Skip to main content

Publish Workload Requirements Attestation Checklist

We, the vendor, Lucid Data Hub Inc., confirm and attest to reviewing, meeting and complying with the requirements outlined in the Microsoft Fabric Workload Development Kit (WDK) specifically the Publish Workload Requirements.

The following sections documents details, exceptions, or variances regarding the attestation of adherence to the Publish Workload Requirements.

Business Requirements:

1. Value To Customers

The workload provides the following value to customers –
AgentMart Studio enables business users to effortlessly build intelligent AI agents without requiring deep technical expertise. Leveraging Microsoft Fabric and your enterprise’s OneLake data, it delivers actionable, industry-specific insights safeguarded by contextual guardrails. Users can select pre-built or custom data queries and business logic, integrate advanced analytics, and automate tasks such as alerts, Teams notifications, or PowerBI updates. This streamlines decision-making, reduces manual effort, optimizes processes, and empowers teams with timely, data-driven intelligence all within a few simple clicks.

2. Trial

We provide an easy and fast trial experience. The trial is available to the customer without waiting time (less than 5 seconds), and provides a free and easy way to explore the offered workload for a limited time in accordance with Microsoft guidelines for Trials

  • Yes
  • No

We are offering 7 days trial limit

3. Monetization

The workload is available on the marketplace for the customer to procure with or without a trial in accordance with the monetization guidelines

  • Yes
  • No

🔗 https://bit.ly/AgentMart-Az-Marketplace

Technical Requirements:

1. Microsoft Entra Access

The workload(s) use Microsoft Entra authentication and authorization.

  • No additional authentication and authorization mechanisms are used
  • Additional authentication and authorization mechanisms are used for stored data In Fabric

Tenant ID: 647cf0a8-83b8-491a-bf68-5b2fff035d16

2. One Lake

Workloads integrate with One Lake to store data in the standard formats supported by the Fabric platform so that other services can take advantage of it.

  • All data and metadata is stored in One Lake or Fabric Data Stores
  • Not all data and metadata is stored in One Lake or Fabric Data Stores

We are storing customer profiling data, data dictionaries in Azure SQL and Azure Cosmos DB.

3. Microsoft Entra Conditional Access

Enterprise customers require centralized control and management of the identities and credentials used to access their resources and data and via Microsoft Entra to further secure their environment via conditional access.

  • The service works in its entirety even if customers enable this functionality
  • The service works with limitations if customers enable this functionality
  • The service does not work with Microsoft Entra Conditional Access

4. Admin REST API

Admin REST APIs are an integral part of Fabric admin and governance process. These APIs help Fabric admins in discovering workspaces and items, and enforcing governance such as performing access reviews, etc. Basic functionality is supported as part of the Workload Development Kit and doesn't need any work from Partners.

  • Microsoft Fabric Admin APIs are being leveraged (/admin/*)
  • No Microsoft Fabric Admin APIs are being used

5. Customer Facing Monitoring & Diagnostic

Health and telemetry data needs to be stored for a minimum for 30 days including activity ID for customer support purposes, including Trials.

  • Minimum 30 days requirement is adhered to
  • Vendor stores the data for __ additional days beyond the minimum requirement

6. B2B

The implementation of the workload is in line with Microsoft Fabric’s sharing strategy focused on allowing customers to collaborate with their business partners, customers, vendors, subsidiaries etc. It also means users from other tenants can potentially be granted access to items partners are creating.

  • Cross tenant B2B collaboration supported
  • Workload Item Access only within the tenant

7. Business Continuity and Disaster Recovery

The vendor has comprehensive Business Continuity and Disaster Recovery (BCDR) plans designed to tackle unplanned disasters and recovery steps.

We are currently deploying our backend application in the Azure Cloud and are following the standard Azure Business Continuity & Disaster Recovery (BCDR) policies at this stage. As the workload matures, we will implement a more robust and customized BCDR plan to further strengthen resilience and ensure seamless recovery in the near future.

8. Performance

The Workload implementation takes measures to test and track performance of their Items

  • Performance Metrics on workload performance are available via the monitoring hub
  • Workload additionally includes a separate monitoring UI to test and track performance
  • Performance tracking is not currently available to the end user however vendor support personnel can monitor, test, track performance via their internal instrumentation and monitoring systems

9. Presence

To ensure that customer expectations independent of their home or capacity region are met, vendors need to align with fabric regions and clouds. Availability in certain restrictions also impacts your Data Residency commitments.

  • Service availability and colocation/alignment in the following fabric regions
  • All or part of the service does not reside in Azure

User from any region can access from all the regions to maintain the load balancing and data residency commitments, stored in secure Microsoft Azure servers located in North America.

10. Public APIs

Fabric Public APIs are the backbone of automation, enabling seamless communication and integration for both customers and partners within the Fabric ecosystem. Fabric Public API empowers users to build innovative solutions, enhance scalability, and streamline workflows.

