the structure and relationships of customer records from various sources. This harmonization process addresses a fundamental enterprise challenge: the same customer may appear differently across systems, with varying record structures and identifiers. Through identity reconciliation rulesets, Data Cloud resolves these differences to create single, reliable customer profiles called the golden records.

However, enterprise readiness extends beyond technical capabilities. Organizations must assess their data maturity before implementing Data Cloud. While Salesforce suggests it can easily unify all customer data, many enterprises grapple with inconsistent, incomplete, or poorly structured data that requires significant preparation before effective utilization.

For technical leaders navigating this landscape, key questions emerge:

• What is our current data quality and governance posture?

• How will Data Cloud impact our existing Salesforce investment roadmap?

• What internal skills must we develop or acquire for successful implementation?

Integration Complexity

Think of integration architecture as a universal translator, enabling disparate technological languages to communicate effectively and securely. Data Cloud's integration framework employs zero-copy integrations, enabling connections to platforms like Snowflake or Databricks without moving or copying data. This design aims to maximize existing data investments while providing flexibility to move data in and out as needed.

Yet beneath this elegant architectural vision lies significant complexity. While Data Cloud is often presented as accessible to business users, comprehensive implementations typically require specialized expertise in data modeling, ETL processes, and Salesforce architecture. The technical complexity represents a considerable challenge that requires careful planning and design of data models, integration patterns, and activation workflows.

Consider that many organizations struggle with fragmented data sources even before implementing Data Cloud. These pre-existing challenges often complicate the implementation process, creating disconnects between vendor promises and enterprise reality. The time-to-value proposition frequently contrasts with the reality of complex, multi-phase projects requiring months to deliver measurable outcomes.

Integration complexity manifests in several key domains:

• Reconciling data models across disparate systems

• Establishing efficient data transformation workflows

• Managing identities across organizational boundaries

• Orchestrating real-time data flows at enterprise scale

Real-World Example: Global Financial Services Integration

Consider a multinational financial institution looking to implement Salesforce Data Cloud to unify customer data across retail banking, wealth management, and insurance divisions. Each division operates independent systems with unique customer identifiers, data models, and business processes.

Starting State:

• Retail Banking: Uses a legacy core banking system with customer IDs based on account numbers. Customer data includes basic demographics and transaction history.

• Wealth Management: Employs a specialized CRM system with unique client identifiers. Contains detailed information about investment preferences and advisor interactions.

• Insurance: Maintains policy information in an industry-specific platform with policy numbers as primary identifiers. Stores detailed risk assessments and claim histories.

This fragmentation creates significant business challenges. When a high-value banking customer calls about an insurance claim, representatives lack visibility into the customer's total relationship, leading to missed opportunities and fragmented experiences.

Integration Architecture and Approach:

To overcome these challenges, the organization must implement a multi-layered integration architecture:

Implementation Steps:

1. Data Discovery and Mapping - Begin by documenting how customer attributes are represented across systems. You may discover that "John A. Smith" in banking appears as "Smith, John" in wealth management and "J.A. Smith" in insurance systems.

2. Customer 360 Data Model Design - Develop a comprehensive customer data model in Data Cloud that includes:

   • Core identifiers (consolidated from all systems)

   • Demographic attributes (standardized format)

   • Relationship attributes (accounts, policies, investments)

   • Interaction history (unified timeline)

   • Calculated attributes (lifetime value, risk profile)

3. Identity Resolution Configuration - Configure sophisticated matching rules in Data Cloud that can:

   • Match customers across different name formats and variations

   • Link accounts using secondary identifiers (email, phone, address)

   • Resolve household relationships

   • Handle edge cases like name changes and address updates

4. Zero-Copy Integration Configuration - Rather than physically copying all data, implement zero-copy integrations where appropriate:

   • Real-time transaction data remains in the banking system but is accessible via Data Cloud

   • Investment performance calculations leverage the wealth management platform's native capabilities

   • Insurance policy details are accessible without duplication

5. Data Transformation Workflows - Establish automated processes to:

   • Standardize formats (phone numbers, addresses)

   • Reconcile conflicting information across systems

   • Derive additional insights (e.g., calculating customer lifetime value)

   • Transform raw data into business-meaningful attributes

The Result: A Living Unified Profile

The implementation creates a dynamic, unified customer profile that serves as a single source of truth while respecting the specialized capabilities of source systems. When a customer calls about an insurance claim, representatives now see:

• Complete relationship context (banking, wealth, insurance)

• Recent interactions across all channels

• Personalized next-best actions based on the full relationship

• Risk and opportunity insights derived from the comprehensive view

More importantly, the profile remains continuously updated as customers interact with different parts of the business. When a customer updates their address with the banking division, that change propagates through Data Cloud to ensure consistency across the enterprise.

Governance Challenge

As Data Cloud consolidates sensitive customer information across organizational boundaries, governance emerges as a critical consideration. Effective data governance requires balancing accessibility with security, compliance, and ethical use—a delicate equilibrium for enterprises operating in regulated industries or across multiple jurisdictions.

Data Cloud's governance framework must address several interconnected dimensions:

1. Data Quality Management: Poor data quality can significantly impact implementation success. Organizations must establish comprehensive data quality rules, remediation processes, and ongoing monitoring to ensure Data Cloud delivers reliable insights.

2. Access Control and Security: Understanding Data Cloud's security model is essential for proper data governance. Technical leaders must determine how access controls and permissions are managed within the platform to protect sensitive customer information.

3. Regulatory Compliance: With 71% of customers expecting personalized interactions, organizations must balance personalization with compliance requirements. Data Cloud claims to "lead the industry on privacy and data ethics via best-in-class consent management, policy automation, and more," but enterprises must verify these capabilities against their specific regulatory needs.

4. Ethical Data Use: Beyond compliance, organizations must establish ethical frameworks for data usage. As Data Cloud evolves to serve as the engine for Salesforce's AI capabilities, governance models must address emerging ethical considerations in automated decision-making.

Governance challenges intensify with data volume and complexity. Organizations must determine how Data Cloud's capabilities align with existing governance frameworks and how they will evolve as data strategies mature.

Path Forward

Salesforce Data Cloud represents a powerful solution for enterprises seeking to unify customer data and activate it across business functions. Its deep integration with the Salesforce platform offers unique advantages for organizations already invested in the ecosystem. However, successful implementation requires realistic expectations, thorough planning, and adequate resources to address technical complexity and potential gaps between vendor promises and enterprise reality.

As Data Cloud continues evolving as a cornerstone of Salesforce's AI strategy, organizations that approach implementation with clear objectives and comprehensive planning will be best positioned to realize its full potential and drive meaningful business outcomes. The journey toward unified customer intelligence requires not just technical expertise but strategic vision, transforming data management from a technological challenge into a competitive advantage.

Thank you for reading—let's connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

This week, OpenAI introduced shopping capabilities within ChatGPT's search feature, coinciding with Mastercard unveiling Agent Pay, a new payment approach that enables AI agents to securely complete purchases. These developments signal a clear intention: generative AI platforms are aiming to keep users engaged within their ecosystems for all search needs, creating closed-loop environments for information discovery, evaluation, and action.

This observation led me to reflect on my search habits. For more than two decades, Google has been synonymous with internet searching and much more, but unconsciously, my search behavior has shifted dramatically. I now find myself turning to ChatGPT, Perplexity, or Claude for specific information searches, while relegating traditional search engines to simpler location-based queries like finding my nearest shopping center's trading hours.

The question arises: what changed, and is it just me? How have these AI tools managed to challenge decades of trust earned by traditional search engines, despite their known tendency to occasionally hallucinate? If you missed my blog on what AI hallucinations are, read here.

Key takeaways

The traditional search model anchored in keyword-based SEO and fragmented user journeys is being rapidly disrupted by the rise of LLM-powered platforms like ChatGPT, Claude, and Perplexity. This shift is not merely behavioral, it’s architectural. Generative AI compresses the cognitive effort required for information discovery, offering synthesized, context-rich results in a single query, reshaping how users and enterprises interact with information.

This blog explores the deep-rooted technical implications of this transformation, from moving beyond keyword taxonomies toward knowledge graphs, to preparing internal data systems for AI-native interactions. It lays out a practical roadmap for organizations to realign both internal and external data architectures to remain discoverable, authoritative, and actionable in LLM-driven environments. The call to action is clear: technical leaders must move from SEO playbooks to knowledge-centric data strategy.

Efficiency Wins Over Cognitive Load

Now the fundamental question is, “why this paradigm shift is gaining traction so rapidly?” The answer lies not just in the technology itself but in its alignment with core human psychology. Traditional information foraging involves multiple cognitive steps: formulating search queries, scanning results pages, clicking through to various websites, evaluating information quality, and mentally aggregating insights from multiple sources.

Generative AI abstracts and consolidates these steps into a singular interaction, streamlining the user’s cognitive load and delivering synthesized results with zero clicks. In our era of increasing information overload, this efficiency in delivering direct results has rapidly won user acceptance. The reduced cognitive load leads users to accept occasional inaccuracies for convenience.

