v4.2.0

Features

• add support for FHIR Subscriptions (#573) (3e5fe2c), closes #533 #543 #555 #554 #558 #557 #559 #569 #567 #572 #574 #575 #570 #577 #576 #578 #579 #582

  Check out our Subscriptions documentation for more details.

• add permissions to BackupRole to allow restore operations (#556) (34788fb)

• search: add extension.valueReference to search mappings (#162) (7fd7057)

Bug Fixes

• add deletion policy to KMS keys (#540) (9991809)
• routing: Use application/fhir+json as default content-type (#147) (0fd1afb)
• routing: fix content type for .well-known/smart-configuration (#160) (9074b41)
• search: allow revinclude to return more than 10 resources (#164) (b1e3a1a)
• search: chain parameters should inspect conditions to narrow down possible target types (#168) (bc805cb)

fhir-works-on-aws components detailed diff

• fhir-works-on-aws-persistence-ddb v3.9.0 -> v3.10.1
• fhir-works-on-aws-routing v6.3.0 -> v6.4.1
• fhir-works-on-aws-search-es v3.9.2 -> v3.11.0

v2.4.0-smart

Features

• add support for FHIR subscriptions (#585) (3ed101b), closes #579 #582

  Check out our Subscriptions documentation for more details.

• search: add extension.valueReference to search mappings (#162) (7fd7057)

Bug Fixes

• routing: Use application/fhir+json as default content-type (#147) (0fd1afb)
• routing: fix content type for .well-known/smart-configuration (#160) (9074b41)
• search: allow revinclude to return more than 10 resources (#164) (b1e3a1a)
• search: chain parameters should inspect conditions to narrow down possible target types (#168) (bc805cb)

fhir-works-on-aws components detailed diff

• fhir-works-on-aws-persistence-ddb v3.9.0 -> v3.10.1
• fhir-works-on-aws-routing v6.3.0 -> v6.4.1
• fhir-works-on-aws-search-es v3.9.2 -> v3.11.0

v4.1.0

4.1.0 (2021-12-13)

Features

• add custom resource to update search mappings (#474) (e941aa7)
• add jobOwnerId as metadata on export results (#491) (80a5cac)
• add transitive reference to group export (#475) (3c4c57e)
• allow async creation of FhirConfig (#464) (248356f)
• bump search version to 3.9.2 (#520) (401e97d)
• enable id only searching for reference types (#424) (4998d7d)
• update ES to 7.10 and utilize Graviton instances for EC2 clusters (#430) (3a55bf3)
• Wire SNS topic to Ok & AlarmActions from cloudwatch alarms (#447) (50871c5)

Bug Fixes

• Add server side encryption to the AuditLogsBucket (#418) (016876d)
• Add SNS encryption for FhirWorksAlarm (#462) (9809087)
• bulk export script (#482) (caaf57d)
• fix bouncing results issue (#502) (7e3eff6)
• Fix CloudWatch LogGroup name for auditLogMover (#503) (be8bbf6)
• Fix Implentation guide integration test (#467) (421f1db)
• give Glue IAM Role access to KMS keys (#450) (2bf0b76)
• glue export security name not unique (#514) (bafcaf4)
• group export with group last updated before _since (#437) (1499b52)
• handle when failures happen in bulk export (#452) (6a8381c)
• Patient compartment array inclusion in group export (#455) (b2c9fee)
• update ElasticSearch type to have more region support (#484) (ca8e5ce)
• use correct content-type on s3 export results (#496) (196ecde)

Security Fixes

• bump log4j-core from 2.13.2 to 2.15.0 in /javaHapiValidatorLambda

v2.3.0-smart

2.3.0-smart (2021-12-13)

Features

• add jobOwnerId as metadata on export results (#493) (8a49209)
• add transitive reference to group export (#475) (#480) (1c1aab0)
• allow async creation of FhirConfig (#465) (c88e559)
• bump search version to 3.9.2 (#524) (2e3ee80), closes #520
• Chained parameter, ES logging, SQS encryption (#510) (5a30027), closes #504 #500
• Merge in changes from mainline (#478) (d975e7b), closes #441

Bug Fixes

• fix bouncing results issue (#502) (#507) (8e45219)
• Fix CloudWatch LogGroup name for auditLogMover (#503) (#506) (1343aad)
• Fix Implentation guide integration test (#467) (#471) (cabf73d)
• group export (#460) (4d86104)
• update ElasticSearch type to have more region support (#488) (a11989c)
• use correct content-type on s3 export results (#497) (a65f6ec)

Security Fixes

• bump log4j-core from 2.13.2 to 2.15.0 in /javaHapiValidatorLambda

v4.0.0-Solution

[4.0.0] - 2021-11-22

The following changes are published to AWS Solution FHIR Works on AWS.

