aws_healthlake_datastore
account_id
Type: STRING
created_at
Type: TIMESTAMP
Provider name: CreatedAt
Description: The time the data store was created.
datastore_arn
Type: STRING
Provider name: DatastoreArn
Description: The Amazon Resource Name (ARN) used in the creation of the data store.
datastore_endpoint
Type: STRING
Provider name: DatastoreEndpoint
Description: The AWS endpoint for the data store.
datastore_id
Type: STRING
Provider name: DatastoreId
Description: The data store identifier.
datastore_name
Type: STRING
Provider name: DatastoreName
Description: The data store name.
datastore_status
Type: STRING
Provider name: DatastoreStatus
Description: The data store status.
datastore_type_version
Type: STRING
Provider name: DatastoreTypeVersion
Description: The FHIR release version supported by the data store. Current support is for version R4.
error_cause
Type: STRUCT
Provider name: ErrorCause
Description: The error cause for the current data store operation.
error_category
Type: STRING
Provider name: ErrorCategory
Description: The error category for ErrorCause.
error_message
Type: STRING
Provider name: ErrorMessage
Description: The error message text for ErrorCause.
identity_provider_configuration
Type: STRUCT
Provider name: IdentityProviderConfiguration
Description: The identity provider selected during data store creation.
authorization_strategy
Type: STRING
Provider name: AuthorizationStrategy
Description: The authorization strategy selected when the HealthLake data store is created. HealthLake provides support for both SMART on FHIR V1 and V2 as described below.SMART_ON_FHIR_V1 – Support for only SMART on FHIR V1, which includes read (read/search) and write (create/update/delete) permissions.SMART_ON_FHIR – Support for both SMART on FHIR V1 and V2, which includes create, read, update, delete, and search permissions.AWS_AUTH – The default HealthLake authorization strategy; not affiliated with SMART on FHIR.
fine_grained_authorization_enabled
Type: BOOLEAN
Provider name: FineGrainedAuthorizationEnabled
Description: The parameter to enable SMART on FHIR fine-grained authorization for the data store.
idp_lambda_arn
Type: STRING
Provider name: IdpLambdaArn
Description: The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.
metadata
Type: STRING
Provider name: Metadata
Description: The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see Metadata in SMART’s App Launch specification. authorization_endpoint: The URL to the OAuth2 authorization endpoint. grant_types_supported: An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are authorization_code and client_credentials. token_endpoint: The URL to the OAuth2 token endpoint. capabilities: An array of strings of the SMART capabilities that the authorization server supports. code_challenge_methods_supported: An array of strings of supported PKCE code challenge methods. You must include the S256 method in the array of PKCE code challenge methods.
preload_data_config
Type: STRUCT
Provider name: PreloadDataConfig
Description: The preloaded Synthea data configuration for the data store.
preload_data_type
Type: STRING
Provider name: PreloadDataType
Description: The type of preloaded data. Only Synthea preloaded data is supported.
sse_configuration
Type: STRUCT
Provider name: SseConfiguration
Description: The server-side encryption key configuration for a customer provided encryption key.
kms_encryption_config
Type: STRUCT
Provider name: KmsEncryptionConfig
Description: The Key Management Service (KMS) encryption configuration used to provide details for data encryption.
cmk_type
Type: STRING
Provider name: CmkType
Description: The type of customer-managed-key (CMK) used for encryption.
kms_key_id
Type: STRING
Provider name: KmsKeyId
Description: The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.
Type: UNORDERED_LIST_STRING