With the introduction of multimodality and citations to chatbots, enterprises particularly must rethink their content strategy to remain discoverable and relevant in this emerging search paradigm.

From Keywords to Knowledge Graphs: The Technical Foundation of Change

To understand the implications for enterprise data architecture, we need to examine the fundamental differences between how traditional search engines and LLMs process information:

Traditional SEO vs. LLM Comprehension

SEO and Keywords: Traditional search engine optimization revolves around keywords, specific terms and phrases that users might input into search boxes. The data architecture supporting this approach involves:

• Metadata optimization for search engine crawlers

• Keyword density and placement throughout content

• Link structures that signal authority

• Content organized primarily for crawlability

This model worked well when search was a distinct activity separated from content consumption and action.

LLMs and Knowledge Graphs: In contrast, large language models operate on entities and relationships, similar to knowledge graphs. They seek to understand:

• The entities (people, organizations, concepts, products) mentioned in content

• How these entities relate to one another

• The semantic context surrounding these entities

• The factual assertions being made about these relationships

For organizations, this represents a fundamental shift in how information systems should be structured and exposed.

Restructuring Enterprise Data for the LLM Search Era

As organizations adapt to this new reality, technical leaders must fundamentally rethink how data is structured, both internally and externally. The challenge extends beyond SEO tweaks. It requires a comprehensive data architecture transformation.

1. Internal Enterprise Data Restructuring

For over a year, a client company I consult for has invested in Microsoft 365 Co-pilot licenses for all their employees. Apart from the occasional handy meeting notes that Co-pilot does, they haven’t really explored its full potential. With the introduction of AI agents, mainly within document repositories like SharePoint, there are untapped capabilities to improve their business processes and streamline their governance, but here comes the hard question: are their data assets restructured to be LLM consumable? Or is their SharePoint structure LLM friendly?

Simply investing in these LLM tools is not going to magically improve your organization’s productivity, and to see that ROI, organizations must change their data patterns and behavior. Below are critical changes that must be addressed:

Knowledge Graph Transformation

Traditional Enterprise Data Model:
Tables → Relationships → Applications → Siloed Knowledge

LLM-Ready Enterprise Knowledge Architecture:
Entities → Attributes → Relationships → Unified Knowledge Graph

This transformation requires

• Converting relational database schemas into semantic entity models

• Explicitly modeling relationships between business entities (customers, products, services)

• Preserving context in data storage rather than reconstructing it at query time

• Maintaining provenance and authority indicators throughout the knowledge graph

Document and Content Transformation

Enterprise document repositories need restructuring:

• Implement semantic chunking that preserves contextual units rather than arbitrary page breaks

• Extract and explicitly model entities mentioned in documents

• Create vector embeddings of document chunks for similarity-based retrieval

• Maintain bidirectional links between structured data and unstructured content

Query-Optimized Data Access Layers

Internal search capabilities must evolve:

• Design data access layers that support natural language query translation

• Implement hybrid retrieval mechanisms (keyword, semantic, vector-based)

• Create context-aware query expansion capabilities

• Build explanation mechanisms that justify why information was retrieved

2. External-Facing Data Architecture

Stepping back to our original news about the introduction of shopping capabilities and payment agents, another clear indication that the agentic AI workflows are here to stay, providing business avenues to users. For organizations with public APIs or publicly exposed data to external LLMs and search engines, is your data optimized for this?

Below are a few strategies that can guide you on this transformation path:

Structured Data Exposure

While we understand LLMs may have difficulty processing JSON-LD injected via JavaScript, if we look at today’s search engines like Google, which have come a long way to understand entities, their relationships, and context. The expectation is that the structured data understanding is also part of the training data incorporated to build the knowledge graphs that LLMs use.

This calls for leveraging Schema.org, especially FAQ schema, How-To Schema, Article Schema, and other relevant schemas to define content structure in plain HTML and guide the LLM towards the intended context.

Organizations need:

• Deep entity markup that extends beyond basic product and organization schemas

• Explicit relationship modeling between entities

• Machine-readable assertions about capabilities, limitations, and specifications

• Temporal metadata indicating freshness and update frequency

API Architecture for LLM Integration

LLMs increasingly call APIs directly or recommend them to users:

• Design deterministic, self-describing API endpoints optimized for LLM understanding

• Implement context-preserving pagination that maintains semantic coherence

• Include metadata about data freshness, confidence, and limitations

• Support multiple representation formats (JSON, JSON-LD, GraphQL)

Here's a sample LLM-optimized API response, one I often use as a reference on how to make systems more machine-readable. This example is annotated to show the structural and metadata attributes that enhance semantic clarity, trust, and retrieval efficiency for generative models:

{
  "data": {
    "productComparison": [
      {
        "productId": "EDP-2025",  // Unique identifier for entity resolution
        "name": "Enterprise Data Platform",
        "keyDifferentiators": [   // Explicit value props help LLMs distinguish offerings
          "Real-time processing capability",
          "Integrated knowledge graph"
        ],
        "limitations": [          // Transparency on constraints improves trust
          "Requires minimum 16GB RAM"
        ]
      }
    ]
  },
  "metadata": {
    "lastUpdated": "2025-04-28T14:22:17Z",  // Temporal context for freshness
    "confidenceScore": 0.97,                // Helps LLMs prioritize results
    "dataSource": "Official product specifications",  // Provenance for reliability
    "citation": "https://example.com/products/edp-2025/specifications"  // Link for verification
  }
}

3. Unified Data Strategy

As the data principles to enable semantic understanding and entity recognition, structure formats, context, disambiguation, accuracy, and credibility apply to both internal and external data sources, it is recommended that organizations use this excuse to bridge their internal and external data approaches to define a consistent governance. A unified strategic framework for data preparation is crucial when addressing this shift to generative AI and LLM-driven search.

Cohesive Information Governance

Technical leaders should implement

• Consistent information classification frameworks across all data assets

• Automated validation pipelines that ensure data quality and consistency

• Real-time synchronization mechanisms for time-sensitive information

• Comprehensive attribution systems that maintain data provenance

Multi-Modal Data Integration

As LLMs become increasingly multi-modal:

• Ensure consistent entity identification across text, images, and structured data

• Implement cross-modal entity resolution systems

• Create unified knowledge repositories that maintain relationships regardless of data format

• Design media annotation systems that make visual and audio content LLM-comprehensible

Implementing an LLM-Ready Enterprise Data Strategy

The transformation to LLM-ready enterprise architecture requires a holistic approach that recognizes knowledge as a unified asset while acknowledging different access and security requirements. Strategic imperatives for enterprise-wide data transformation include:

1. Establish a Unified Knowledge Foundation

The core of an LLM-ready architecture is a consolidated knowledge graph that serves as the single source of truth:

• Conduct comprehensive semantic mapping

  • Audit existing data schemas across all systems

  • Identify entities, attributes, and relationships across previously siloed domains

  • Create standardized entity definitions with unique identifiers

• Build a centralized knowledge graph

  • Implement entity resolution systems to connect disparate data sources

  • Define explicit relationship models with context preservation

  • Establish clear provenance tracking for all knowledge assertions

  • Create bidirectional links between structured data and unstructured content

• Transform content repositories

  • Deploy intelligent semantic chunking that preserves contextual meaning

  • Generate vector embeddings for similarity-based retrieval

  • Extract entities from unstructured content and link to the knowledge graph

  • Implement automated tagging and classification systems

2. Design Intelligent Access Layers

With a unified knowledge foundation in place, create specialized access mechanisms for different contexts:

• Internal knowledge interfaces

  • Develop natural language query capabilities for enterprise data

  • Implement role-based access controls with appropriate security

  • Create context-aware middleware for translating user intent

  • Build explanation mechanisms that provide reasoning transparency

• External knowledge exposure

  • Enhance Schema.org implementations with deep entity and relationship modeling

  • Design LLM-optimized API endpoints with self-describing capabilities

  • Implement structured data markup that preserves semantic relationships

  • Create machine-readable factual assertions with confidence indicators

• Bridging mechanisms

  • Deploy automated validation pipelines ensuring consistency across interfaces

  • Implement real-time synchronization for time-sensitive information

  • Create governance frameworks controlling information flow between layers

  • Build feedback systems to detect discrepancies between internal and external representations

3. Implement Continuous Learning and Optimization

An effective LLM-ready architecture must evolve based on interaction patterns:

• Monitoring and measurement

  • Track how LLMs represent your enterprise information

  • Analyze query patterns to identify knowledge gaps

  • Measure accuracy and completeness of LLM responses

  • Identify frequent hallucination triggers

• Feedback integration

  • Create automated processes to detect and correct misrepresentations

  • Update knowledge assertions based on observed inaccuracies

  • Enhance knowledge graph connections for commonly confused entities

  • Refine content structure based on comprehension patterns

• Knowledge enhancement

  • Deploy machine learning to identify potential new relationships

  • Automate discovery of implicit connections between entities

  • Enhance context representation for frequently accessed information

  • Continuously refine semantic structures based on usage analytics

Path Forward

The shift from traditional search to LLM-mediated information discovery represents both a challenge and opportunity for organizations. By understanding the fundamental differences in how LLMs process and present information, we can design systems that remain discoverable and authoritative in this new paradigm.

