HealthLake / Client / create_fhir_datastore

create_fhir_datastore

HealthLake.Client.create_fhir_datastore(**kwargs)

Create a FHIR-enabled data store.

See also: AWS API Documentation

Request Syntax

response = client.create_fhir_datastore(
    DatastoreName='string',
    DatastoreTypeVersion='R4',
    SseConfiguration={
        'KmsEncryptionConfig': {
            'CmkType': 'CUSTOMER_MANAGED_KMS_KEY'|'AWS_OWNED_KMS_KEY',
            'KmsKeyId': 'string'
        }
    },
    PreloadDataConfig={
        'PreloadDataType': 'SYNTHEA'
    },
    ClientToken='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    IdentityProviderConfiguration={
        'AuthorizationStrategy': 'SMART_ON_FHIR_V1'|'SMART_ON_FHIR'|'AWS_AUTH',
        'FineGrainedAuthorizationEnabled': True|False,
        'Metadata': 'string',
        'IdpLambdaArn': 'string'
    }
)

Parameters:

• DatastoreName (string) – The data store name (user-generated).

• DatastoreTypeVersion (string) –

  [REQUIRED]

  The FHIR release version supported by the data store. Current support is for version R4.

• SseConfiguration (dict) –

  The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.

  • KmsEncryptionConfig (dict) – [REQUIRED]

    The Key Management Service (KMS) encryption configuration used to provide details for data encryption.

    • CmkType (string) – [REQUIRED]

      The type of customer-managed-key (CMK) used for encryption.

    • KmsKeyId (string) –

      The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.

• PreloadDataConfig (dict) –

  An optional parameter to preload (import) open source Synthea FHIR data upon creation of the data store.

  • PreloadDataType (string) – [REQUIRED]

    The type of preloaded data. Only Synthea preloaded data is supported.

• ClientToken (string) –

  An optional user-provided token to ensure API idempotency.

  This field is autopopulated if not provided.

• Tags (list) –

  The resource tags applied to a data store when it is created.

  • (dict) –

    A label consisting of a user-defined key and value. The form for tags is {“Key”, “Value”}

    • Key (string) – [REQUIRED]

      The key portion of a tag. Tag keys are case sensitive.

    • Value (string) – [REQUIRED]

      The value portion of a tag. Tag values are case-sensitive.

• IdentityProviderConfiguration (dict) –

  The identity provider configuration to use for the data store.

  • AuthorizationStrategy (string) – [REQUIRED]

    The authorization strategy selected when the HealthLake data store is created.

    Note

    HealthLake provides support for both SMART on FHIR V1 and V2 as described below.

    • SMART_ON_FHIR_V1 – Support for only SMART on FHIR V1, which includes read (read/search) and write (create/update/delete) permissions.

    • SMART_ON_FHIR – Support for both SMART on FHIR V1 and V2, which includes create, read, update, delete, and search permissions.

    • AWS_AUTH – The default HealthLake authorization strategy; not affiliated with SMART on FHIR.

  • FineGrainedAuthorizationEnabled (boolean) –

    The parameter to enable SMART on FHIR fine-grained authorization for the data store.

  • Metadata (string) –

    The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see Metadata in SMART’s App Launch specification.

    authorization_endpoint: The URL to the OAuth2 authorization endpoint.

    grant_types_supported: An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are authorization_code and client_credentials.

    token_endpoint: The URL to the OAuth2 token endpoint.

    capabilities: An array of strings of the SMART capabilities that the authorization server supports.

    code_challenge_methods_supported: An array of strings of supported PKCE code challenge methods. You must include the S256 method in the array of PKCE code challenge methods.

  • IdpLambdaArn (string) –

    The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.

Return type:

dict

Returns:

Response Syntax

{
    'DatastoreId': 'string',
    'DatastoreArn': 'string',
    'DatastoreStatus': 'CREATING'|'ACTIVE'|'DELETING'|'DELETED'|'CREATE_FAILED',
    'DatastoreEndpoint': 'string'
}

Response Structure

• (dict) –

  • DatastoreId (string) –

    The data store identifier.

  • DatastoreArn (string) –

    The Amazon Resource Name (ARN) for the data store.

  • DatastoreStatus (string) –

    The data store status.

  • DatastoreEndpoint (string) –

    The AWS endpoint created for the data store.

Exceptions

• HealthLake.Client.exceptions.ValidationException

• HealthLake.Client.exceptions.ThrottlingException

• HealthLake.Client.exceptions.AccessDeniedException

• HealthLake.Client.exceptions.InternalServerException