NHSDigital
diff --git a/‎docs/specification/dos-ingest.yaml‎
Lines changed: 93 additions & 0 deletions b/‎docs/specification/dos-ingest.yaml‎
Lines changed: 93 additions & 0 deletions
diff --git a/‎infrastructure/crud_apis.tfvars‎
Lines changed: 0 additions & 3 deletions b/‎infrastructure/crud_apis.tfvars‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎infrastructure/modules/ods-mock-api/main.tf‎
Lines changed: 0 additions & 1 deletion b/‎infrastructure/modules/ods-mock-api/main.tf‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎infrastructure/stacks/crud_apis/api-gateway-rest-deployment.tf‎
Lines changed: 63 additions & 0 deletions b/‎infrastructure/stacks/crud_apis/api-gateway-rest-deployment.tf‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-healthcare-service.tf‎
Lines changed: 31 additions & 0 deletions b/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-healthcare-service.tf‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-location.tf‎
Lines changed: 31 additions & 0 deletions b/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-location.tf‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-organization.tf‎
Lines changed: 73 additions & 0 deletions b/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-organization.tf‎
Lines changed: 73 additions & 0 deletions
diff --git a/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-status.tf‎
Lines changed: 24 additions & 0 deletions b/‎infrastructure/stacks/crud_apis/api-gateway-rest-resource-status.tf‎
Lines changed: 24 additions & 0 deletions
@@ -429,6 +429,68 @@ paths:
                           display: Resource does not exist
                       text: The requested organisation was not found
                     diagnostics: "Organisation with ODS code 'DEF456' not found"
+        '401':
+          description: Unauthorized - Invalid or missing authentication token
+          headers:
+            X-Correlation-ID:
+              schema:
+                type: string
+                example: 11C46F5F-CDEF-4865-94B2-0EE0EDCC26DA
+              description: The X-Correlation-ID from the request header, if supplied, mirrored
+                back.
+            X-Request-ID:
+              schema:
+                type: string
+                example: 11c46f5f-cdef-4865-94b2-0ee0edcc26da
+              description: The X-Request-ID from the request header, either generated or supplied, mirrored
+                back.
+          content:
+            application/fhir+json:
+              schema:
+                $ref: '#/components/schemas/OperationOutcome'
+              example:
+                resourceType: "OperationOutcome"
+                issue:
+                  - severity: "error"
+                    code: "security"
+                    details:
+                      coding:
+                        - system: "https://fhir.nhs.uk/R4/CodeSystem/Spine-ErrorOrWarningCode"
+                          version: "1"
+                          code: "UNAUTHORIZED"
+                          display: "Unauthorized"
+                    diagnostics: "Invalid or missing authentication token"
+        '403':
+          description: Forbidden - Insufficient permissions
+          headers:
+            X-Correlation-ID:
+              schema:
+                type: string
+                example: 11C46F5F-CDEF-4865-94B2-0EE0EDCC26DA
+              description: The X-Correlation-ID from the request header, if supplied, mirrored
+                back.
+            X-Request-ID:
+              schema:
+                type: string
+                example: 11c46f5f-cdef-4865-94b2-0ee0edcc26da
+              description: The X-Request-ID from the request header, either generated or supplied, mirrored
+                back.
+          content:
+            application/fhir+json:
+              schema:
+                $ref: '#/components/schemas/OperationOutcome'
+              example:
+                resourceType: "OperationOutcome"
+                issue:
+                  - severity: "error"
+                    code: "forbidden"
+                    details:
+                      coding:
+                        - system: "https://fhir.nhs.uk/R4/CodeSystem/Spine-ErrorOrWarningCode"
+                          version: "1"
+                          code: "FORBIDDEN"
+                          display: "Forbidden"
+                    diagnostics: "Insufficient permissions to access this resource"
         '422':
           description: Unprocessable Entity (e.g., ODS code validation failed)
           headers:
@@ -460,6 +522,37 @@ paths:
                           display: Parameter content is invalid
                       text: Validation failed for resource
                     diagnostics: "Validation failed for resource."
+        '429':
+          description: Too many requests - Rate limit exceeded
+          headers:
+            X-Correlation-ID:
+              schema:
+                type: string
+                example: 11C46F5F-CDEF-4865-94B2-0EE0EDCC26DA
+              description: The X-Correlation-ID from the request header, if supplied, mirrored
+                back.
+            X-Request-ID:
+              schema:
+                type: string
+                example: 11c46f5f-cdef-4865-94b2-0ee0edcc26da
+              description: The X-Request-ID from the request header, either generated or supplied, mirrored
+                back.