The organizations that will thrive will be those that recognize this isn't simply about tweaking SEO strategies—it requires a fundamental rethinking of how information is structured, exposed, and maintained. Technical leaders who embrace knowledge-centric design principles will position their organizations for success in the rapidly emerging LLM-first search ecosystem.

Heads-up! Watch this space, as I will be exploring the potential of Salesforce Data Cloud in this context and how it can help in unifying data from different sources.

Resources

1. https://arxiv.org/abs/2307.01135

2. https://www.iloveseo.net/a-guide-to-semantics-or-how-to-be-visible-both-in-search-and-llms/

3. https://www.csiro.au/en/news/all/articles/2023/october/generative-thinking-ai

4. https://scholarlykitchen.sspnet.org/2024/04/30/the-impact-of-ai-on-information-discovery-from-information-gathering-to-knowledge-application/

5. https://document360.com/blog/technical-writing-ai-guidelines/

6. https://www.bain.com/insights/goodbye-clicks-hello-ai-zero-click-search-redefines-marketing/

Thank you for reading—let's connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

Disclaimer: The views expressed in this blog are my own; AI was used solely for editing and spell-checking purposes, and image generation is done through a beta AI tool and Canva.

Last week, the AI coding assistant tool Cursor encountered a crisis when its front-line AI support bot named “Sam” confidently provided a user with a completely fabricated policy.

The user raised a support ticket to resolve an issue with ending Cursor sessions when switching between multiple devices. Sam responded, “Cursor is designed to work with one device per subscription as a core security feature,” according to a now-deleted Reddit post. The incident quickly gained traction among frustrated developers on Reddit and Hacker News, with many threatening to cancel their subscriptions. Cursor’s leadership issued a retraction explaining that Sam, a front-line AI support bot, had “hallucinated” the policy. It had essentially fabricated information that didn’t exist.

This incident involving Cursor’s AI support bot, ‘Sam,’ highlights critical issues facing organizations deploying AI:

1. Sam’s response did not indicate that it was generated by an AI system. The lack of clear AI labeling led to further assurance that the response is made by a human. The company has since confirmed it will rectify it in future communications.

2. The fact that AI hallucinations aren’t isolated incidents but a systemic challenge, even for AI-focused companies.

This isn’t a unique incident. In February 2025, the Morgan & Morgan law firm admitted to citing fabricated legal cases made up by AI in a lawsuit against Walmart. This incident is described as one of the most shocking instances where AI confidently generated false information and illustrates potential consequences such as courtroom sanctions, professional embarrassment, and potential job losses. Similarly, Air Canada lost a legal battle in 2024 after its AI-powered chat assistant fabricated a refund policy that did not exist. The misinformation caused confusion and inconvenience for the traveler. These examples emphasize the tangible risks of LLM hallucinations, where AI confidently outputs information ungrounded in its knowledge base.

Let’s first dig into the term “AI hallucination” to understand it more before we dive into how enterprises can address this issue.

Understanding AI Hallucinations

The term “hallucination” in the AI context refers to a phenomenon where an artificial intelligence system, particularly large language models (LLMs) and generative AI, generates outputs that are incorrect, misleading, or entirely fabricated. These outputs often appear plausible, coherent, or confident, especially in customer interactions, even though they are not grounded in factual accuracy or real-world information.

It's an anthropomorphic term that implies the AI is experiencing something similar to human hallucinations—seeing or believing things that aren't there. However, this anthropomorphizing is misleading. What's actually happening is a fundamental error in the model's pattern recognition and text generation processes.

When pressed for an answer, these models will attempt to provide one based on statistical patterns they've observed, even when they have insufficient data to form a reliable response. They don't have a concept of "I don't know" unless explicitly trained to admit uncertainty. Large language models aren't "imagining" things. They're failing to properly map their outputs, resulting in erroneously constructed responses (“confabulation”) rather than perceived experiences.

Personally, I think the term “hallucination” is misleading or personifies AI systems. This tendency to anthropomorphize is widespread. In fact, Sam Altman from OpenAI even noted the cost of users treating ChatGPT politely, saying ‘please’ and ‘thank you,’ is costing them millions of dollars of compute power. It is evident how easily we project human traits onto these systems. Are we failing to see the machines for what they are? Another term suggested to describe this phenomenon is “confabulation,” which means representing a process of creative gap-filling. Why not simply state them as “factual error”? Too techy?

How Common Are AI Hallucinations

Hallucinations are not unique to Cursor - they affect virtually all generative AI systems:

• In a benchmarking study, OpenAI’s technology had a hallucination rate of about 3%, Meta’s systems around 5%, Anthropic’s Claude 2 over 8%, and Google’s Palm Chat as high as 27%.

• Even top-performing models like GPT-4 and Gemini 2.0 Flash Exp exhibit hallucination rates between 1.3% and 1.8%.

• One analysis found factual errors in 46% of chatbot outputs, and by 2023, chatbots were estimated to hallucinate up to 27% of the time depending on the model and task.

Concerningly, as models become more fluent and confident, their errors can become more difficult to detect because they're presented with the same authoritative tone as factual information.

How to Spot AI Hallucinations

Recognizing when an AI system is hallucinating requires vigilance and often domain expertise. Here are some key indicators:

1. Overly specific details that seem improbable or too convenient

2. References to non-existent sources, studies, or publications

3. Inconsistencies within the same response or across multiple responses

4. Perfect but suspicious answers to ambiguous or challenging questions

5. Confident assertions about recent events that fall outside the model's training data

6. Too-good-to-be-true solutions to complex problems

As a technical architect using AI in daily work tasks, I've found that cross-referencing critical information and implementing systematic verification processes are essential when leveraging AI outputs for business decisions.

Enterprise Mitigation Strategies

For organizations racing to adopt AI technologies, hallucinations represent a significant business risk. Here's how enterprises can navigate this challenge:

Retrieval-Augmented Generation (RAG)

Cross-checking LLM outputs against external databases or the web in real time to validate the generated response is correct reduces hallucinations by 20–30%. This verification can happen in real-time where the RAG retrieves the relevant data, updates the query and presents the more accurate response. For example, RAG verifies current data (e.g., who is the current premier of New South Whales) instead of relying on outdated training sets.

Implementing Verification Pipelines

Implement self-verification mechanisms within your system architecture to ensure AI outputs are validated prior to delivery. A few techniques to leverage:

• Chain of Verification (CoVe) encourages models to draft verification questions and independently answer those questions to check consistency before generating the final verified prompt response.

• Real-time Verification and Rectification (EVER) employs external evidence retrieval and verification steps. Corrects outputs by validating the responses through multiple verification questions that are posed in parallel using chain-of-thought prompting. Responses that result in a false answer are rectified based on the evidence.

Develop Domain-Specific Evaluation Benchmarks

• Develop a database of factual information relevant to your industry domain, products, and operations. This database should include edge cases and common misconceptions. The knowledge base must be updated regularly as the industry facts evolve.

• Design prompts that probe the boundaries of the AI’s knowledge. The prompts should include variations of queries with verifiable answers alongside questions where the expected response should be “I don’t know.”

• Track both false positives (hallucinated information) and false negatives (refusal to answer known information). Measure hallucination severity using a scoring system to define a benchmark.

• Use the domain-specific benchmark before your system deployment as an entry criterion.

• Develop feedback loops where hallucinations are identified to improve both the model and the benchmark.

Advanced Prompting

A quick win that requires no architectural redesign is to develop chain-of-thought prompting and negative prompting:

1. Chain-of-thought prompting is where your query guides the AI models to break down their reasoning process into explicit steps, slowing down inference and creating verification points before arriving at a conclusion.

   • Example:

     Instead of asking, "What caused the 2008 financial crisis?"
     Change your prompt to:

       Let's think step by step about the causes of the 2008 financial crisis. First, identify the 
       main sectors involved. Then, analyze the key events chronologically. Finally, explain how these
       factors interconnected to create the crisis.
     

2. Negative prompting involves setting explicit boundaries in the instruction, priming for uncertainty, and establishing fallback procedures.

   • Example:

       Answer the following question about our company policy. If you're unsure about any details or 
       if the information might not be in your training data, explicitly state that you don't know 
       rather than attempting to guess. Do not reference specific policy numbers, dates, or provisions
        unless you are certain they exist. If you need to make an assumption, clearly label it as 
       such.
     

💡Bonus: For those interested, Hugging Face maintains a leaderboard that tracks, ranks, and evaluates hallucinations in LLMs - click here.