BREAKING CHANGES

• The Cognito IdToken is now used instead of the AccessToken to authorize requests.

  • Multi-tenancy itself is not a breaking change, you can continue to use FHIR works on single-tenant mode
    by setting the enableMultiTenancy to false.

  • However, note that updating an existing (single-tenant) stack to enable multi-tenancy is a breaking change. Multi-tenant
    deployments use a different data partitioning strategy that renders the old, single-tenant, data inaccessible.

• FWoA now reads/writes Elasticsearch documents from aliases instead of indexes. This change simplifies performing re-indexing operations without downtime.
  Aliases are automatically created when resources are written to Elasticsearch, but read operations may fail for existing deployments if the aliases do not exist already.

• Please send 1 update/create request on each resource type existed already to get the aliases created.

Features

• Implement multi-tenancy and group export

  • Multi-tenancy allows a single fhir-works-on-aws stack to serve as multiple FHIR servers for different tenants.
    Check out our multi-tenancy documentation for more details.

• Use alias for all ES operations

• interface: add logging framework

• routing: Support POST based search

• search: Support number and quantity search syntax

• search: Allow repeated search parameters a.k.a AND search parameters

• search: Allow sorting by date type parameters

• search: Support searching on Period type fields with date type params

• Add DLQ for ddbToEs sync failures

• Search now supports | as part of token parameters. e.g. GET [base]/Patient?identifier=http://acme.org/patient|2345

• Search now supports using range prefixes for date parameters. e.g. GET [base]/Patient?birthdate=ge2013-03-14

• The capability statement returned by /metadata now includes the detail of all search parameters supported

• Add support for the standard FHIR search parameters. Each FHIR resource type defines its own set of search parameters. i.e the search parameters for Patient can be found here

• Search requests using invalid search parameters now return an error instead of an empty result set

• /metadata route in API GW so requests for that route doesn't need to be Authenticated/Authorized

• Support for fhir-works-on-aws-interface version 4.0.0

• Change config to support new interface. auth.strategy.oauth changed to auth.strategy.oauthPolicy

  • authorizationUrl changed to authorizationEndpoint
  • tokenUrl changed to tokenEndpoint

• Support for fhir-works-on-aws-authz-rbac version 4.0.0

• Support for fhir-works-on-aws-routing version 3.0.0

• Change non-inclusive terminology in serverless.yaml description

• Support "System Level" export of DB data

Bug Fixes

• change output file type
• dependency vulnerability
• pin IG download
• Allow running sls offline with Hapi Validator
• typo for passing in custom log level
• persistence: meta field was missing from update response even though it was persisted properly
• persistence: Improve error logging when sync from ddb to ElasticSearch fails
• search: Token search params were matching additional documents
• Suppress deprecation warning when writing to Info_Output.yml during installation
• Fixed a bug where the meta field was being overwritten. This allows to properly store meta fields such as meta.security, meta.profile, etc.

v2.2.0-smart

Features

• implement multi-tenancy and group export (#421) (5335807), closes #367 #382 #389 #397 #398 #400 #387 #393

  Multi-tenancy allows a single fhir-works-on-aws stack to serve as multiple FHIR servers for different tenants.
  Check out our multi-tenancy documentation for more details.