+          content:
+            application/fhir+json:
+              schema:
+                $ref: '#/components/schemas/OperationOutcome'
+              example:
+                resourceType: "OperationOutcome"
+                issue:
+                  - severity: "error"
+                    code: "throttled"
+                    details:
+                      coding:
+                        - system: "https://fhir.hl7.org.uk/CodeSystem/UKCore-SpineErrorOrWarningCode"
+                          version: "1.0.0"
+                          code: "SEND_TOO_MANY_REQUESTS"
+                          display: "Send too many requests"
+                    diagnostics: "Rate limit exceeded. Please retry after some time."
         '500':
           description: Internal server error
           headers:
 
@@ -22,9 +22,6 @@ crud_apis_store_bucket_name = "crud-api-store"
 s3_versioning               = false
 
 # API Gateway
-api_gateway_authorization_type         = "AWS_IAM"
-api_gateway_payload_format_version     = "2.0"
-api_gateway_integration_timeout        = 10000
 api_gateway_access_logs_retention_days = 7
 api_gateway_throttling_burst_limit     = 100
 api_gateway_throttling_rate_limit      = 10
@@ -46,7 +46,6 @@ resource "aws_api_gateway_method" "organization_get" {
   http_method          = "GET"
   authorization        = "NONE"
   api_key_required     = true
-  request_validator_id = aws_api_gateway_request_validator.validator.id
 
   request_parameters = {
     "method.request.querystring._lastUpdated" = false
 
@@ -0,0 +1,63 @@
+resource "aws_api_gateway_deployment" "deployment" {
+  depends_on = [
+    aws_api_gateway_integration.organization_get,
+    aws_api_gateway_integration.organization_post,
+    aws_api_gateway_integration.organization_proxy,
+    aws_api_gateway_integration.status,
+    aws_api_gateway_integration.healthcare_service_proxy,
+    aws_api_gateway_integration.location_proxy,
+    aws_api_gateway_gateway_response.default_gateway_response,
+  ]
+
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+
+  triggers = {
+    redeployment = sha1(jsonencode([
+      aws_api_gateway_resource.organization,
+      aws_api_gateway_resource.organization_proxy,
+      aws_api_gateway_resource.status,
+      aws_api_gateway_resource.healthcare_service,
+      aws_api_gateway_resource.healthcare_service_proxy,
+      aws_api_gateway_resource.location,
+      aws_api_gateway_resource.location_proxy,
+      aws_api_gateway_method.organization_get,
+      aws_api_gateway_method.organization_post,
+      aws_api_gateway_method.organization_proxy,
+      aws_api_gateway_method.status,
+      aws_api_gateway_method.healthcare_service_proxy,
+      aws_api_gateway_method.location_proxy,
+      aws_api_gateway_integration.organization_get,
+      aws_api_gateway_integration.organization_post,
+      aws_api_gateway_integration.organization_proxy,
+      aws_api_gateway_integration.status,
+      aws_api_gateway_integration.healthcare_service_proxy,
+      aws_api_gateway_integration.location_proxy,
+      aws_api_gateway_gateway_response.default_gateway_response,
+    ]))
+  }
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+resource "aws_api_gateway_method_settings" "all" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  stage_name  = aws_api_gateway_stage.default.stage_name
+  method_path = "*/*"
+
+  settings {
+    caching_enabled      = false
+    cache_data_encrypted = true
+    metrics_enabled      = true
+
+    logging_level      = "INFO"
+    data_trace_enabled = false
+
+    # Throttling defined at path (or endpoint) level
+    throttling_burst_limit = var.api_gateway_throttling_burst_limit
+    throttling_rate_limit  = var.api_gateway_throttling_rate_limit
+  }
+
+  depends_on = [aws_cloudwatch_log_group.api_gateway_log_group]
+}
@@ -0,0 +1,31 @@
+# Healthcare Service Resource
+resource "aws_api_gateway_resource" "healthcare_service" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_rest_api.api_gateway.root_resource_id
+  path_part   = "healthcare-service"
+}
+
+# Healthcare Service Proxy Resource (for any sub-paths)
+resource "aws_api_gateway_resource" "healthcare_service_proxy" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_resource.healthcare_service.id
+  path_part   = "{proxy+}"
+}
+
+# ANY /healthcare-service/{proxy+}
+resource "aws_api_gateway_method" "healthcare_service_proxy" {
+  # checkov:skip=CKV_AWS_59: False positive; all the endpoints will be authenticated via mTLS
+  rest_api_id   = aws_api_gateway_rest_api.api_gateway.id
+  resource_id   = aws_api_gateway_resource.healthcare_service_proxy.id
+  http_method   = "ANY"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "healthcare_service_proxy" {
+  rest_api_id             = aws_api_gateway_rest_api.api_gateway.id
+  resource_id             = aws_api_gateway_resource.healthcare_service_proxy.id
+  http_method             = aws_api_gateway_method.healthcare_service_proxy.http_method