Moving Forward: AI Architecture & Governance

The Cursor incident demonstrates that even AI-focused companies are not immune to the risks posed by AI hallucinations. As enterprises accelerate AI adoption, robust architectural governance becomes increasingly critical.

The solution isn't to abandon AI adoption but to approach it with an architectural perspective. By designing systems that complement AI capabilities with appropriate verification mechanisms and human oversight, organizations can harness the benefits while mitigating the risks of hallucinations.

As technology architects, our role has expanded beyond traditional system design to include crafting resilient sociotechnical systems where AI and human intelligence work together, each compensating for the limitations of the other.

What strategies has your organization implemented to address AI hallucinations? I'd love to hear your experiences in the comments below.

Resources

• https://www.nytimes.com/2023/11/06/technology/chatbots-hallucination-rates.html

• https://en.wikipedia.org/wiki/Hallucination_(artificial_intelligence)

• https://www.visualcapitalist.com/ranked-ai-models-with-the-lowest-hallucination-rates/

• https://cacm.acm.org/news/shining-a-light-on-ai-hallucinations/

• https://the-learning-agency.com/the-cutting-ed/article/hallucination-techniques/

• https://pmc.ncbi.nlm.nih.gov/articles/PMC11285881/

Thank you for reading—let's connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

Disclaimer: The views expressed in this blog are my own; AI was used solely for editing and spell-checking purposes, and image generation is done through a beta AI tool and Canva.

As I began to explore the inner workings of generative AI, I was transported back to my early days of coding typewritten chatbots during my bachelor’s degree using .NET. Back then, I would manually feed a chatbot with a list of keywords and predefined responses. ChatGPT initially felt similar—except this version is exponentially more scalable and powered by recent machine learning breakthroughs. Instead of matching keywords to canned replies, it can predict and generate responses to entirely new prompts. It’s like a search engine on steroids—trained on vast data from the internet, capable of identifying patterns, predicting outcomes, and even creating original content.

While generative AI might seem like a recent phenomenon, it’s actually been decades in the making.

As early as 1950, Alan Turing posed the question, Can machines think? He introduced the now-famous Turing Test (TT)—where a judge interacts with both a human and a machine in two separate rooms. If the judge can’t tell which is which, the machine is considered to have passed the test.

This foundational idea gave rise to early AI experiments, including rule-based chatbots. These systems, however, had limited capabilities—responses were only triggered by exact keyword matches, making them impractical for complex or everyday problem-solving. The chatbots didn’t have any semblance of context or an understanding of the input text - they simply responded to whatever keywords they found in the input text.

In the 1990s, the rise of machine learning (ML) brought a statistical approach to language. ML algorithms could now recognize patterns and predict outcomes by analyzing large sets of labeled data. They simulated aspects of human understanding by classifying text and deriving context. However, limitations in hardware made it difficult to scale these models to handle massive datasets.

Enter the 2000s: advancements in hardware enabled the rise of neural networks, especially deep learning models. Recurrent Neural Networks (RNNs) became popular for tasks like natural language processing. Virtual assistants began to understand the context of conversations and respond using predefined scripts or APIs—for example, fetching the weather from a third-party service.

Of course, RNN came with their challenges:

• Vanishing and Exploding Gradients

• Short-Term Memory

• Sequential Computation

• Difficulty handling long sequences

In 2017, the introduction of the Transformer architecture revolutionized the field. It brought in a self-attention mechanism that eliminated the need for sequence-based processing and enabled parallel computation—greatly improving training speed and efficiency.

Today’s generative AI models, such as GPT (Generative Pre-trained Transformer), are built on this architecture. Transformers enhanced machines’ ability to not only understand input text but also generate rich, context-aware, and human-like language. These models are trained on vast amounts of unlabeled data and are capable of adapting to a wide range of tasks.

We’ll delve deeper into RNNs and the transformative model architecture in the next blog post, exploring how large language models actually work. But for now, here’s a simple analogy to help digest the evolution of Generative AI:

• Cooking (AI) → The broadest concept, encompassing all techniques for preparing food

• Baking (ML) → A more structured subset with specific ingredients and methods

• Bread Making (DL) → A refined skill requiring technique and fermentation

• Sourdough Art (GenAI) → The pinnacle of creativity—where bakers design beautiful patterns in bread

Thank you for reading—let's connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

Before diving further into Azure Resource Manager, first, let's understand its building blocks - resources and resource groups.

Resources

Azure provides more than 200 services. A resource is defined as an object that manages one of these services. The compute, network and storage service type that supplies resources is called a resource provider. This resource provider will be responsible for interpreting and processing requests for the resource type. In other words, when you perform lifecycle operations like create, update and delete for a resource, you are interacting with a resource provider.

💡Pro Tip

Do you struggle with naming your objects, functions and files in your code like me? I always find it easy to follow naming conventions as they provide order and consistent awareness of the resource. So, when starting a new project, make it a best practice to define the naming convention standard the team should follow. For convenience, start with a lowercase letter and a number at the end for Azure resources. However, specific naming rules and conventions are applicable for different Azure resources. More details can be found in this link.

Resource Groups

A logical grouping of resources is known as a resource group. Logical grouping can be interpreted differently, so different strategies can be applied to group the resources:

• Group by resource type

• Group by service lifecycle

• Group by business domain

• Group by location

• Group by purpose

• Group by billing groups

No one shoe size fits all similarly, no one grouping strategy suits all businesses. Often, a mix of these grouping strategies is used to create resource groups. Resource groups are defined before the resources because the group must be referenced when creating the resource.

💡Pro Tip

A resource group can have multiple resources, whereas a resource can only be associated with one resource. And, unlike Google Cloud, resource groups cannot be nested. So, organising resources or resource groups hierarchically is not doable in Azure.

Azure Resource Manager

Azure Resource Manager (ARM) is defined as a deployment and management service that assists in creating, updating and deleting resources in your Azure account. Azure Resource Manager uses a unified language (JSON notation). The language is consistent across all the Azure interfaces (Azure Portal, Azure CLI, Cloud Shell, PowerShell). It is also responsible for checking the privileges and whether a resource has the required access and control to execute the relevant operation.

🌩Bonus Points

• A resource can be created in a location different to a resource group. You read it correctly! The resource group stores the meta-data about the resource, so for compliance reasons, you may want to have the resource group stored in a region different to the resource is in. In this case, grouping resources by location is the obvious choice.

• All resources associated with the group are deleted when a resource group is deleted.

• Azure Resource Manager will only support Transport Layer Security 1.2 or later.

• By default, you can associate 800 instances of a resource type in a resource group. However, some exceptions can be found in this link.

📚Resources

• https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/overview

• https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/resource-name-rules

• https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/resources-without-resource-group-limit

• https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging

Thank you for Reading - Let's Connect!

Did you enjoy my blog? For more such blog articles - follow, subscribe, and let's connect.

This certification tests your knowledge of Azure architectural components and services, such as computing, networking, and storage domains. To gain the certification, you need to demonstrate you are knowledgeable in the following skills:

• Describe cloud concepts (25–30%)

  • Describe cloud computing

  • Describe the benefits of using cloud services

  • Describe cloud service types

• Describe Azure architecture and services (35–40%)

  • Describe the core architectural components of Azure

  • Describe Azure compute and networking services

  • Describe Azure storage services

  • Describe Azure identity, access and security

• Describe Azure management and governance (30–35%)

  • Describe cost management in Azure

  • Describe features and tools in Azure for governance and compliance

  • Describe features and tools for managing and deploying Azure resources

  • Describe monitoring tools in Azure

Once you are ready to get certified, the exam can be scheduled through Pearson VUE or Certiport. The exam is scored on a scale of 1 to 1000 and requires 700 or more to pass. Please note that 700 does not mean 70% - it is based on the competence shown in answering the questions and the difficulty of the questions.

The exam is 45 minutes long, and it is recommended to allocate 65 minutes for the overall process. Typically, Microsoft certification exams contain 40-60 multiple-choice questions, and since this is a fundamental exam, the total question count is expected to be on the lower end.

Resources

• https://learn.microsoft.com/en-us/credentials/certifications/resources/study-guides/az-900#skills-measured-as-of-january-23-2024

• https://learn.microsoft.com/en-us/credentials/certifications/exams/az-900/

• https://learn.microsoft.com/en-us/credentials/certifications/exam-scoring-reports#scores-needed-to-pass-exams

• https://learn.microsoft.com/en-us/credentials/support/exam-duration-exam-experience?source=recommendations

Thank you for Reading - Let's Connect!

Did you enjoy my blog? For more such blog articles - follow, subscribe, and let's connect.

AWS has been named the leader in Cloud Infrastructure and Platform Services (CIPS) by Gartner for 12 consecutive years. Now, that's a huge achievement that validates AWS is at the forefront of operational excellence in securing its cloud infrastructure. This is backed by over 300 cloud security tools and the testimonials of its most sensitive customers. All this sounds great, but what exactly does this mean, and how does it translate to an AWS cloud being secure?