  • The workload uses Fabric Public APIs

Design / UX Requirements:

  1. Common UX : The workload and all item types the partner provides as part of it comply with the Fabric UX guidelines.

    • The following variance and/or exceptions have been granted by Microsoft

  2. Item Creation Experience : The item creation experience is in accordance with the Fabric UX System.

    • Yes
    • No

  3. Monitoring Hub : All Long running operations need to integrate with Fabric Monitoring Hub.

    • Yes
    • No

  4. Trial Experience : The workload provides a Trial Experience for users as outlined in the design guidelines.

    • Trial Supported
    • Trial Not Supported

  5. Monetization Experience : The monetization experience is in line with the design guidelines provided

    • The monetization experience is completely integrated with the marketplace and compliant with the guidelines
    • Bring Your Own License (BYOL)
    • Free / Freemium
    • Other

  6. Accessibility : The user experience is in compliance with the Fabric UX design guidelines for Accessibility

    • The user experience is completely compliant with the guidelines
    • The following limitations exist

  7. World Readiness / Internationalization : English is supported as the default language. Localization through optional, should be considered.

    • English is the only supported language
    • The following are the additional languages supported

  8. Item Settings : Item settings are implemented as a part of the ribbon as outlined in the UX guidelines

    • Yes
    • No

  9. Samples : Samples are optionally provided that preconfigure items of their type their type to help customers get started more easily.

    • Samples not provided
    • Samples for pre-configuration of items provided

  10. Custom Actions : Custom actions can be optionally provided as a part of the item editor.

    • Custom Actions are not implemented
    • Custom Actions implemented as part of Workload

  11. Workspace settings : Workspace settings provide a way that workloads can be configured on a workspace level.

    • Supported
    • Not Supported

  12. Global Search : Searching for items in Fabric is supported through the top search bar.

    • Supported
    • Not Supported

Security / Compliance Requirements:

1. Security general

Protection of customer data and metadata is of paramount importance. Workloads must go through a security review and assessment. Vendor attests that the security review and assessment was completed and will be periodically performed as enhancements and changes are made. Security issues discovered which could have a detrimental impact on the customer should be addressed promptly and customers notified where applicable.

Protection of customer data and metadata is of paramount importance to us. Agent Mart Studio workloads are built and operated on Microsoft Azure Cloud, and every workload backend undergoes a strict security review and assessment before release. Reviews are also performed periodically as enhancements and changes are introduced. We hereby attest that the following security and compliance tests, attestations, and reviews have been performed and continue to be maintained:

  1. Application Security Testing
  • Code Reviews: All codebases undergo peer review and vulnerability assessment prior to release.
  • Application & API Testing: Runtime testing of APIs and UI against known security vulnerabilities, aligned with OWASP guidance.
  1. Cloud Infrastructure Security (Azure)
  • Azure Baseline Controls: Workload design aligned with Microsoft’s Well-Architected Framework (security pillar).
  • Identity & Access Management: Azure RBAC, enforced MFA, and managed identities for service-to-service communication.
  • Encryption:
    • At Rest: AES-256 encryption and Transparent Data Encryption (TDE) in Azure SQL DB.
    • In Transit: TLS 1.2+ enforced for all data exchanges.
    • Key Management: Secrets and keys managed in Azure Key Vault, with Lucid Data Hub–managed keys supported.
  1. Data Residency & Privacy Controls
  • Metadata Residency: Metadata (profiling outputs, design/workflow definitions) is securely stored in Lucid Data Hub Inc. managed Azure databases located in North American regions (U.S./Canada).
  • Customer Data Handling: Microsoft Fabric OneLake data is never copied or persisted in Lucid infrastructure. Data is accessed at runtime only and always remains within the customer’s Fabric tenant.
  1. Operational Security
  • Vulnerability Management: Monthly vulnerability scanning with remediation tracked against defined SLAs.
  • Audit Logging: Comprehensive audit trails for access, configuration, and workflow execution.
  • Incident Response: Documented incident response plan with 24-hour notification commitments for customer-impacting events.
  • Continuous Alignment: Ongoing alignment with Microsoft Azure compliance roadmap and Microsoft Fabric security practices.

2. Privacy:

Partners that build workloads also have a responsibility to protect that data when they access it. Every workload goes through a privacy assessment and a privacy review. Vendor attests that privacy review was completed and is periodically performed as enhancements and changes are made.

  • Extra Requirements: Vendor attests that only essential HTTP-only cookies are used by the Workload and only after positively authenticating the user.

Privacy is central to Agent Mart Studio operations. Every workload undergoes a privacy assessment and review prior to release, and these reviews are repeated periodically as enhancements or changes are introduced.