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = module.healthcare_service_api_lambda.lambda_function_invoke_arn
+}
@@ -0,0 +1,31 @@
+# Location Resource
+resource "aws_api_gateway_resource" "location" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_rest_api.api_gateway.root_resource_id
+  path_part   = "location"
+}
+
+# Location Proxy Resource (for any sub-paths)
+resource "aws_api_gateway_resource" "location_proxy" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_resource.location.id
+  path_part   = "{proxy+}"
+}
+
+# ANY /location/{proxy+}
+resource "aws_api_gateway_method" "location_proxy" {
+  # checkov:skip=CKV_AWS_59: False positive; all the endpoints will be authenticated via mTLS
+  rest_api_id   = aws_api_gateway_rest_api.api_gateway.id
+  resource_id   = aws_api_gateway_resource.location_proxy.id
+  http_method   = "ANY"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "location_proxy" {
+  rest_api_id             = aws_api_gateway_rest_api.api_gateway.id
+  resource_id             = aws_api_gateway_resource.location_proxy.id
+  http_method             = aws_api_gateway_method.location_proxy.http_method
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = module.location_api_lambda.lambda_function_invoke_arn
+}
@@ -0,0 +1,73 @@
+# Organization Resource
+resource "aws_api_gateway_resource" "organization" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_rest_api.api_gateway.root_resource_id
+  path_part   = "Organization"
+}
+
+# GET /Organization
+resource "aws_api_gateway_method" "organization_get" {
+  # checkov:skip=CKV_AWS_59: False positive; all the endpoints will be authenticated via mTLS
+  rest_api_id   = aws_api_gateway_rest_api.api_gateway.id
+  resource_id   = aws_api_gateway_resource.organization.id
+  http_method   = "GET"
+  authorization = "NONE"
+
+  request_validator_id = aws_api_gateway_request_validator.validator.id
+}
+
+resource "aws_api_gateway_integration" "organization_get" {
+  rest_api_id             = aws_api_gateway_rest_api.api_gateway.id
+  resource_id             = aws_api_gateway_resource.organization.id
+  http_method             = aws_api_gateway_method.organization_get.http_method
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = module.organisation_api_lambda.lambda_function_invoke_arn
+}
+
+# POST /Organization
+resource "aws_api_gateway_method" "organization_post" {
+  # checkov:skip=CKV_AWS_59: False positive; all the endpoints will be authenticated via mTLS
+  rest_api_id   = aws_api_gateway_rest_api.api_gateway.id
+  resource_id   = aws_api_gateway_resource.organization.id
+  http_method   = "POST"
+  authorization = "NONE"
+
+  request_validator_id = aws_api_gateway_request_validator.validator.id
+}
+
+resource "aws_api_gateway_integration" "organization_post" {
+  rest_api_id             = aws_api_gateway_rest_api.api_gateway.id
+  resource_id             = aws_api_gateway_resource.organization.id
+  http_method             = aws_api_gateway_method.organization_post.http_method
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = module.organisation_api_lambda.lambda_function_invoke_arn
+}
+
+# Organization Proxy Resource (for any sub-paths)
+resource "aws_api_gateway_resource" "organization_proxy" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_resource.organization.id
+  path_part   = "{proxy+}"
+}
+
+# ANY /Organization/{proxy+}
+resource "aws_api_gateway_method" "organization_proxy" {
+  # checkov:skip=CKV_AWS_59: False positive; all the endpoints will be authenticated via mTLS
+  rest_api_id   = aws_api_gateway_rest_api.api_gateway.id
+  resource_id   = aws_api_gateway_resource.organization_proxy.id
+  http_method   = "ANY"
+  authorization = "NONE"
+
+  request_validator_id = aws_api_gateway_request_validator.validator.id
+}
+
+resource "aws_api_gateway_integration" "organization_proxy" {
+  rest_api_id             = aws_api_gateway_rest_api.api_gateway.id
+  resource_id             = aws_api_gateway_resource.organization_proxy.id
+  http_method             = aws_api_gateway_method.organization_proxy.http_method
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = module.organisation_api_lambda.lambda_function_invoke_arn
+}
@@ -0,0 +1,24 @@
+# Status Resource
+resource "aws_api_gateway_resource" "status" {
+  rest_api_id = aws_api_gateway_rest_api.api_gateway.id
+  parent_id   = aws_api_gateway_rest_api.api_gateway.root_resource_id
+  path_part   = "_status"
+}
+
+# GET /_status
+resource "aws_api_gateway_method" "status" {
+  # checkov:skip=CKV_AWS_59: False positive; all the endpoints will be authenticated via mTLS
+  rest_api_id   = aws_api_gateway_rest_api.api_gateway.id
+  resource_id   = aws_api_gateway_resource.status.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "status" {
+  rest_api_id             = aws_api_gateway_rest_api.api_gateway.id
+  resource_id             = aws_api_gateway_resource.status.id
+  http_method             = aws_api_gateway_method.status.http_method
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = module.organisation_api_lambda.lambda_function_invoke_arn
+}