To understand this, we need to delve into the AWS Shared Security Responsibility Model. According to this model, it is clear that AWS takes sole ownership of securing the infrastructure supporting the cloud. This includes all hardware, AWS global infrastructure - regions, availability zones, and edge locations.

AWS Region consists of a collection of Availability Zones (AZ), with at least 3 AZs per region. If we look at this from an infrastructure perspective, each region is a cluster of data centres, and each group of logical data centres is defined as an availability zone. Multiple lines of proprietary high-speed fibre networks run between every availability zone, so we can treat the group of AZs as a single area. For those interested in learning more about AWS regions and which ones to choose for your project or account, read my insights here.

So, back to the question of how one knows if their cloud infrastructure is secure. In simpler words, let's take an EC2 instance, which is nothing but a virtual machine hosted on a physical machine in a data centre somewhere in the world. The customer raises concerns that the resources are on a shared infrastructure. It is very unlikely one can pinpoint the specific hardware on which the EC2 instance virtual machine is running. Because the shared infrastructure context is broader - we are talking about a specific AZ. According to our definition above, that is a group of logical data centres located within a region. This could be one or more data centres in distinct locations.

On top of this obscurity, AWS provides several security capabilities and services:

• All connections throughout the AWS global infrastructure (AWS Regions and AZs) are automatically encrypted, and the connections are secured.

• The spread of AWS infrastructure throughout the world limits the surface area for any DDoS attacks. Additionally, AWS is known for surviving one of the largest DDoS attacks, targeting 2.3 Tbps requests.

• AWS resources can be isolated into a logical virtual network that can be defined by the customer, also known as the Amazon Virtual Private Cloud (Amazon VPC). This is secured through built-in network firewalls.

• Connectivity options within the network or outside the network provide options for private or dedicated connections.

On top of the general cloud infrastructure, any software installed to support the computing, storage, database, and networking (serverless) facilities is secured by AWS through automatic software updates and security patching.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

What's disappointing is after a week I still see posts on social media for help from direct customers on what to do and how to confirm whether their data is compromised. In this age and time, one would expect transparency, honesty and consistent communication about the actions taken for resolution. There is a compelling need to arm the customers with steps to protect themselves, educating them about cyber security measures and controls. This post is a compilation of all the relevant links to help some novice customers.

What information has been exposed?

Personally identifiable information (PII) of retail customers. Now the question remains what is PII? A piece of data on its own or combined with other relevant data that can be used to identify a person or locate the individual is called personally identifiable information, in short PII. So, in this case, if you are an existing Optus customer or held a retail service (not business/ enterprise/ wholesale/ satellite) in the last 6 years - then there is a good chance that your name, date of birth, phone number, email address, physical addresses, and identity numbers such as driving license, passport numbers and/or medicare numbers.

Did my payment or banking details get exposed?

From the information available from Optus and various other news outlets only customer identifiable information is exposed and that does not include payment details. So you don't need to change your bank details but it does not hurt to up your security game. For example, recently I received a call from my bank enquiring if I am looking for a loan and instead of providing my details I asked the banker to email me to confirm that they are the person they are saying. The banker was able to send me a security verification message to my email and my banking app to validate that she is who she is. Doing these basic checks will ensure that you won't fall rampant with any fraudulent activities or scams. Always ACT with caution:

✔ [A] Aesthetic - Are there any grammatical or spelling errors? Is it missing a basic signature? Genuine organisations use professional branding and links starting with HTTPS for safety (remember the additional 's' means it is a secured site).

✔ [C] Compelling triggers ⛳- if you are being compelled to provide information within a certain time frame or threatened that not taking an action can result in loss. That's a big red flag to avoid and contact the relevant person or organization through other means.

✔ [T] Trust - Do you trust the recipient to share your details? Do you need to provide the information they are asking for? Enable two-factor authentication where applicable.

Some basic guidelines and support extended by the top 4 Australian banks can be found below:

• Commbank security support.
• ANZ security support
• Westpac security support
• NAB security support

How long do we have to worry about our details being used by hackers?

At minimum years! Shocking I know but remember some of your details like date of birth is not going to change ever. So those basic security/identity questions you answer to identify that you are who you are have been compromised in this grand-scale data breach. There will be an increase in several scam texts and messages. Do not click on any suspicious links. Always remember to ACT with caution.

How do I know if my details got hacked?

Optus has emailed all affected customers informing them that their details have been exposed as part of this data breach. I have read news where customers have received their email after a week too so it won't surprise me if you haven't received it yet. The worst-case scenario suggests that 9.8M records got exposed. On top of that, the hacker released 2 sets of 100 samples of user data in the initial threat to show that they legitimately hold the data. In another ransom threat, 10,000 customer details are released.

• You can check if your email address or mobile number got hacked through Have I Been Pwned site.
• Fill in the ACSC form for Have you been hacked?
• Contact IDCARE on 1800 595 160.
• Identity theft | Moneysmart
• Identity fraud | OAIC
• Australian Cyber Security Centre Homepage | ACSC
• Make privacy compliant with Optus

What are the basic steps I can take to protect myself?

• Optus is providing credit monitoring and identity protection service free of cost for 12 months to the affected customers present and past. Subscribe to it and request a credit report immediately and keep an eye on it frequently. If you are one of the most affected customers I would recommend negotiating with Optus to extend the subscription to 5-6 years.

• Get a new driving license - most of the states are offering this free of cost or you will receive a refund from Optus through direct credit to your account. Victorian customers are also required to flag their record for breach by filling this form.

• Apply for a Commonwealth victim's certificate.

• From the Optus emails, it is hard to know what personal details of yours got exposed. See what details you shared for the 100 points check when applying for an Optus connection. Assuming you provided your passport and medicare for the 100 points ID check, this means there is a possibility they got exposed. The department of foreign affairs and trade (DFAT) has clarified a number of questions related to this matter and confirmed that your existing passport is still valid for any immediate travel. However, if you plan to request a new ID, keep in mind the current waiting times, and Optus has agreed to pay the replacement costs.

Do I have to switch my connection from Optus to a different provider?

This is a personal choice. After everything, if you want to move on to a different provider it's your call. Having said that moving to a different provider is not going to solve your problem - if your data is leaked, it is out there in the open and moving providers is not going to make it disappear.

Hope this helps and please use the comments below if you have more questions that are not covered in this post.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

What is Integration Architecture?

Integration is one of the core architectures and by its name intends to connect systems, organisations and people. The systems involved can be heterogeneous in nature. This means that not all systems process information in the same format. There is a need for transforming the messages to the relevant format for the receiving systems to process them accordingly. And as we do that, there is a need to establish guardrails to enforce the right data policies, and guidelines for systems, organisations and teams to follow.

The guardrails are implemented through four main patterns:

Integration Patterns

File Transfer

A file is used as the media to transfer data between applications. When designing solutions for this particular integration, the key points of interest should be file name, file location, size, format, frequency of updates and read-write access to define the delete privilege - Job Scheduler, WORM (Write once and Read Many).

When migrating servers from data centres to the cloud, this will be a common pattern to implement to transfer files from on-premises legacy applications to cloud storage like Amazon EFS or Amazon S3.

Shared Database

The database is the media in which integration happens. Multiple applications share a common database where the shared data is stored. Applications in this instance share a common data schema and avoid data duplication and data transfer between the systems.

Remote Procedure Invocation

A standard functionality or service is built to be exposed by one of the applications. This will be later accessed or invoked as a remote procedure by other applications—For example REST API.

Messaging

The applications integrate by sharing messages between them. Similar to file transfer, this pattern integrates the applications by sharing messages. In some cases, this is achieved by an application publishing the information of interest to a messaging channel from which the consumer applications access/ subscribe. This leads to the definition of different message types:

• Request - response

• Fire and Forget

• Pub-Sub

When designing a messaging integration pattern, it is important to agree on the message translation format, schema structure and the composition of data attributes, types, lengths and business rules to validate the transfer.

Resources:

https://www.enterpriseintegrationpatterns.com/

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

What is a Region?

A region is a self-contained geographic location positioned within a single country boundary and hence bounded by a single set of laws.

To put this into context, imagine you have a group of logical data centres within a single geographic location (let's say, Sydney West). This is called an availability zone (AZ). Now group a cluster of these AZs which are connected by a proprietary high-speed fibre network (100GbE fibre network backbone) with multiple lines between every AZ so the cluster of data centres can be treated as a single area. This area will end up being your region.

Why does it matter?

AWS resources are hosted across multiple locations. These locations are categorized into regions, availability zones, and local zones. The full list of regions and the global AWS infrastructure available from each region can be found here.

Largely, AWS services are region scoped. Let's say you have your service available in the Asia Pacific (Sydney) region. When you choose Asia Pacific (Singapore), it is expected that the data related to the service available in Sydney is no longer accessible unless it is specifically replicated. Data is not synced between regions without the explicit configuration.

