This repo provides sample architecture and sample implementation on how to deploy Azure Health Data Services securely on Azure and integrate with various Azure services.
-
There is an accompanying AHDS architecture guide under Azure Architecture Center. Please review the same before proceeding with the deployment.
-
Clone the repo
git clone https://github.com/Azure/ahds-reference-architecture
-
Optionally open the cloned repo folder in Visual Studio Code to review all the "parameters-*" files under three folders (01-Network-Hub, 02-Network-LZ & 03-AHDS) to review the values and change as needed per your environment.
-
For example under 01-Network-Hub folder you have following three "parameters-*" files, make sure to review and update them as needed.
- parameters-deploy-vm.json
- parameters-main.json
- parameters-updateUDR.json
-
By default the script will auto generate a self-signed certificate for the domain name and will upload it to KeyVault. If you already have a certificate, you can upload it to folder 03-ADHS/modules/vnet/certs/ with the name appgw.pfx and update the parameter appGatewayCertType to custom at 03-ADHS/parameters-main.json accordingly.
-
-
Using Visual Studio Code review and change "deployment.sh" file under "Scenarios/Baseline/bicep" folder. For example, change Names and Azure Region as needed.
-
Make sure you login to Azure
az login
-
To start the deployment execute the deployment.sh file from terminal. Or deployment.azcli can be opened in Visual Studio Code and executed line by line as well.
./Scenarios/Baseline/bicep/deployment.sh
-
Make sure to update the DNS record for the domain name to point to the public IP address of the Application Gateway. You can find the public IP address of the Application Gateway from the output of the deployment script or from Azure Portal.
Once the architecture deployed successfully you can test the solution for individual (single file) FHIR message flow using Postman.
- Visit another page and follow the instructions for setting up Postman
- Make API calls to test FHIR service using Postman
To begin, CTRL+click (Windows or Linux) or CMD+click (Mac) on the link below to open a Postman tutorial in a new browser tab.
- Please note that the fhirurl should be https://{yourdomainname}/fhir and the resource url should be the FHIR service endpoint as in the document.
- You also need to additionally set the APIM subscription key in the header. You can find the APIM subscription key from the Subscriptions blade of the deployed APIM instance. You can use the Built-in all-access subscription key for testing purpose. Set this subscription key as a header with key Ocp-Apim-Subscription-Key in Postman.
To test bulk upload functionality, you can use the sample data provided in the workshop.
- Grant the Postman service client app created for the previous testing, Storage Blob Data Contributor role on the storage account.
- Import the storage environment file from the here and the collection from here into Postman.
- Update the environment variables with the values used for the previous testing for the client app.
- The resource parameter should be the url of the storage account, for example https://eslzxxxxx.blob.core.windows.net
- The storageurl parameters should be the domain name for application gateway, for example https://{yourdomainname}
- Run the AuthorizeGetToken api first to retrieve the bearer token
- Upload the file by selecting the Body tab in Postman for the Put Blob request, select binary in the radio list and select the good_bundles.zip file to upload.
- Review and make necessary changes to the cleanup.sh file under "Scenarios/Baseline/bicep" folder. For example, change resource group names, API Management name and Azure deployment names as needed.
- To delete all the resources execute the cleanup.sh file under "Scenarios/Baseline/bicep" folder
./Scenarios/Baseline/bicep/cleanup.sh