A cloud-native enterprise access governance platform built with Java 21, Spring Boot, PostgreSQL, Docker, Terraform, and Azure.
The application enables employees to submit access requests, managers to approve or deny those requests, and administrators to maintain complete audit and compliance visibility. The platform demonstrates enterprise software engineering practices including secure role-based authorization, workflow automation, auditing, reporting, cloud deployment, and infrastructure-as-code.
This project was designed to showcase enterprise application development patterns commonly used within large organizations and financial institutions.
Key objectives included:
- Secure role-based access control
- Approval workflow automation
- Audit and compliance tracking
- Cloud-native deployment on Azure
- Infrastructure as Code using Terraform
- REST API design and documentation
- Automated testing and validation
- Production-style monitoring and reporting
- Submit access requests
- Approval and denial workflows
- Decision comments
- Request status tracking
- Request lookup by ID
- Request filtering and search capabilities
- Spring Security integration
- Role-based access control (Employee, Manager, Admin)
- Endpoint-level authorization
- Protected management operations
- Secure API access
- Complete audit logging
- Audit filtering by user
- Audit filtering by action
- Audit filtering by date range
- Request-specific audit history
- Notification logging for request lifecycle events
- Request-specific notification history
- Extensible notification framework
- Ready for future email provider integration
- Dashboard endpoint
- Request metrics endpoint
- Pending request reporting
- Approval and denial statistics
- Recent activity reporting
- OpenAPI / Swagger documentation
- Request validation
- Standardized exception handling
- Pagination support
- Search and filtering endpoints
- Automated test coverage
flowchart TD
User[User / Manager / Admin] --> Swagger[Swagger UI / API Client]
Swagger --> App[Azure Container App<br/>Spring Boot REST API]
App --> Security[Spring Security<br/>Role-Based Access Control]
App --> DB[(Azure PostgreSQL<br/>Flexible Server)]
App --> Audit[Audit Logging]
App --> Notify[Notification Logging]
App --> Metrics[Dashboard / Metrics API]
Audit --> DB
Notify --> DB
Metrics --> DB
GitHub[GitHub Repository] --> Docker[Docker Image Build]
Docker --> ACR[Azure Container Registry]
ACR --> App
Terraform[Terraform IaC] --> Azure[Azure Resources]
Azure --> App
Azure --> ACR
Azure --> DB
- Java 21
- Spring Boot
- Spring Security
- Spring Data JPA
- Maven
- PostgreSQL
- Azure PostgreSQL Flexible Server
- Azure Container Apps
- Azure Container Registry
- Terraform
- Docker
- JUnit
- Mockito
- Swagger / OpenAPI
https://access-request-platform.bluedesert-6a38596d.eastus2.azurecontainerapps.io/health
./mvnw clean package./mvnw spring-boot:runhttp://localhost:8080/swagger-ui/index.html
docker build -t access-request-platform .docker run -p 8080:8080 access-request-platformThis project demonstrates:
- Enterprise workflow automation
- Secure API development
- Cloud-native architecture
- Infrastructure as Code
- Database-driven application design
- Role-based authorization
- Audit and compliance controls
- Containerized deployment strategies
- Production-ready API documentation
- Automated testing practices
- Azure Active Directory integration
- Email delivery via Azure Communication Services or SendGrid
- GitHub Actions CI/CD pipeline
- Administrative web dashboard
- Request escalation workflows
- Approval delegation
- Advanced reporting and analytics
- Multi-tenant support
Michael Cowell
Senior Software Engineer
Built as a portfolio project to demonstrate enterprise Java, Spring Boot, Azure, Terraform, Security, and cloud architecture skills.





