Moonlitic Tech Stack

Canonical reference — Azure-native, FHIR R4, zero-trust

CANONICAL · Single Source of Truth

This document supersedes all prior tech-stack drafts. Every Moonlitic engine and integration runs on the components listed here. If a doc references a component not on this page, that doc is out of date.

Pairs with: Moonlitic_Technical_Architecture.html Engines: F01-F06 Last updated: see git history

Azure / Microsoft Cloud

Moonlitic Internal

External Partners / SaaS

Security & Cryptography

Compliance & Audit

1. Cloud Foundation

Azure-only · Multi-region capable

Single-cloud strategy on Microsoft Azure. No multi-cloud complexity, no vendor sprawl.

Compute & Networking

Azure Virtual Network + Private Endpoints

Network isolation

No public-internet path to PHI; all data services reached via private endpoints

VNet peering for cross-region replication

Azure DDoS Protection Standard

Container Runtime

Azure Container Apps

Microservice host for F01-F06

Containerized engines auto-scale on demand

Built-in revisions, traffic splitting, rolling deploys

Managed identity integration with Entra ID

Serverless Compute

Azure Functions

Event-driven jobs, mapping rules

Custom CSV/Excel mapping inside Azure FHIR Conversion stack

Webhook handlers, audit fan-out

2. Health Data Services

FHIR R4 · DICOM · MedTech

Azure Health Data Services is the clinical source of truth. Everything FHIR-shaped lives here.

Azure Health Data Services

FHIR R4 Server

Longitudinal clinical record store

FHIR R4 resources for patients, encounters, observations, claims, etc.

De-identification service for secondary use

$export, $match, and SMART on FHIR endpoints

Used by F02 Clinical Intelligence as primary read/write store

Azure Health Data Services

DICOM Service

Imaging data

DICOM web (DICOMweb) endpoints for imaging

Linked to FHIR ImagingStudy resources

Azure Health Data Services

MedTech Service

IoT device telemetry → FHIR Observations

Wearables, remote monitoring devices

Streams device data into FHIR for the longitudinal record

3. Upstream Data Normalization

Azure-native · No third-party SaaS

Messy source data → Clean FHIR R4. Replaces what some vendors call "ETL middleware" with first-party Azure services.

Microsoft FHIR Converter

HL7v2 / C-CDA / JSON → FHIR R4

Open-source, free

Liquid-template-based conversion engine

Native handling of HL7v2 messages, CCDA documents, JSON

Templates customizable for source-specific quirks

Azure AI Document Intelligence

PDF / Scanned Form Extraction

Extract structured data from unstructured docs

Forms, lab reports, faxes, prior-auth letters

Custom models trainable on payer-specific layouts

Azure Data Factory

Pipeline Orchestration

Scheduling, lineage, retries

End-to-end pipeline from source ingestion to FHIR write

Built-in lineage tracking for compliance

Triggers Azure Functions for custom mapping logic

4. Identity & Access

IAL2 · Zero-Trust

Microsoft Entra ID

Identity Provider & RBAC

All authentication and role enforcement

OAuth 2.0 / OIDC for portals and APIs

Roles: patient, clinician, buyer, operator, admin

Conditional access (device posture, risk signals)

Clear

High-Assurance Identity Proofing (IAL2)

Patient + clinician identity verification

Document & liveness checks; reusable identity

Federated into Entra ID after proofing

Twilio Verify

SMS / Voice MFA

Step-up authentication, consent receipts

SMS MFA for sensitive operations

Phone-based consent confirmation

5. Data & Storage

Multi-tier · Operational + Analytical + Audit

Azure Cosmos DB

Operational Store / Consent Cache

Sub-5ms consent lookup

Consent state, session state, real-time data

Event-sourced consent lifecycle

Multi-region replication for low-latency reads

Microsoft Fabric

Analytics & Lakehouse

BI, reporting, data products

Unified lakehouse over raw + curated FHIR data

Power BI semantic models with row-level security

Source for marketplace data products (F05)

