This module handles opinionated Google Cloud Platform Healthcare datasets and stores.
Basic usage of this module is as follows:
module "healthcare" {
source = "terraform-google-modules/healthcare/google"
version = "~> 2.4"
project = "<PROJECT_ID>"
name = "example-dataset"
location = "us-central1"
dicom_stores = [{
name = "example-dicom-store"
iam_members = [
{ role = "roles/healthcare.dicomEditor", member = "user:[email protected]" }
]
}]
fhir_stores = [{
name = "example-fhir-store"
version = "R4"
notification_config = {
pubsub_topic = "projects/<PROJECT_ID>/topics/example_topic"
}
}]
}
Functional examples are included in the examples directory.
These sections describe requirements for using this module.
The following dependencies must be available:
- Terraform v0.13
- Terraform Provider for GCP plugin v6.5.0
A service account with the following roles must be used to provision the resources of this module:
- Healthcare Dataset Admin:
roles/healthcare.datasetAdmin
- Healthcare DICOM Admin:
roles/healthcare.dicomStoreAdmin
- Healthcare FHIR Admin:
roles/healthcare.fhirStoreAdmin
- Healthcare HL7 V2 Admin:
roles/healthcare.hl7V2StoreAdmin
- Healthcare Consent Admin:
roles/healthcare.ConsentStoreAdmin
- Healthcare Pipeline Jobs Admin:
roles/healthcare.pipelineJobsAdmin
- Bigquery Data Viewer:
roles/bigquery.dataViewer
- Cloud Storage Object Viewer:
roles/storage.objectViewer
- Healthcare Data Mapper Workspace Admin:
roles/healthcare.dataMapperWorkspaceAdmin
The Project Factory module and the [IAM module][iam-module] may be used in combination to provision a service account with the necessary roles applied.
To allow messages to be published from the Cloud Healthcare API to Pub/Sub,
you must add the roles/pubsub.publisher
role to your project's Cloud Healthcare
Service Agent service account.
A project with the following APIs enabled must be used to host the resources of this module:
- Google Cloud Healthcare API:
healthcare.googleapis.com
To allow messages to be published from the Cloud Healthcare API to Pub/Sub, the following API also needs to be enabled:
- Google Pub/Sub API:
pubsub.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled.
Name | Description | Type | Default | Required |
---|---|---|---|---|
consent_stores | Datastore that contain all information related to the configuration and operation of the Consent Management API (https://cloud.google.com/healthcare/docs/how-tos/consent-managing). | any |
[] |
no |
dicom_stores | Datastore that conforms to the DICOM (https://www.dicomstandard.org/about/) standard for Healthcare information exchange. | any |
[] |
no |
fhir_stores | Datastore that conforms to the FHIR standard for Healthcare information exchange. | any |
[] |
no |
hl7_v2_stores | Datastore that conforms to the HL7 V2 (https://www.hl7.org/hl7V2/STU3/) standard for Healthcare information exchange. | any |
[] |
no |
iam_members | Updates the IAM policy to grant a role to a new member. Other members for the role for the dataset are preserved. | list(object({ |
[] |
no |
location | The location for the Dataset. | string |
n/a | yes |
name | The resource name for the Dataset. | string |
n/a | yes |
pipeline_jobs | Mapping and reconciliation pipelines to create a longitudinal patient record within a harmonized FHIR store. (https://cloud.google.com/healthcare-api/healthcare-data-engine/docs/pipelines). | any |
[] |
no |
project | The ID of the project in which the resource belongs. | string |
n/a | yes |
time_zone | The default timezone used by this dataset. | string |
null |
no |
workspaces | Workspace that holds all mappings and the Data Mapper IDE for organizing and controlling access (https://cloud.google.com/healthcare-api/healthcare-data-engine/docs/manage-workspaces). | any |
[] |
no |
No outputs.
Refer to the contribution guidelines for information on contributing to this module.