Skip to content

azurermHealthcareService

Manages a Healthcare Service.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermClientConfigCurrent =
  new azurerm.dataAzurermClientConfig.DataAzurermClientConfig(
    this,
    "current",
    {}
  );
new azurerm.healthcareService.HealthcareService(this, "example", {
  access_policy_object_ids: dataAzurermClientConfigCurrent.objectId,
  authentication_configuration: [
    {
      audience: "https://azurehealthcareapis.com/",
      authority:
        "https://login.microsoftonline.com/$%7Bdata.azurerm_client_config.current.tenant_id%7D",
      smart_proxy_enabled: "true",
    },
  ],
  cors_configuration: [
    {
      allow_credentials: "true",
      allowed_headers: ["x-tempo-*", "x-tempo2-*"],
      allowed_methods: ["GET", "PUT"],
      allowed_origins: ["http://www.example.com", "http://www.example2.com"],
      max_age_in_seconds: "500",
    },
  ],
  cosmosdb_throughput: "2000",
  kind: "fhir-R4",
  location: "westus2",
  name: "uniquefhirname",
  resource_group_name: "sample-resource-group",
  tags: {
    environment: "testenv",
    purpose: "AcceptanceTests",
  },
});

Argument Reference

The following arguments are supported:

  • name - (Required) The name of the service instance. Used for service endpoint, must be unique within the audience. Changing this forces a new resource to be created.
  • resourceGroupName - (Required) The name of the Resource Group in which to create the Service. Changing this forces a new resource to be created.
  • location - (Required) Specifies the supported Azure Region where the Service should be created. Changing this forces a new resource to be created.

\~> Please Note: Not all locations support this resource. Some are westUs2, northCentralUs, and ukWest.

  • accessPolicyObjectIds - (Optional) A set of Azure object IDs that are allowed to access the Service. If not configured, the default value is the object id of the service principal or user that is running Terraform.
  • authenticationConfiguration - (Optional) An authenticationConfiguration block as defined below.
  • cosmosdbThroughput - (Optional) The provisioned throughput for the backing database. Range of 400-100000. Defaults to 1000.
  • cosmosdbKeyVaultKeyVersionlessId - (Optional) A versionless Key Vault Key ID for CMK encryption of the backing database. Changing this forces a new resource to be created.

\~> Please Note In order to use a customKey from Key Vault for encryption you must grant Azure Cosmos DB Service access to your key vault. For instructions on how to configure your Key Vault correctly please refer to the product documentation

  • corsConfiguration - (Optional) A corsConfiguration block as defined below.
  • publicNetworkAccessEnabled - (Optional) Whether public network access is enabled or disabled for this service instance. Defaults to true.
  • kind - (Optional) The type of the service. Values at time of publication are: fhir, fhirStu3 and fhirR4. Default value is fhir.
  • tags - (Optional) A mapping of tags to assign to the resource.

An authenticationConfiguration block supports the following:

  • authority - (Optional) The Azure Active Directory (tenant) that serves as the authentication authority to access the service. The default authority is the Directory defined in the authentication scheme in use when running Terraform. Authority must be registered to Azure AD and in the following format: https://{Azure-AD-endpoint}/{tenant-id}.
  • audience - (Optional) The intended audience to receive authentication tokens for the service. The default value is https://azurehealthcareapis.com
  • smartProxyEnabled - (Optional) (Boolean) Enables the 'SMART on FHIR' option for mobile and web implementations.

A corsConfiguration block supports the following:

  • allowedOrigins - (Optional) A set of origins to be allowed via CORS.
  • allowedHeaders - (Optional) A set of headers to be allowed via CORS.
  • allowedMethods - (Optional) The methods to be allowed via CORS. Possible values are delete, get, head, merge, post, options and put.
  • maxAgeInSeconds - (Optional) The max age to be allowed via CORS.
  • allowCredentials - (Optional) (Boolean) If credentials are allowed via CORS.

Attributes Reference

The following attributes are exported:

  • id - The ID of the Healthcare Service.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 30 minutes) Used when creating the Healthcare Service.
  • update - (Defaults to 30 minutes) Used when updating the Healthcare Service.
  • read - (Defaults to 5 minutes) Used when retrieving the Healthcare Service.
  • delete - (Defaults to 30 minutes) Used when deleting the Healthcare Service.

Import

Healthcare Service can be imported using the resourceid, e.g.

terraform import azurerm_healthcare_service.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resource_group/providers/Microsoft.HealthcareApis/services/service_name