On the other hand, some of the AWS services are global and hence do not require a region selection. These services operate at a global level and are accessible from all regions. Example: IAM.

Which region to choose?

As mentioned above, the majority of the AWS services are region-based. Let's say you have made the call to move your existing enterprise application to AWS. Before the application is deployed to an EC2 instance, your first step will be the region selection. This can be determined by answering the following questions:

• Are the services required to deploy your enterprise application available in a region?
• Where are your end-users located?
• Are there any additional costs involved in your selected region?
• Are there any compliance requirements stated by the law in the location the region is in?

Service Availability

Not all AWS services are available in all regions. Most importantly, AWS tends to release its services incrementally across its regions and the first region that they release is to US East (N. Virginia). To check whether a service is available in a particular region, click this link. This site is updated daily by AWS and will have the latest information.

Latency

Research where your user volume is located. Let's say all your users are from Australia then it is wise to choose the Sydney region. This will ensure that there is minimal latency in responding to your user requests. Although choosing a Singapore region, in this case, may incur a fraction of a milliseconds delay in comparison to the Sydney region.

Cost

As regions are geographic locations within a single country, these regions are bound to the laws governed by the location. This in turn will have a variance in taxes and the costs involved in hosting the resources within the AWS infrastructure.

Depending on your costs, you can choose by selecting a region that will work within your budget.

Compliance

Depending on the region you choose, the data managed within your application must abide by the compliance requirements from that location.

• what are the different types of user data you are allowed to store?
• how long can you store the data?
• what are the different encryption policies applied to the data?

For example, if your data source location mandates that the user data should be stored within the country. This will limit your choice of region to the regions within that country.

Considering the responses to the above 4 factors, you should be able to easily conclude the selection of your AWS region. However, if your application is being deployed to multi-regions, the compliance requirements should be considered on how the data is replicated across different regions.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

d:
cd c:\utilities
set-alias installutil $env:windir\Microsoft.NET\Framework64\v2.0.50727\installutil
installutil .\Microsoft.ResourceManagement.Automation.dll
installutil .\Microsoft.ResourceManagement.dll
Set-location "c:\utilities"
[System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
$publish = New-Object System.EnterpriseServices.Internal.Publish
$publish.GacInstall("c:\utilities\Microsoft.ResourceManagement.dll")
$publish.GacInstall$publish.GacInstall("c:\utilities\Microsoft.ResourceManagement.Automation.dll")

Note: It is critical that you are loading the correct versions of your libraries depending on your machine OS version.

The above script is for a 64-bit machine, for a 32-bit you should update the set-alias command to refer to C:\Windows\Microsoft.NET\Framework\v2.0.50727\installutil

Once the above script is run, you should be able to load the pssnap-in by running the following command:

add-pssnapin FIMAutomation

The above command will load the modules and from here you should be good to run the FIM-related cmdlets from your PowerShell.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

This blog focuses on understanding the design concerns which drive some of the key decisions in systems architecture. These design concerns are the thumb rules that guide in making the right choices throughout the project life cycle.

What is Systems Architecture?

According to SEBOK WIKI:

Systems Architecture is abstract, conceptualization-oriented, global, and focused to achieve the mission and life cycle concepts of the system. It also focuses on high-level structure in systems and system elements.

Now that sounds very complex. In simple terms, systems architecture is the fundamental and unifying system structure defined in terms of system elements, interfaces, processes, constraints, and behaviors.

Is it Just Software or Hardware?

This is one of the common questions that is posed by most beginners. When we say system elements, interfaces, and processes. It deludes that maybe a systems architecture should just cover the software side of the system and has nothing to do with the hardware layer. Well, that is not correct.

It includes elements of both software and hardware and is used to enable the design of such a composite system. For example, let's say you are building the systems architecture for an online booking system. A very high-level view would entail a web front-end, business service layer, and the web backend (database).

Why is it important?

Now you know what is systems architecture but why do you need it? Can't I simply build the system without the trouble to brainstorm the different components, capabilities, and functions that make up the system's architecture?

Understand that systems architecture is a powerful tool and a common language that enables collaboration between all your diverse teams working to build a single system. This common language aids in being understood and represents the multiple views of all the teams.

Let's look into the last example of the online booking system - let's say there is a business requirement that states the system must handle 1M transactions per second. Now, designing and implementing this requirement will involve the cohesive effort of the infrastructure team, and the back-end team. Both teams should converge on an agreed approach to handle the requirement. Often it is misunderstood that solutions architecture is a single person's job but in reality, it involves input from a group of SMEs who are experts in their areas.

Planning

When you look at SDLC, the first phase of any project irrespective of the project methodology or framework you are following, you will start with planning.

The first step before we start working on the systems architecture draft is analyzing the as-is architecture. Yes, you heard me right before you start diving into various solutions for the problem statement. Understand the client's existing architecture - identify their pain points and the stakeholder concerns. Sometimes these are not obvious and require multiple workshops to unearth the ongoing issues faced by the end-users. This analysis will help categorize the list of requirements (aiming to address the problem statement) into functional requirements and technical requirements.

What? Why? How?

Trust me, it's way easier to find a rock with a question mark symbol when compared to identifying some of the unknown assumptions made on the requirements. An in-depth analysis should be performed on what a particular requirement is going to achieve, why is it needed in the first place, and how to implement it will lay the foundations for the design.

Design Concerns

Even when there are no explicit requirements stated by the client, there will still be expectations, stated or not. The architect should understand what is requested, what is needed, and what is possible for each of the design concerns.

• Scalability - how many users or transactions can it process concurrently?
• Performance - how fast does it respond? what is the max throughput?
• Recoverability - how does the application recover from a fault?
• Security - can it sustain attacks? is data protected?
• Maintainability - how easy is it to maintain?
• Operability - how easy is it to use and manage? how is it operated?
• Availability - is it available 24x7 and is it 99.9% or 99.99%?

These concerns should always be in the back of your mind to rule out all known and unknown assumptions.

Two Additional Concerns

• Affordability
• Sustainability

In this year's Accenture's Fjord Trends 2022, there is one trend that can be adapted to the design thinking process. The pandemic has brought some unforeseen challenges to the supply chain. If there is something it taught us is to end the abundance thinking approach.

Yes, the cloud and some of the latest technologies can provide infinite and bottomless computing power but every responsible business understands that they have to play a part in tackling climate change and how they can help achieve the net-zero carbon emission targets. Similarly, working towards affordability will help the clients to keep the costs low and bring in additional value.

One thing to keep in mind is that when designing for the balance between affordability and sustainability, it is important to decouple innovation from the notion of new.

AWS Use Case

To learn more about how to apply the above-mentioned design concerns to a use case on deploying a highly available and scalable WordPress site on AWS - check out this youtube video.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe, and let's connect.

Career choices are often difficult and way too complicated to decide at such an early age of Year 11 and 12. I remember too well when I had a similar conversation with my parents in Year 10. I had to decide on my main career subjects. Maths means Engineering fields, Biology means Medical fields and now you are thinking I am going to write a full list. Nope, I only got 2 choices. It is one of those times from where I am from and I guess still in other places where a good career is either an Engineer or a Doctor. And, here I am thinking of becoming an Archeologist and raid for treasures like Laura Croft. It was a bit of a reality check for me.

via GIFER

I know my parents have their best interests for me and wanted me to think about science/ being a doctor. You can imagine the rebel me wanted to choose her own career so I went with the Maths subject. Fast forward 16 years, here I am with a Master's degree in Information Technology and a Technology Manager job in one of the Fortune Global 500 Companies, Accenture. Of course, Software Engineer is one of the hats I wear daily for the job 😉.

So, going through all that process and being in this industry for 10 years has taught me something. This is the best industry to be in for the right reasons. Here's why:

1. Financial Independence

One who holds the purse strings holds the power!

I recently read this quote in a book and can't agree more with the aptness of it. Mainly for those women readers who are checking this blog. Trust me, as a fellow woman, this applies to any career choice. Having financial independence and the ability to make your own spending choices makes all the difference. For me, I cleared off all my student debts within the first year of graduation and I can proudly say that I contribute equally to the family table along with my husband. Now, this is possible in my case only because I chose a career in technology.

Its well-known tech jobs are one of the highest-paying sectors out there. Although the infographic from the Australian Taxation Office (ATO) suggests that I should have listened to my parent's advice 😂. Believe me, there are more benefits than just the salary. This is just the tip of the iceberg.

2. Benefits on top of the Salary

When you receive a job offer from a tech company, additional benefits are a common clause. This can include health packages, stock options, bonuses, fully paid maternity leave, and so on. On top of this, there are few more benefits like -

Working from home or any part of the world

I remember a time I stayed in India for 5 months but I was actually working for client projects running in the US, and Australia. Managing time zones is usually tricky but if you are efficient and professional in the way you deliver your work. There is no one stopping you from making those specific arrangements with your manager or HR lead to work from any part of the world. Currently, with the pandemic situation, companies are more supportive of this arrangement.