  NOTE: Multi-tenancy itself is not a breaking change, you can continue to use FHIR works on single-tenant mode
  by not using the enableMultiTenancy flag.
  However, note that updating an existing (single-tenant) stack to enable multi-tenancy is a breaking change. Multi-tenant
  deployments use a different data partitioning strategy that renders the old, single-tenant, data inaccessible.

v4.0.0

Features

• Implement multi-tenancy and group export (#416) (a9aebcc), closes #348 #347 #367 #381 #387 #384 #389 #392 #397 #393 #398 #399 #400

  Multi-tenancy allows a single fhir-works-on-aws stack to serve as multiple FHIR servers for different tenants.
  Check out our multi-tenancy documentation for more details.

⚠ BREAKING CHANGES

• The Cognito IdToken is now used instead of the AccessToken to authorize requests.

Multi-tenancy itself is not a breaking change, you can continue to use FHIR works on single-tenant mode
by not using the enableMultiTenancy flag.

However, note that updating an existing (single-tenant) stack to enable multi-tenancy is a breaking change. Multi-tenant
deployments use a different data partitioning strategy that renders the old, single-tenant, data inaccessible.

v3.1.0

Features

• update dependencies (#411) (57a7266)
  • persistence-ddb 3.6.1
    • Use bulk ES API for sync with DynamoDB
  • search-es 3.2.1
    • Handle uris correctly, support OR search parameter
  • routing 5.4.4
  • interface 9.1.0

Bug Fixes

• change output file type from yaml to log (#396) (9aba394)
• pin IG download to STU 3.1.1 (#372) (8bfd467)

v2.1.0-smart

Update dependencies

• authz-smart 2.1.1
  • Ability to use token introspection instead of jwt verification
• persistence-ddb 3.6.1
  • Use bulk ES API for sync with DynamoDB
• search-es 3.2.1
  • Handle uris correctly, support OR search parameter
• routing 5.4.4
• interface 9.1.0

v2.0.0-smart

⚠ BREAKING CHANGES

• FWoA now reads/writes Elasticsearch documents from aliases instead of indexes. This change simplifies performing re-indexing operations without downtime. Aliases are automatically created when resources are written to Elasticsearch, but read operations may fail for existing deployments if the aliases do not exist already.
• Please run the addAlias script created in this PR BEFORE upgrading to 3.0.0 to create aliases for all existing indices

Features

• Use alias for all ES operations (#349) (0f512c2)
• interface: Add logging framework (#310)
• routing: Add $docref implementation (#332)
• routing: Support POST based search (#70) (0c29a2d)
• search: Support number and quantity search syntax (#58) (ac5ca42). e.g. GET [base]/Observation?value-quantity=le5.4|http://unitsofmeasure.org|mg
• search: Allow repeated search parameters a.k.a AND search parameters (#62) (68f2173). e.g. GET [base]/Patient?language=FR&language=EN matches patients who speak English AND French.
• search: Allow sorting by date type parameters (#60) (a7d9bf0)
• search: Support searching on Period type fields with date type params (#61) (d36e3af)
• search: Supports | as part of token parameters. e.g. GET [base]/Patient?identifier=http://acme.org/patient|2345
  Note: the | MUST be url encoded e.g. GET [base]/Patient?identifier=http://acme.org/patient%7C2345
• search: Supports using range prefixes for date parameters e.g. GET [base]/Patient?birthdate=ge2013-03-14 and searching for partial dates e.g. GET [base]/Patient?birthdate=2013
• Add DLQ for ddbToEs sync failures (#295) (eb7f51c)
• authz-smart: allow the use of system scopes (#365)

Bug Fixes

• persistence: meta field was missing from update response even though it was persisted properly (#65) (a2b5206)
• persistence: Improve error logging when sync from ddb to ElasticSearch fails (#68) (5774b34)
• search: Token search params were matching additional documents (#65) (046238a)
• Suppress deprecation warning when writing to Info_Output.yml during installation (#294) (462e146)
• Allow running sls offline with Hapi Validator (#343) (8b98da9)

fhir-works-on-aws components detailed diff

• fhir-works-on-aws-interface v8.1.0 -> v9.0.0
• fhir-works-on-aws-persistence-ddb v3.3.0 -> v3.5.0
• fhir-works-on-aws-routing v5.1.1 -> v5.4.1
• fhir-works-on-aws-search-es v2.2.0 -> v3.0.1
• fhir-works-on-aws-authz-smart v1.0.0 -> v2.0.0