Azure provides centralized governance, orchestration, and lifecycle management for GENCITY edge nodes. Azure is the management layer — not the compute destination. All AI execution and data processing occur locally on edge infrastructure.
Understanding the boundary between Azure's role and GENCITY's local execution is critical. Azure never processes, stores, or accesses raw operational data.
Fleet management and device lifecycle control. Secure over-the-air updates. Policy distribution and enforcement. Identity and access management. Anonymized telemetry collection. API integration gateway. Multi-tenant management console.
Process raw sensor or operational data. Store PII, PHI, or classified content. Run AI inference workloads. Access unprocessed telemetry. Serve as the primary compute environment. Handle any data that has not been hardware-anonymized.
Azure IoT Hub manages node provisioning, registration, health monitoring, and decommissioning. Each edge node maintains a secure identity in Azure — but Azure never accesses the data processed by that node.
Firmware, model, and configuration updates are signed and distributed through Azure's update infrastructure. Nodes verify cryptographic signatures before applying updates. Rollback is automated if attestation fails.
Azure distributes operational policies — workload placement rules, model deployment targets, inference priorities — to the local orchestration layer. Policies are applied locally; Azure does not execute workloads directly.
Edge nodes report operational metrics — CPU utilization, inference throughput, model version, health status — to Azure. All telemetry passes through the hardware anonymization layer. Azure receives no raw content, PII, or sensitive payloads.
Azure API Management provides a secure gateway for enterprise integrations — connecting GENCITY's anonymized outputs to existing IT systems, dashboards, and reporting tools without exposing the edge data plane.
Operators define and enforce policies — compliance rules, workload constraints, access controls, update schedules — from a centralized Azure console. Policies propagate to all managed nodes automatically.
This diagram illustrates the clear separation between what operates in Azure and what operates locally.