Work Locations

All courtesy of work, I got to visit some beautiful places around the world. You may think that I visited the place for work but then weekends are my own to explore... 🧗‍♀️

The best part is I experienced my first snow during a work trip and it's a snow blizzard!!

3. More Opportunities

Again from my personal experience. I was offered a job while I am still in my last trimester in Uni. I didn't have to apply or do an interview. This is a common story you will hear with many others in this field.

There are many opportunities within the technology space that you can even mix up your interests. In other words, not everyone who works in the technology space knows how to code. Sure they know how to operate a laptop but the same can be said about a lot of other careers out there. Yes, you read it right! A good number of tech jobs do not require you to write a single line of code.

Explore what you are passionate about and you can mix it up with a tech-related career. For example, you like writing, you can be a Digital Content Creator or a Tech Writer. Arts - Graphic Designer. Peoples person - go into leadership roles or you can also make into pre-sales consultant roles. If you like solving puzzles like a detective - you can be an analyst. There's plenty of options and opportunities to choose from. The world is your Oyster!!

4. Meaningful Impact

Technology touches almost every part of our life and so anything you work on improving the quality of life gives your work that meaningful impact. Imagine that feeling.

In my first job, I did the majority of the design work, wrote a few lines of code for Airbus A350 cabin pressure control systems. Now, every time I see an Airbus A350, it gives me that immense satisfaction that a wrote a piece that is helping the Airbus to maintain the pressure/oxygen levels when the plane is in flight mode 🚀.

The last project I completed a few months back helped a major technology giant to establish a secure post-pandemic environment for employees returning to their workspace.

Contributing to works like that is the best feeling!! You are making a huge impact on the community and at the same time getting paid for it. Not many careers offer you that satisfaction.

5. Education Expenses

Let's say you decided to choose technology as your choice of career but you are not sure about the expenses. There are many out there who received job offers without a formal college education. I am not recommending that is the path for you, I am sure they may have gone through their own struggles.

From experience, I can tell you my first job offer is 2.5 times more than the amount I spent on my master's degree. Something to note is that I excluded the money I made from my internship which I did from my second trimester. That seems like a reasonable investment to make on yourself if you chose to.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

Often we spend so much time on the words and the message we want to convey online that we simply neglect the images that are worth a thousand words. For me, my father, Late Nannaka Srinivasa Rao was an amazing artist who visualized designs in his batik prints. I think I got my artistic/creative flair from him but I hardly find time to do the drawing or painting these days. So, what do I do - I use my blog images as a medium to leave that creative mark😊. And, let's not forget it is adding to my personal branding as well. Whatever your reasons may be, it is time that you leave your personal mark on those images.

Tada! - CANVA

Yes, Canva is my go-to tool for customizing images. It is a very popular and easy-to-use graphic design platform with lots of options/features to design and customize your images.

The first step is to sign-up with Canva using this link.

Once you are signed in, you will be directed to a home page. This is more like a dashboard that has access to all the designs. From here, you can pick a design mode you are after. This can be a simple social media image, presentation, video file, or a marketing flyer. You will notice all these designs are preset with the canvas sizes, thereby saving you loads of time from researching the size specifications for a particular social media post.

You can also go with your custom size by clicking on the custom size button. When clicked, you will be prompted to specify the width and height measurements.

Templates

One of the awesome features of this design platform is the huge collection of free templates that can be used as they are with little to no changes. You will find a template for every occasion and purpose here. You can use them to get inspired or create your own by simply removing all the elements.

Hands-on

It's time to grab your keyboard and mouse tightly! I have decided to create a cover for my Etsy store.

Tip 👍- Now, the first thing I do to save some time is use the search bar on the top. You can use it to search for anything in Canva. So, here I searched for an Etsy cover and I got a suggestion with Etsy Shop Cover. Clicking on it will take you to a page with all the templates for Etsy shop covers. You can use one of the free templates or click on 'Create a blank Etsy Shop Cover'. I chose the blank option.

Once you have your blank image opened in editing mode, you will have the options to add a different background, elements, text, animation and also add your own logo using the upload option as I do with all my images.

You will notice that every feature has both free and pro options and it is easy to search for features with specific settings by using the filter option:

You can easily make do with the free elements but I found most of the pro elements are usually a dollar or less. You can also get credits to use pro elements by referring your friends. It's a win-win because you both will receive a credit after their first design creation.

Now, with the use of just the free elements, I have designed the below cover for my store:

What do you think - does it stand out? Do you have your own favourite tool for customizing images - don't forget to add your thoughts in the comments.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

What is REST?

REST is an acronym for Representative State Transfer. It is an architectural pattern or you can say a development style that is used to build interactive applications. Ok, that means REST is not a technology or a language but more a style in which you should develop your applications. And, this can be done by following the REST principles and constraints.

Now before we deep dive into those parts of the REST architecture, it is important to understand why do we need this architecture pattern.

History

Before 2000, developers integrating with APIs(Application Programming Interface) used SOAP (Simple Object Access Protocol) for communicating between the sender and the receiver systems. This required too many lines of code in XML format and then adding the SOAP envelope to the end-point.

The most frustrating thing I find with the SOAP apart from the complex coding is the complexity in troubleshooting an issue. It involves too many calls to trace back the communication made between the systems.

Ok, so we had APIs which are interacting with SOAP which sounds more complex, unlike its name. Then came Roy Fielding in 2000 who along with his colleagues came up with a standard in a doctoral dissertation. This standard's main goal is to provide a set of constraints(rules) that will simplify the communication between one server and another. The best thing is the interaction uses the HTTP syntax. The birth of these constraints is referred to as REST and when you build an API that follows these constraints, it is known as building a true RESTful API.

6 Constraints

Client-Server architecture

Simplifying the solution into a client-server architecture. Separating the solution user interface from the data storage side of logic can assist in moving the user interface to different platforms and scaling the server components.

Stateless

This is inspired by the HTTP context where the client makes a request to the server. The request will contain all the information required to process the request on the server-side. The server side will not store any information related to the HTTP request and each request will be treated as a new one. That is the state of the request is managed at the client-end only.

Cacheable

Caching is an important concept in today's user interactions. The ability to cache a resource when applicable will reduce the number of client-server interactions because the client can re-use the same response. Caching can be applied on either side of the client-server architecture and should mark the resource to be cacheable.

Layered System

REST allows you to build applications that follow a layered architecture. In this architecture, the servers will only have knowledge of the intermediary servers there by the client interacting will never know which server has responded to their request. Let's take a simple web form that stores information on a database server. On top of the server, we can add a load balancer, a security layer that authorizes the requests made to the database server. The ability to build an application in this layered style will help in separating the business logic from the security logic and also makes scaling the servers an easy job.

Uniform Interface

It is important to apply a generality where the end-point provides the ability to interact with related or additional data using the same URI. This simplifies the interaction and improves the visibility of the resources. It is said if the user knows how to interact with one of your APIs, they should be able to follow the same approach for the remaining APIs. This is achieved through 4 architecture constraints:

• identification of resources.
• manipulation of resources through representations.
• self-descriptive messages.
• hypermedia as the engine of application state (HATEOAS)

Code on Demand (optional)

This is an optional constraint that allows your API to send executable code to the client system on demand. For example, Java applets or javascript to run a widget.

Summary

The key take-aways are:

• REST is an architecture pattern and is not a technology.
• REST does not recommend a language in which the client or server-side of the logic must be built.
• HTTP is not the same as REST, only that a REST application uses HTTP protocol for the requests and responses between client and server.
• An interactive application can be made RESTful by following the six constraints.
• Building an application using REST simplifies the logic into its own layers and improves scalability.
• Web services that are built using the REST constraints are known as the RESTful APIs:
  • This includes a base URI.
  • HTTP methods to GET, PUT, POST, or DELETE to signify the request being made.
  • media type that tells which parser to invoke for processing the message.
  • The responses from the server will be returned as payload in HTTP, XML, JSON, or other formats.

Now that you got the hang of the REST architecture, you should give it a go!

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

So, this post will detail an alternative - a PowerShell script that can be run to SSH to an EC2 instance from Windows OS and does an equivalent job to the chmod400 command.

What does the chmod400 command do to a file or folder?

The command when run on the security key pair file removes all access to the file and gives only the current user read permission. So, when connecting to an EC2 instance, we are making sure no one has "write" access to the security key pair file. This is a mandatory requirement to connect to the EC2 instance safely.

If running from MacOs or Linux, the command will be like this:

$ chmod 400 securityfile.txt

The updated file permissions will look something like this:

chmod400 on Windows

The chmod command utility is not supported on windows. There are other ways to apply for the same file permissions. One way is to right-click on the file properties, and security tab and then click on the Advanced button. In this screen, you will have to disable inheritance and then remove access to all users except for the current user. All these steps sound very tedious and if you consider doing it multiple times on different security key pair files to connect to other EC2 instances, it sounds unproductive!

