Microsoft.HealthcareApis services 2023-12-01

• Latest
• 2025-04-01-preview
• 2025-03-01-preview
• 2024-03-31
• 2024-03-01
• 2023-12-01
• 2023-11-01
• 2023-09-06
• 2023-02-28
• 2022-12-01
• 2022-10-01-preview
• 2022-06-01
• 2022-05-15
• 2022-01-31-preview
• 2021-11-01
• 2021-06-01-preview
• 2021-01-11
• 2020-03-30
• 2020-03-15
• 2019-09-16
• 2018-08-20-preview

Bicep resource definition

The services resource type can be deployed with operations that target:

• Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.HealthcareApis/services resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.HealthcareApis/services@2023-12-01' = {
  etag: 'string'
  identity: {
    type: 'string'
  }
  kind: 'string'
  location: 'string'
  name: 'string'
  properties: {
    accessPolicies: [
      {
        objectId: 'string'
      }
    ]
    acrConfiguration: {
      loginServers: [
        'string'
      ]
      ociArtifacts: [
        {
          digest: 'string'
          imageName: 'string'
          loginServer: 'string'
        }
      ]
    }
    authenticationConfiguration: {
      audience: 'string'
      authority: 'string'
      smartProxyEnabled: bool
    }
    corsConfiguration: {
      allowCredentials: bool
      headers: [
        'string'
      ]
      maxAge: int
      methods: [
        'string'
      ]
      origins: [
        'string'
      ]
    }
    cosmosDbConfiguration: {
      crossTenantCmkApplicationId: 'string'
      keyVaultKeyUri: 'string'
      offerThroughput: int
    }
    exportConfiguration: {
      storageAccountName: 'string'
    }
    importConfiguration: {
      enabled: bool
      initialImportMode: bool
      integrationDataStore: 'string'
    }
    privateEndpointConnections: [
      {
        properties: {
          privateEndpoint: {}
          privateLinkServiceConnectionState: {
            actionsRequired: 'string'
            description: 'string'
            status: 'string'
          }
        }
      }
    ]
    publicNetworkAccess: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property Values

Microsoft.HealthcareApis/services

Name	Description	Value
etag	An etag associated with the resource, used for optimistic concurrency when editing it.	string
identity	Setting indicating whether the service has a managed identity associated with it.	ServicesResourceIdentity
kind	The kind of the service.	'fhir' 'fhir-R4' 'fhir-Stu3' (required)
location	The resource location.	string (required)
name	The resource name	string Constraints: Min length = 3 Max length = 24 (required)
properties	The common properties of a service.	ServicesProperties
tags	Resource tags	Dictionary of tag names and values. See Tags in templates

PrivateEndpoint

Name	Description	Value

PrivateEndpointConnection

Name	Description	Value
properties	Resource properties.	PrivateEndpointConnectionProperties

PrivateEndpointConnectionProperties

Name	Description	Value
privateEndpoint	The resource of private end point.	PrivateEndpoint
privateLinkServiceConnectionState	A collection of information about the state of the connection between service consumer and provider.	PrivateLinkServiceConnectionState (required)

PrivateLinkServiceConnectionState

Name	Description	Value
actionsRequired	A message indicating if changes on the service provider require any updates on the consumer.	string
description	The reason for approval/rejection of the connection.	string
status	Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.	'Approved' 'Pending' 'Rejected'

ServiceAccessPolicyEntry

Name	Description	Value
objectId	An Azure AD object ID (User or Apps) that is allowed access to the FHIR service.	string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$ (required)

ServiceAcrConfigurationInfo

Name	Description	Value
loginServers	The list of the ACR login servers.	string[]
ociArtifacts	The list of Open Container Initiative (OCI) artifacts.	ServiceOciArtifactEntry[]

ServiceAuthenticationConfigurationInfo

Name	Description	Value
audience	The audience url for the service	string
authority	The authority url for the service	string
smartProxyEnabled	If the SMART on FHIR proxy is enabled	bool

ServiceCorsConfigurationInfo

Name	Description	Value
allowCredentials	If credentials are allowed via CORS.	bool
headers	The headers to be allowed via CORS.	string[]
maxAge	The max age to be allowed via CORS.	int Constraints: Min value = 0 Max value = 99999
methods	The methods to be allowed via CORS.	string[]
origins	The origins to be allowed via CORS.	string Constraints: Pattern = ^(?:(?:(?:[hH][tT][tT][pP](?:[sS]|))\:\/\/(?:[a-zA-Z0-9-]+[.]?)+(?:\:[0-9]{1,5})?|[*]))$[]

ServiceCosmosDbConfigurationInfo

Name	Description	Value
crossTenantCmkApplicationId	The multi-tenant application id used to enable CMK access for services in a data sovereign region.	string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$
keyVaultKeyUri	The URI of the customer-managed key for the backing database.	string
offerThroughput	The provisioned throughput for the backing database.	int Constraints: Min value = 400

