@@ -80,6 +80,69 @@ func ResourceHealthcareFhirStore() *schema.Resource {
8080 ValidateFunc : verify .ValidateEnum ([]string {"COMPLEX_DATA_TYPE_REFERENCE_PARSING_UNSPECIFIED" , "DISABLED" , "ENABLED" , "" }),
8181 Description : `Enable parsing of references within complex FHIR data types such as Extensions. If this value is set to ENABLED, then features like referential integrity and Bundle reference rewriting apply to all references. If this flag has not been specified the behavior of the FHIR store will not change, references in complex data types will not be parsed. New stores will have this value set to ENABLED by default after a notification period. Warning: turning on this flag causes processing existing resources to fail if they contain references to non-existent resources. Possible values: ["COMPLEX_DATA_TYPE_REFERENCE_PARSING_UNSPECIFIED", "DISABLED", "ENABLED"]` ,
8282 },
83+ "consent_config" : {
84+ Type : schema .TypeList ,
85+ Optional : true ,
86+ Description : `Specifies whether this store has consent enforcement. Not available for DSTU2 FHIR version due to absence of Consent resources. Not supported for R5 FHIR version.` ,
87+ MaxItems : 1 ,
88+ Elem : & schema.Resource {
89+ Schema : map [string ]* schema.Schema {
90+ "version" : {
91+ Type : schema .TypeString ,
92+ Required : true ,
93+ ValidateFunc : verify .ValidateEnum ([]string {"CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED" , "V1" }),
94+ Description : `Specifies which consent enforcement version is being used for this FHIR store. This field can only be set once by either [fhirStores.create][] or [fhirStores.patch][]. After that, you must call [fhirStores.applyConsents][] to change the version. Possible values: ["CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED", "V1"]` ,
95+ },
96+ "access_determination_log_config" : {
97+ Type : schema .TypeList ,
98+ Optional : true ,
99+ Description : `Specifies how the server logs the consent-aware requests. If not specified, the AccessDeterminationLogConfig.LogLevel.MINIMUM option is used.` ,
100+ MaxItems : 1 ,
101+ Elem : & schema.Resource {
102+ Schema : map [string ]* schema.Schema {
103+ "log_level" : {
104+ Type : schema .TypeString ,
105+ Optional : true ,
106+ ValidateFunc : verify .ValidateEnum ([]string {"LOG_LEVEL_UNSPECIFIED" , "DISABLED" , "MINIMUM" , "VERBOSE" , "" }),
107+ Description : `Controls the amount of detail to include as part of the audit logs. Default value: "MINIMUM" Possible values: ["LOG_LEVEL_UNSPECIFIED", "DISABLED", "MINIMUM", "VERBOSE"]` ,
108+ Default : "MINIMUM" ,
109+ },
110+ },
111+ },
112+ },
113+ "access_enforced" : {
114+ Type : schema .TypeBool ,
115+ Optional : true ,
116+ Description : `The default value is false. If set to true, when accessing FHIR resources, the consent headers will be verified against consents given by patients. See the ConsentEnforcementVersion for the supported consent headers.` ,
117+ },
118+ "consent_header_handling" : {
119+ Type : schema .TypeList ,
120+ Optional : true ,
121+ Description : `Different options to configure the behaviour of the server when handling the X-Consent-Scope header.` ,
122+ MaxItems : 1 ,
123+ Elem : & schema.Resource {
124+ Schema : map [string ]* schema.Schema {
125+ "profile" : {
126+ Type : schema .TypeString ,
127+ Optional : true ,
128+ ValidateFunc : verify .ValidateEnum ([]string {"SCOPE_PROFILE_UNSPECIFIED" , "PERMIT_EMPTY_SCOPE" , "REQUIRED_ON_READ" , "" }),
129+ Description : `Specifies the default server behavior when the header is empty. If not specified, the ScopeProfile.PERMIT_EMPTY_SCOPE option is used. Default value: "PERMIT_EMPTY_SCOPE" Possible values: ["SCOPE_PROFILE_UNSPECIFIED", "PERMIT_EMPTY_SCOPE", "REQUIRED_ON_READ"]` ,
130+ Default : "PERMIT_EMPTY_SCOPE" ,
131+ },
132+ },
133+ },
134+ },
135+ "enforced_admin_consents" : {
136+ Type : schema .TypeList ,
137+ Computed : true ,
