You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/healthcare-apis/fhir/configure-export-data.md
+17-7Lines changed: 17 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ author: ranvijaykumar
5
5
ms.service: healthcare-apis
6
6
ms.subservice: fhir
7
7
ms.topic: reference
8
-
ms.custom: references_regions
8
+
ms.custom: references_regions, subject-rbac-steps
9
9
ms.date: 03/01/2022
10
10
ms.author: cavoeg
11
11
---
@@ -26,17 +26,27 @@ The first step in configuring the FHIR service for export is to enable system wi
26
26
27
27
In this step, browse to your FHIR service in the Azure portal, and select the **Identity** blade. Select the **Status** option to **On** , and then select **Save**. **Yes** and **No** buttons will display. Select **Yes** to enable the managed identity for FHIR service. Once the system identity has been enabled, you'll see a system assigned GUID value.
## Assign permissions to the FHIR service to access the storage account
32
32
33
-
Browse to the **Access Control (IAM)** in the storage account, and then select **Add role assignment**. If the add role assignment option is grayed out, you'll need to ask your Azure Administrator to assign you permission to perform this task.
33
+
1. Select **Access Control (IAM)**.
34
34
35
-
For more information about assigning roles in the Azure portal, see [Azure built-in roles](../../role-based-access-control/role-assignments-portal.md).
35
+
1. Select **Add > Add role assignment**. If the **Add role assignment** option is grayed out, ask your Azure administrator to assign you permission to perform this task.
36
+
37
+
:::image type="content" source="../../../includes/role-based-access-control/media/add-role-assignment-menu-generic.png" alt-text="Screenshot that shows Access control (IAM) page with Add role assignment menu open.":::
38
+
39
+
1. On the **Roles** tab, select the [Storage Blob Data Contributor](../../role-based-access-control/built-in-roles.md#storage-blob-data-contributor) role.
40
+
41
+
[](../../../includes/role-based-access-control/media/add-role-assignment-page.png#lightbox)
36
42
37
-
Add the role [Storage Blob Data Contributor](../../role-based-access-control/built-in-roles.md#storage-blob-data-contributor) to the FHIR service, and then select **Save**.
43
+
1. On the **Members** tab, select **Managed identity**, and then select **Select members**.
38
44
39
-
[](../../../includes/role-based-access-control/media/add-role-assignment-page.png#lightbox)
45
+
1. Select **System-assigned managed identity**, and then select the FHIR service.
46
+
47
+
1. On the **Review + assign** tab, select **Review + assign** to assign the role.
48
+
49
+
For more information about assigning roles in the Azure portal, see [Azure built-in roles](../../role-based-access-control/role-assignments-portal.md).
40
50
41
51
Now you're ready to select the storage account in the FHIR service as a default storage account for export.
42
52
@@ -49,7 +59,7 @@ The final step is to assign the Azure storage account that the FHIR service will
49
59
50
60
To do this, select the **Export** blade in FHIR service and select the storage account. To search for the storage account, enter its name in the text field. You can also search for your storage account by using the available filters **Name**, **Resource group**, or **Region**.
51
61
52
-
[](media/export-data/fhir-export-storage.png#lightbox)
62
+
[](media/export-data/fhir-export-storage.png#lightbox)
53
63
54
64
After you've completed this final step, you're ready to export the data using $export command.
Copy file name to clipboardExpand all lines: articles/healthcare-apis/fhir/convert-data.md
+14-5Lines changed: 14 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,6 +8,7 @@ ms.subservice: fhir
8
8
ms.topic: overview
9
9
ms.date: 03/21/2022
10
10
ms.author: ranku
11
+
ms.custom: subject-rbac-steps
11
12
---
12
13
13
14
@@ -119,15 +120,23 @@ Change the status to **On** to enable managed identity in FHIR service.
119
120
120
121
### Provide access of the ACR to FHIR service
121
122
122
-
1. Browse to the **Access control (IAM)** blade.
123
+
1. Select **Access Control (IAM)**.
123
124
124
-
1. Select **Add**, and then select **Add role assignment** to open the Add role assignment page.
125
+
1. Select **Add > Add role assignment**. If the **Add role assignment** option is grayed out, ask your Azure administrator to assign you permission to perform this task.
125
126
126
-
1. Assign the [AcrPull](../../role-based-access-control/built-in-roles.md#acrpull) role.
127
+
:::image type="content" source="../../../includes/role-based-access-control/media/add-role-assignment-menu-generic.png" alt-text="Screenshot that shows Access control (IAM) page with Add role assignment menu open.":::
127
128
128
-
[  ](../../../includes/role-based-access-control/media/add-role-assignment-page.png#lightbox)
129
+
1. On the **Roles** tab, select the [AcrPull](../../role-based-access-control/built-in-roles.md#acrpull) role.
129
130
130
-
For more information about assigning roles in the Azure portal, see [Screen image of Azure built-in roles.](../../role-based-access-control/role-assignments-portal.md).
131
+
[](../../../includes/role-based-access-control/media/add-role-assignment-page.png#lightbox)
132
+
133
+
1. On the **Members** tab, select **Managed identity**, and then select **Select members**.
134
+
135
+
1. Select **System-assigned managed identity**, and then select the FHIR service.
136
+
137
+
1. On the **Review + assign** tab, select **Review + assign** to assign the role.
138
+
139
+
For more information about assigning roles in the Azure portal, see [Azure built-in roles](../../role-based-access-control/role-assignments-portal.md).
0 commit comments