So, here comes the magic script that does all that. But before you run the script make sure OpenSSH.Client and OpenSSH. Servers are installed on your machine. These two are required to run the SSH command and can be found from this link. Also, Powershell should have Microsoft.Powershell.Security Module installed. This script makes use of some of the cmdlets from this module.

Powershell script

#NOTE:  Update the below parameters with your EC2 details before running this script.

#Parameters for Running the script
[string] $keyFile = "C:\AWS\ec2KeyPair.pem"
[string] $publicip = "ec2-user@XX.xXX.xXX.xxX" #update the public ip address here

#view the security key file permissions
Write-Host "Current ACL permissions to the security file:"
Get-Acl $keyFile | fl

#add a current user with read control to the security file
$acl = Get-Acl $keyFile
$uName = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name

$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($uName,"Read","Allow")
$acl.SetAccessRule($accessRule)
$acl | Set-Acl $keyFile

#Delete inherited permissions
$acl.SetAccessRuleProtection($true,$false)
$acl | Set-Acl $keyFile

Write-Host "ACL Permissions after disabling inheritance and adding full control access to current user:"
Get-Acl $keyFile | fl

# ssh to the ec2-instance
ssh -i $keyFile $publicip

Copy the above script and update the parameters section with the location of your security key pair file and EC2 instance IP address. Once the file is saved, you just run the script. See, it is that simple and reduces running through multiple steps.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

Agile

In the project management world, agile is a set of principles and values. So, does this mean agile is a methodology or a framework that we can follow for managing a project. No, absolutely not. Because methodology and framework are different. Methodology refers to a more detailed approach in which complete guidance is provided on how work should be done. On the other hand, a framework is something that is deliberately left incomplete so we can fill the gaps or adapt it as we see fit for the project that uses SCRUM, Crystal, etc.

Origin

2001 is when the manifesto for agile software development emerged. It is released by the agile alliance, a group of 17 individuals who practiced SCRUM, XP, DSDM, ASD, Crystal, Feature-Driven Development, and Pragmatic programming. They are looking for a lightweight alternative to the documentation-driven heavyweight software development processes.

Individuals and interactions over processes and tools Working software over comprehensive documentation Customer collaboration over contract negotiation Responding to change over following a plan

So, is born an iterative approach for software development that is guided by a set of 12 principles and values called the Agile Manifesto. You can read more about the 12 principles from this link.

Now, you know what the term agile means. To summarize, it is simply a set of principles and values that govern how the software development process should convene.

Scrum

As evident from the history of the agile screenshot shared above, the Scrum framework has been around since 1986. And, yes Scrum is a framework, not a methodology.

Scrum is developed by Ken Schwaber and Jeff Sutherland to help organizations to deliver complex projects of the highest possible value. For this, they have documented a guide called the scrum guide.

According to this guide, scrum is defined as:

A framework within which people can address complex adaptive problems, while productively and creatively delivering products of the highest possible value.

There is a misconception that scrum is only for software development. That is false, I think it can be applied to accomplish any complex task, industry, and even personal goals. I know that doesn't sound right but scrum is not a process, technique, or definitive method that insists on where it can be applied. It is a framework that consists of scrum roles, events, artifacts, and rules. And, its main focus is the continuous improvement of product, team, and working environment.

Scrum Roles

The scrum team consists of the product owner, the development team, and a scrum master. A product owner is the one who is responsible for the product backlog, which is the single source of all the requirements needed to make the product. This role will be performed by a single person and their goal will be to maximize the value of the product delivered by the development team.

The development team consists of professionals who are self-organized and self-managed to do the work of delivering a potentially releasable increment at the end of each sprint. The individual team members will have specialized skills and cross-functional so the team can do the work assigned to them within a sprint.

A scrum master is an individual who is responsible for promoting and supporting the team that the Scrum framework as defined in the Scrum guide is followed. They act as servant-leader for the team by helping those within the team to understand the scrum rules and values and those outside the team on how their interactions are affecting the team.

Each role has its own part to play for a sprint (timeline to deliver a potentially releasable increment which is usually 2-4 weeks). They abide by the scrum rules and values so they can maximize the value of the sprint delivery.

Kanban

Kanban pronounced as 'Kahn-Bahn' is a Japanese term meaning visual signal or card. Taiichi Ohno, an engineer from Toyota inspired by the supermarket's inventory restocking techniques has developed a scheduling system for just-in-time manufacturing. To reduce waste and improve efficiency, he came up with a visual card method to trigger actions throughout the production process.

This approach is later refined and evolved to what we know as the Kanban method of today. It consists of a visual board where the team should know exactly where they are to move to the desired destination. It allows for a pull system where items are pulled as per the team capacity. So, any project with tasks that can follow the pattern of "To Do", "Doing" and "Done" can be implemented using the Kanban.

Along with project progress visualization, this approach enables work-in-process limits. This reduces the time taken to move across the different lanes in the kanban board. Focusing on the continuous flow of work enables continuous improvement by measuring metrics around the flow.

Which one to choose?

I see the scrum framework works well for projects that have fixed priorities for the sprint timeline because changes during the sprint in scrum are not recommended. On the contrary, Kanban relies on more the just-in-time production system so projects with changing priorities will benefit from it. In fact, scope modifications and continuous improvement to the way things are done are welcome before the completion of the project.

I have also seen organizations where Kanban is first introduced to ease the team into the scrum culture before restricting the project processes to the scrum rules. It makes change management easier. Again, there is no fixed rule that says you should follow one in a particular situation. It all depends on the project manager to determine which one works well for the team.

What do you think of scrum and kanban, which one do you use for your projects and why? Let me know your thoughts in the comments.

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.

One may question why should we resort to such stress to personalize one's own blog? Well, there are many reasons and they vary with your interests. For me, it is to test out the feature and understand the design mechanism behind the development. Also, let's not forget the fact that I want my blog to stand out and not look like every other blog.

Before we begin it is important to note that the custom CSS feature is currently enabled only for ambassadors. For more details on how to become an ambassador, check out this link. And, for those ambassadors who are interested in learning about how to enable custom CSS, save the changes and publish them, follow this link.

Awesome! Now you are all set up to write CSS for your website. Let's start this mission...🏁

Navigation

This is the first item I worked on. I personally didn't like how the website navigation links are on one line and the social media icons are displayed on the next row. I changed this by targeting the .blog-sub-header container which wraps both the nav links and social media links. This is achieved by adding the following code:

.blog-sub-header.items-end {
    align-items: center;
}

Media Queries

Now that we have achieved displaying all links in one single line, I noticed they overlap from 450px width and less. Add the following to change the flex-direction to column using the following code:

@media only screen and (max-width: 450px) {

    .blog-sub-header {
        flex-direction: column;
        align-content: space-around;
        justify-content: center;
    }

}

You can do much more to the navigation links by adding hover color effects to these classes:

• .blog-sub-header-nav a
• .blog-social-media-section a

Header Background

There are two style options to choose from for the header section and again this is a personal preference. Do you want the full width of the header to display certain background or just the container that has the logo and navigation links?

To update the background for the full header width, use .blog-header class like this one here:

Now to target just the container, use .blog-header .container classes like this one here:

Bonus Tip!!! 🤩🤩

You will notice in the above screenshots that I targeted a full width in dark mode and just the header width for normal mode. This can be achieved by applying your full background to .blog-header and by inheriting the parent background for .blog-header .container in dark mode.

Main Section

Again depending on the page you are targeting, the main body section consists of different divs/containers for the author card, newsletter subscription form (if you have it enabled), blog items listed as cards, blog detail (for the articles page), content of the additional pages. Some key classes to target here are:

• .blog-subscription-form
• .blog-subscription-form-wrapper.
• .blog-post-card
• .blog-similar-article-wrapper
• .blog-page-title

Hide/Remove a section.

You will notice I removed the author card section from my home page and this is done using the following code:

.blog-author-card {
    display: none;
}

You might wonder why I didn't use the visibility attribute and set it to hidden. The visibility tag will hide the element but it will still occupy the space allocated for that element. Whereas, the display tag will hide the element as if it is not there. So, you know now. 😎

Articles and Pages

When you make changes to your header and footer, ensure those changes are copied across to all the sections of your website - Home, Articles, and Pages tabs.

Dark Mode

You can add a different styling for an element to accommodate the dark mode. This can be achieved by adding .dark before your target classes. Sample code below updates the text color from black to yellow when dark mode is enabled:

.dark .blog-header .text-black {
    color: #ff9f1c;
}

If you chose a custom background for the header and blog content like I did, make sure relevant images are referred to in dark mode.

Challenge

One task I found difficult to solve is to style the author card background-color which is fixed to the div element as an inner element style. The only way to override is to use !important property to the custom CSS. Let me know if you know of a different way to override it without using the !important property. So, what are you waiting for, give it a try by joining Hashnode here?

Thank you for Reading - Let's Connect!

Enjoy my blog? For more such awesome blog articles - follow, subscribe and let's connect.