138+ Description : `The versioned names of the enforced admin Consent resource(s), in the format projects/{projectId}/locations/{location}/datasets/{datasetId}/fhirStores/{fhirStoreId}/fhir/Consent/{resourceId}/_history/{version_id}. For FHIR stores with disableResourceVersioning=true, the format is projects/{projectId}/locations/{location}/datasets/{datasetId}/fhirStores/{fhirStoreId}/fhir/Consent/{resourceId}. This field can only be updated using [fhirStores.applyAdminConsents][].` ,
139+ Elem : & schema.Schema {
140+ Type : schema .TypeString ,
141+ },
142+ },
143+ },
144+ },
145+ },
83146 "default_search_handling_strict" : {
84147 Type : schema .TypeBool ,
85148 Optional : true ,
@@ -363,6 +426,12 @@ func resourceHealthcareFhirStoreCreate(d *schema.ResourceData, meta interface{})
363426 } else if v , ok := d .GetOkExists ("version" ); ! tpgresource .IsEmptyValue (reflect .ValueOf (versionProp )) && (ok || ! reflect .DeepEqual (v , versionProp )) {
364427 obj ["version" ] = versionProp
365428 }
429+ consentConfigProp , err := expandHealthcareFhirStoreConsentConfig (d .Get ("consent_config" ), d , config )
430+ if err != nil {
431+ return err
432+ } else if v , ok := d .GetOkExists ("consent_config" ); ! tpgresource .IsEmptyValue (reflect .ValueOf (consentConfigProp )) && (ok || ! reflect .DeepEqual (v , consentConfigProp )) {
433+ obj ["consentConfig" ] = consentConfigProp
434+ }
366435 complexDataTypeReferenceParsingProp , err := expandHealthcareFhirStoreComplexDataTypeReferenceParsing (d .Get ("complex_data_type_reference_parsing" ), d , config )
367436 if err != nil {
368437 return err
@@ -520,6 +589,9 @@ func resourceHealthcareFhirStoreRead(d *schema.ResourceData, meta interface{}) e
520589 if err := d .Set ("version" , flattenHealthcareFhirStoreVersion (res ["version" ], d , config )); err != nil {
521590 return fmt .Errorf ("Error reading FhirStore: %s" , err )
522591 }
592+ if err := d .Set ("consent_config" , flattenHealthcareFhirStoreConsentConfig (res ["consentConfig" ], d , config )); err != nil {
593+ return fmt .Errorf ("Error reading FhirStore: %s" , err )
594+ }
523595 if err := d .Set ("complex_data_type_reference_parsing" , flattenHealthcareFhirStoreComplexDataTypeReferenceParsing (res ["complexDataTypeReferenceParsing" ], d , config )); err != nil {
524596 return fmt .Errorf ("Error reading FhirStore: %s" , err )
525597 }
@@ -573,6 +645,12 @@ func resourceHealthcareFhirStoreUpdate(d *schema.ResourceData, meta interface{})
573645 billingProject := ""
574646
575647 obj := make (map [string ]interface {})
648+ consentConfigProp , err := expandHealthcareFhirStoreConsentConfig (d .Get ("consent_config" ), d , config )
649+ if err != nil {
650+ return err
651+ } else if v , ok := d .GetOkExists ("consent_config" ); ! tpgresource .IsEmptyValue (reflect .ValueOf (v )) && (ok || ! reflect .DeepEqual (v , consentConfigProp )) {
652+ obj ["consentConfig" ] = consentConfigProp
653+ }
576654 complexDataTypeReferenceParsingProp , err := expandHealthcareFhirStoreComplexDataTypeReferenceParsing (d .Get ("complex_data_type_reference_parsing" ), d , config )
577655 if err != nil {
578656 return err
@@ -631,6 +709,10 @@ func resourceHealthcareFhirStoreUpdate(d *schema.ResourceData, meta interface{})
631709 headers := make (http.Header )
632710 updateMask := []string {}
633711
712+ if d .HasChange ("consent_config" ) {
713+ updateMask = append (updateMask , "consentConfig" )
714+ }
715+
634716 if d .HasChange ("complex_data_type_reference_parsing" ) {
635717 updateMask = append (updateMask , "complexDataTypeReferenceParsing" )
636718 }
@@ -767,6 +849,73 @@ func flattenHealthcareFhirStoreVersion(v interface{}, d *schema.ResourceData, co
767849 return v
768850}
769851
852+ func flattenHealthcareFhirStoreConsentConfig (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
853+ if v == nil {
854+ return nil
855+ }
856+ original := v .(map [string ]interface {})
857+ if len (original ) == 0 {
858+ return nil
859+ }
860+ transformed := make (map [string ]interface {})
861+ transformed ["version" ] =
