Built on Azure Functions • Managed Identity • OIDC‑secured GitHub Actions
AutomationStudioCore is the core engine behind the MAP Studio Solutions automation platform.
It provides a modular, identity‑native, zero‑secret foundation for building secure, scalable, multi‑tenant automation systems across industries.
This repository demonstrates modern cloud engineering practices including serverless architecture, SQL‑native workflows, identity‑based authentication, and fully passwordless CI/CD.
- Zero secrets anywhere in the system
- GitHub → Azure OIDC federation
- User‑assigned Managed Identity for all runtime access
- RBAC‑driven permissions for SQL, Storage, and Key Vault
- Azure Functions with clean separation of triggers, handlers, and shared utilities
- Extensible for multi‑tenant and multi‑vertical automation
- Reusable patterns for workflow orchestration and domain‑specific modules
- GitHub Actions deployment using federated identity
- No service principals, no passwords, no connection strings
- Branch‑based deployment strategy
- Fully auditable pipeline
- Azure SQL Database with identity‑based authentication
- Schema designed for workflow state, automation metadata, and vertical extensions
- Storage integration for blob and queue workflows
AutomationStudioCore/
│
├── function_app.py # Azure Functions Python v2 entrypoint (all triggers defined here)
├── host.json # Azure Functions host configuration
├── local.settings.json # Local development settings (excluded from Git)
├── requirements.txt # Python dependencies
│
├── src/ # Core application modules (logic, not triggers)
│ ├── handlers/ # Business logic and workflow orchestration
│ ├── shared/ # Identity, SQL, storage, logging, config utilities
│ ├── models/ # DTOs, data contracts, and domain models
│ └── config/ # (Optional) Feature flags, environment wiring
│
├── infra/ # Optional Infrastructure‑as‑Code
│ ├── bicep/ # Bicep templates for core resources
│ ├── terraform/ # Terraform modules (if used)
│ └── README.md # How to provision/update infra
│
├── tests/ # Unit + integration tests
│ ├── unit/ # Handler and utility tests
│ ├── integration/ # End‑to‑end identity + SQL tests
│ └── README.md # How to run tests locally and in CI
│
└── docs/ # Full documentation (architecture, identity, CI/CD, security)
├── architecture.md
├── identity-model.md
├── deployment-pipeline.md
└── roadmap.md
Full documentation is available in the docs/ directory:
- Architecture Overview → docs/architecture.md
- Identity Model (OIDC + Managed Identity) → docs/identity-model.md
- Deployment Pipeline (GitHub Actions) → docs/deployment-pipeline.md
- Security Model (Zero‑Secret Architecture) → docs/security-model.md
AutomationStudioCore showcases modern engineering patterns including:
- Identity‑native cloud architecture
- Zero‑secret CI/CD with GitHub OIDC
- Modular serverless design
- SQL‑native workflow execution
- Multi‑tenant automation patterns
- RBAC‑driven security
- Documentation‑driven engineering
- Enterprise‑ready testing structure
This project reflects a philosophy of secure by design, modular by default, cloud‑native end‑to‑end.
- Azure: Functions, SQL, Storage, Key Vault, Managed Identity
- CI/CD: GitHub Actions (OIDC federation)
- Languages: Python, SQL
- Infra: Bicep, Terraform
- Patterns: Medallion‑style modeling, identity‑native automation, multi‑tenant workflows