  • Only essential metadata (profiling outputs, design/workflow definitions) is stored in Lucid Data Hub Inc. managed Azure databases in North America (U.S./Canada).
  • Customer Microsoft Fabric OneLake data is never copied or persisted in Lucid infrastructure; access is runtime-only within the customer tenant.
  • Essential HTTP-only cookies are used only after positive user authentication; no tracking or third-party cookies are set.
  • Regular reviews ensure compliance with Microsoft Fabric security and privacy requirements.

✅ Attestation: Agent Mart Studio confirms privacy reviews are completed and periodically repeated, and only essential authenticated cookies are used.

3. Data Residency

Microsoft Fabric is making an Enterprise Promise around data not leaving the geography of the tenant for stored data and data in transit. As a workload in Fabric directly and users need to be aware what your commitments to Data Residency are. Define what your commitments are to the Data Residency of customer data.

Data Residency & Privacy Controls

  • Metadata Residency: Metadata (profiling outputs, design/workflow definitions) is securely stored in Lucid Data Hub Inc. managed Azure databases located in North American regions (U.S./Canada).
  • Customer Data Handling: Microsoft Fabric OneLake data is never copied or persisted in Lucid infrastructure. Data is accessed at runtime only and always remains within the customer’s Fabric tenant.

4. Compliance

The publisher attests to the following security, data and compliance regulations and standards

Agent Mart Studio is designed and operated with compliance at the forefront. The workload leverages Microsoft Azure’s cloud security and compliance framework and aligns with Microsoft Fabric governance and compliance practices.

Security & Data Handling Practices

  • Cloud Foundation: Built on Microsoft Azure Cloud and integrated with Microsoft Fabric.
  • Customer Data Protection: Microsoft Fabric OneLake data is never copied or stored in Lucid infrastructure; access is runtime-only by Lucid Data Hub.
  • Metadata Residency: Only essential metadata (profiling outputs, design/workflow definitions) is securely stored in Lucid Data Hub Inc. managed Azure databases in North America (U.S./Canada).
  • Encryption & Key Management: Data protected by AES-256 encryption at rest and TLS 1.2+ in transit, with keys managed in Azure Key Vault.
  • Reviews & Assessments: Security reviews, privacy assessments, and compliance checks are conducted prior to release and periodically thereafter.

Standards & Certifications

  • Roadmap: Agent Mart Studio is actively working towards certification for ISO/IEC 27001, SOC 2 Type II, and GDPR compliance as part of its near-term compliance roadmap.

Operational Compliance

  • Vulnerability Management: Regular reviews and remediation tracked against defined SLAs.
  • Audit Logging: Comprehensive audit trail for access, configuration, and workflow execution.
  • Incident Response: Documented incident response plan with 24-hour customer notification commitments for material events.

Support:

1. Live site (Microsoft direct vendor outreach)

FieldValue
Contact Name/TeamVenu Amancha
Number
Email AliasVenuAmancha@luciddatahub.com
Self Service Portalcontactlucid@luciddatahub.com

2. Supportability

Vendors are responsible for defining and documenting their support parameters (Service level agreement, contact methods, ...). This information needs to be linked from the Workload page and should always be accessible to customers. In addition, the Marketplace criteria, need to be taken into account for the listing of the SaaS offer.

  • Vendor attests that support information is published to the marketplace offering and available to user/customers directly via the workload

3. Service Health and Availability

Vendors need to host a service health dashboard that shows their service health and availability to customers. This information can be included on the Supportability page. Service heath dashboard can be found here:

  • Not Supported, we have plan to implement in near future

Fabric Features:

  1. Application Life Cycle Management (ALM) : Microsoft Fabric's lifecycle management tools enable efficient product development, continuous updates, fast releases, and ongoing feature enhancements.

    • Supported
    • Not Supported

  2. Private Links : In Fabric, you can configure and use an endpoint that allows your organization to access Fabric privately.

    • Supported
    • Not Supported

  3. Data Hub : The OneLake data hub makes it easy to find, explore, and use the Fabric data items in your organization that you have access to. It provides information about the items and entry points for working with them. If you're implementing a Data Item, show up in the Data Hub as well.

    • Supported
    • Not Supported

  4. Data Lineage : In modern business intelligence (BI) projects, understanding the flow of data from the data source to its destination can be a challenge. The challenge is even bigger if you built advanced analytical projects spanning multiple data sources, data items, and dependencies. Questions like "What happens if I change this data?" or "Why isn't this report up to date?" can be hard to answer.

    • Supported
    • Not Supported

  5. Sensitivity Labels : Sensitivity labels from Microsoft Purview Information Protection on items can guard your sensitive content against unauthorized data access and leakage. They're a key component in helping your organization meet its governance and compliance requirements. Labeling your data correctly with sensitivity labels ensures that only authorized people can access your data. Extra requirements: For partners that are using Export functionality within their Item they need to follow the guidelines.

    • Supported
    • Not Supported

Additional Notes

: Please use this section to provide any further explanations, references, or notes that may be relevant to your attestation

The additional features of expanding to Data residency with in other regions will be added to roadmap in future.

References