862+ flattenHealthcareFhirStoreConsentConfigVersion (original ["version" ], d , config )
863+ transformed ["access_enforced" ] =
864+ flattenHealthcareFhirStoreConsentConfigAccessEnforced (original ["accessEnforced" ], d , config )
865+ transformed ["consent_header_handling" ] =
866+ flattenHealthcareFhirStoreConsentConfigConsentHeaderHandling (original ["consentHeaderHandling" ], d , config )
867+ transformed ["access_determination_log_config" ] =
868+ flattenHealthcareFhirStoreConsentConfigAccessDeterminationLogConfig (original ["accessDeterminationLogConfig" ], d , config )
869+ transformed ["enforced_admin_consents" ] =
870+ flattenHealthcareFhirStoreConsentConfigEnforcedAdminConsents (original ["enforcedAdminConsents" ], d , config )
871+ return []interface {}{transformed }
872+ }
873+ func flattenHealthcareFhirStoreConsentConfigVersion (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
874+ return v
875+ }
876+
877+ func flattenHealthcareFhirStoreConsentConfigAccessEnforced (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
878+ return v
879+ }
880+
881+ func flattenHealthcareFhirStoreConsentConfigConsentHeaderHandling (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
882+ if v == nil {
883+ return nil
884+ }
885+ original := v .(map [string ]interface {})
886+ if len (original ) == 0 {
887+ return nil
888+ }
889+ transformed := make (map [string ]interface {})
890+ transformed ["profile" ] =
891+ flattenHealthcareFhirStoreConsentConfigConsentHeaderHandlingProfile (original ["profile" ], d , config )
892+ return []interface {}{transformed }
893+ }
894+ func flattenHealthcareFhirStoreConsentConfigConsentHeaderHandlingProfile (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
895+ return v
896+ }
897+
898+ func flattenHealthcareFhirStoreConsentConfigAccessDeterminationLogConfig (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
899+ if v == nil {
900+ return nil
901+ }
902+ original := v .(map [string ]interface {})
903+ if len (original ) == 0 {
904+ return nil
905+ }
906+ transformed := make (map [string ]interface {})
907+ transformed ["log_level" ] =
908+ flattenHealthcareFhirStoreConsentConfigAccessDeterminationLogConfigLogLevel (original ["logLevel" ], d , config )
909+ return []interface {}{transformed }
910+ }
911+ func flattenHealthcareFhirStoreConsentConfigAccessDeterminationLogConfigLogLevel (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
912+ return v
913+ }
914+
915+ func flattenHealthcareFhirStoreConsentConfigEnforcedAdminConsents (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
916+ return v
917+ }
918+
770919func flattenHealthcareFhirStoreComplexDataTypeReferenceParsing (v interface {}, d * schema.ResourceData , config * transport_tpg.Config ) interface {} {
771920 return v
772921}
@@ -989,6 +1138,111 @@ func expandHealthcareFhirStoreVersion(v interface{}, d tpgresource.TerraformReso
9891138 return v , nil
9901139}
9911140
1141+ func expandHealthcareFhirStoreConsentConfig (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1142+ l := v .([]interface {})
1143+ if len (l ) == 0 || l [0 ] == nil {
1144+ return nil , nil
1145+ }
1146+ raw := l [0 ]
1147+ original := raw .(map [string ]interface {})
1148+ transformed := make (map [string ]interface {})
1149+
1150+ transformedVersion , err := expandHealthcareFhirStoreConsentConfigVersion (original ["version" ], d , config )
1151+ if err != nil {
1152+ return nil , err
1153+ } else if val := reflect .ValueOf (transformedVersion ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1154+ transformed ["version" ] = transformedVersion
1155+ }
1156+
1157+ transformedAccessEnforced , err := expandHealthcareFhirStoreConsentConfigAccessEnforced (original ["access_enforced" ], d , config )
1158+ if err != nil {
1159+ return nil , err
1160+ } else if val := reflect .ValueOf (transformedAccessEnforced ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1161+ transformed ["accessEnforced" ] = transformedAccessEnforced