Azure Confidential Ledger

Immutable Audit Trail

Tamper-evident compliance log

Every consent change, access, payout — logged here

SHA-256 hash chained, regulator-ready

Foundational for HIPAA + state law audits

Azure Blob Storage

Document & Form Storage

Source artifacts, exports

Source PDFs, signed consent forms, compliance exports

Lifecycle policies for retention and archival

6. Security & Cryptography

FIPS 140-2 · TLS 1.3 · Zero-Trust

Azure Key Vault

Secrets & Key Management

FIPS 140-2 backed

Encryption keys, certificates, connection strings

Field-level encryption keys for Genetic / Mental Health / HIV

Managed identity access only

Azure Sentinel + Defender for Cloud

SIEM + Cloud Security Posture

Detection & response

Centralized log analytics & threat detection

Continuous compliance scoring (HIPAA, SOC 2)

Workload protection across Container Apps and Functions

Encryption Standards

AES-256 · TLS 1.3 · SHA-256

In-transit and at-rest

AES-256 at rest across all storage tiers

TLS 1.3 mandatory for all external endpoints

SHA-256 hash chain for audit log integrity

7. DevSecOps & Build Pipeline

GitHub + Azure

Source of truth in GitHub; build, security scanning, and deploy in Azure. Cross-cutting concern — sits alongside the runtime architecture, not inside it.

GitHub

Source Control & Code Review

Single repo, branch protection

All Moonlitic source under one organization

Required PR reviews; signed commits

Dependabot for dependency updates

GitHub Actions

CI: Build, Test, Scan

Per-PR validation

Type checks, unit + integration tests

SAST (CodeQL), secret scanning, dependency review

Container image build & vulnerability scan

Azure Pipelines / Container Registry

CD: Deploy to Azure

Promotion to dev / staging / prod

Image push to Azure Container Registry

Rollout to Container Apps with revisions

Approvals gate for production

Microsoft Defender for Cloud (DevOps)

Pipeline Security Posture

Continuous DevSecOps assurance

Runtime + supply-chain risk visibility

Surface findings back into GitHub PRs

8. Frontend & Experience

React / Next.js · Shared design system

Application Framework

Next.js (React)

All portals + console

Patient Portal, Clinician Console, Buyer/Pharma Marketplace, Operator Console

Server components for sensitive data fetches

Hosted on Azure Container Apps

Design System

Shared Component Library

Brand consistency, accessibility

Single source for tokens, components, accessibility primitives

WCAG 2.1 AA target

9. External Integrations

Pluggable · Outside zero-trust boundary

Third-party connections that sit at the edge. Each one runs through the API Gateway and is governed by F01 Consent.

FHIR Aggregators

1upHealth · Particle Health

EHR connectivity (Epic, Cerner, Allscripts)

FHIR-native pull from EHRs and payers

Pluggable — multiple aggregators supported

TEFCA-aligned roadmap

Velo Payments

Disbursement Rails

F06 Payouts to participants

ACH disbursements, KYC, 1099-NEC generation

Split payments & program rules

Zoho One

CRM + Books (AP/AR)

Buyer pipeline + finance ops

CRM for buyer pipeline (no PHI)

AP/AR, invoicing, expense management

SendGrid

Transactional Email

Notifications, consent receipts

Templated emails for portals

Domain-authenticated (SPF/DKIM/DMARC)

10. Compliance & Regulatory Mapping

Which service satisfies which requirement

Requirement	Primary controls	Status
HIPAA Security Rule	Azure BAA · Confidential Ledger audit · Key Vault encryption · Sentinel SIEM · Entra ID RBAC	Compliant
HIPAA Privacy Rule	F01 Consent Engine · Confidential Ledger · de-identification on Health Data Services	Compliant
SOC 2 Type II	Sentinel + Defender for Cloud continuous monitoring · GitHub branch protection · Pipeline approval gates	Readiness in progress
CMS-0057-F (Prior Auth FHIR APIs)	F02 Clinical Intelligence (PARDD workflow) · Health Data Services FHIR R4 · Da Vinci profiles	Compliant
HTI-5 (ONC Final Rule)	FHIR R4 throughout · CMS-0057-F endpoints · pending formal traceability matrix	Compliant — traceability matrix pending
HL7 FAST (FHIR At Scale)	12 BUILT / 5 PARTIAL / 3 PLANNED across 20 requirements · Consent pillar 3/3 · Security pillar 2/5	In progress
TEFCA (Jan 1, 2026 deadline)	FAST Security work-in-progress · UDAP dynamic registration on roadmap	On track
GDPR Article 6 (Lawful Basis)	F01 Consent Engine — explicit, granular, revocable	Compliant
State laws (TX HB 300, CA CMIA, NE PHIA)	F01 Consent jurisdiction rules · Confidential Ledger audit	Compliant