1162+ }
1163+
1164+ transformedConsentHeaderHandling , err := expandHealthcareFhirStoreConsentConfigConsentHeaderHandling (original ["consent_header_handling" ], d , config )
1165+ if err != nil {
1166+ return nil , err
1167+ } else if val := reflect .ValueOf (transformedConsentHeaderHandling ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1168+ transformed ["consentHeaderHandling" ] = transformedConsentHeaderHandling
1169+ }
1170+
1171+ transformedAccessDeterminationLogConfig , err := expandHealthcareFhirStoreConsentConfigAccessDeterminationLogConfig (original ["access_determination_log_config" ], d , config )
1172+ if err != nil {
1173+ return nil , err
1174+ } else if val := reflect .ValueOf (transformedAccessDeterminationLogConfig ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1175+ transformed ["accessDeterminationLogConfig" ] = transformedAccessDeterminationLogConfig
1176+ }
1177+
1178+ transformedEnforcedAdminConsents , err := expandHealthcareFhirStoreConsentConfigEnforcedAdminConsents (original ["enforced_admin_consents" ], d , config )
1179+ if err != nil {
1180+ return nil , err
1181+ } else if val := reflect .ValueOf (transformedEnforcedAdminConsents ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1182+ transformed ["enforcedAdminConsents" ] = transformedEnforcedAdminConsents
1183+ }
1184+
1185+ return transformed , nil
1186+ }
1187+
1188+ func expandHealthcareFhirStoreConsentConfigVersion (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1189+ return v , nil
1190+ }
1191+
1192+ func expandHealthcareFhirStoreConsentConfigAccessEnforced (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1193+ return v , nil
1194+ }
1195+
1196+ func expandHealthcareFhirStoreConsentConfigConsentHeaderHandling (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1197+ l := v .([]interface {})
1198+ if len (l ) == 0 || l [0 ] == nil {
1199+ return nil , nil
1200+ }
1201+ raw := l [0 ]
1202+ original := raw .(map [string ]interface {})
1203+ transformed := make (map [string ]interface {})
1204+
1205+ transformedProfile , err := expandHealthcareFhirStoreConsentConfigConsentHeaderHandlingProfile (original ["profile" ], d , config )
1206+ if err != nil {
1207+ return nil , err
1208+ } else if val := reflect .ValueOf (transformedProfile ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1209+ transformed ["profile" ] = transformedProfile
1210+ }
1211+
1212+ return transformed , nil
1213+ }
1214+
1215+ func expandHealthcareFhirStoreConsentConfigConsentHeaderHandlingProfile (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1216+ return v , nil
1217+ }
1218+
1219+ func expandHealthcareFhirStoreConsentConfigAccessDeterminationLogConfig (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1220+ l := v .([]interface {})
1221+ if len (l ) == 0 || l [0 ] == nil {
1222+ return nil , nil
1223+ }
1224+ raw := l [0 ]
1225+ original := raw .(map [string ]interface {})
1226+ transformed := make (map [string ]interface {})
1227+
1228+ transformedLogLevel , err := expandHealthcareFhirStoreConsentConfigAccessDeterminationLogConfigLogLevel (original ["log_level" ], d , config )
1229+ if err != nil {
1230+ return nil , err
1231+ } else if val := reflect .ValueOf (transformedLogLevel ); val .IsValid () && ! tpgresource .IsEmptyValue (val ) {
1232+ transformed ["logLevel" ] = transformedLogLevel
1233+ }
1234+
1235+ return transformed , nil
1236+ }
1237+
1238+ func expandHealthcareFhirStoreConsentConfigAccessDeterminationLogConfigLogLevel (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1239+ return v , nil
1240+ }
1241+
1242+ func expandHealthcareFhirStoreConsentConfigEnforcedAdminConsents (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
1243+ return v , nil
1244+ }
1245+
9921246func expandHealthcareFhirStoreComplexDataTypeReferenceParsing (v interface {}, d tpgresource.TerraformResourceData , config * transport_tpg.Config ) (interface {}, error ) {
9931247 return v , nil
9941248}
0 commit comments