ServiceExportConfigurationInfo

Name	Description	Value
storageAccountName	The name of the default export storage account.	string

ServiceImportConfigurationInfo

Name	Description	Value
enabled	If the import operation is enabled.	bool
initialImportMode	If the FHIR service is in InitialImportMode.	bool
integrationDataStore	The name of the default integration storage account.	string

ServiceOciArtifactEntry

Name	Description	Value
digest	The artifact digest.	string
imageName	The artifact name.	string
loginServer	The Azure Container Registry login server.	string

ServicesProperties

Name	Description	Value
accessPolicies	The access policies of the service instance.	ServiceAccessPolicyEntry[]
acrConfiguration	The azure container registry settings used for convert data operation of the service instance.	ServiceAcrConfigurationInfo
authenticationConfiguration	The authentication configuration for the service instance.	ServiceAuthenticationConfigurationInfo
corsConfiguration	The settings for the CORS configuration of the service instance.	ServiceCorsConfigurationInfo
cosmosDbConfiguration	The settings for the Cosmos DB database backing the service.	ServiceCosmosDbConfigurationInfo
exportConfiguration	The settings for the export operation of the service instance.	ServiceExportConfigurationInfo
importConfiguration	The settings for the import operation of the service instance.	ServiceImportConfigurationInfo
privateEndpointConnections	The list of private endpoint connections that are set up for this resource.	PrivateEndpointConnection[]
publicNetworkAccess	Control permission for data plane traffic coming from public networks while private endpoint is enabled.	'Disabled' 'Enabled'

ServicesResourceIdentity

Name	Description	Value
type	Type of identity being specified, currently SystemAssigned and None are allowed.	'None' 'SystemAssigned'

ServicesResourceTags

Name	Description	Value

Usage Examples

Azure Quickstart Samples

The following Azure Quickstart templates contain Bicep samples for deploying this resource type.

Bicep File	Description
Deploy Azure API for FHIR	This template creates an instance of Azure API for FHIR®. The Azure API for FHIR® is a managed, standards-based, and compliant healthcare data platform. It enables organizations to bring their clinical health data into the cloud based on the interoperable data standard FHIR®.

ARM template resource definition

The services resource type can be deployed with operations that target:

• Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.HealthcareApis/services resource, add the following JSON to your template.

{
  "type": "Microsoft.HealthcareApis/services",
  "apiVersion": "2023-12-01",
  "name": "string",
  "etag": "string",
  "identity": {
    "type": "string"
  },
  "kind": "string",
  "location": "string",
  "properties": {
    "accessPolicies": [
      {
        "objectId": "string"
      }
    ],
    "acrConfiguration": {
      "loginServers": [ "string" ],
      "ociArtifacts": [
        {
          "digest": "string",
          "imageName": "string",
          "loginServer": "string"
        }
      ]
    },
    "authenticationConfiguration": {
      "audience": "string",
      "authority": "string",
      "smartProxyEnabled": "bool"
    },
    "corsConfiguration": {
      "allowCredentials": "bool",
      "headers": [ "string" ],
      "maxAge": "int",
      "methods": [ "string" ],
      "origins": [ "string" ]
    },
    "cosmosDbConfiguration": {
      "crossTenantCmkApplicationId": "string",
      "keyVaultKeyUri": "string",
      "offerThroughput": "int"
    },
    "exportConfiguration": {
      "storageAccountName": "string"
    },
    "importConfiguration": {
      "enabled": "bool",
      "initialImportMode": "bool",
      "integrationDataStore": "string"
    },
    "privateEndpointConnections": [
      {
        "properties": {
          "privateEndpoint": {
          },
          "privateLinkServiceConnectionState": {
            "actionsRequired": "string",
            "description": "string",
            "status": "string"
          }
        }
      }
    ],
    "publicNetworkAccess": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property Values

Microsoft.HealthcareApis/services

Name	Description	Value
apiVersion	The api version	'2023-12-01'
etag	An etag associated with the resource, used for optimistic concurrency when editing it.	string
identity	Setting indicating whether the service has a managed identity associated with it.	ServicesResourceIdentity
kind	The kind of the service.	'fhir' 'fhir-R4' 'fhir-Stu3' (required)
location	The resource location.	string (required)
name	The resource name	string Constraints: Min length = 3 Max length = 24 (required)
properties	The common properties of a service.	ServicesProperties
tags	Resource tags	Dictionary of tag names and values. See Tags in templates
type	The resource type	'Microsoft.HealthcareApis/services'

PrivateEndpoint

Name	Description	Value

PrivateEndpointConnection

Name	Description	Value
properties	Resource properties.	PrivateEndpointConnectionProperties

PrivateEndpointConnectionProperties

Name	Description	Value
privateEndpoint	The resource of private end point.	PrivateEndpoint
privateLinkServiceConnectionState	A collection of information about the state of the connection between service consumer and provider.	PrivateLinkServiceConnectionState (required)

PrivateLinkServiceConnectionState

Name	Description	Value
actionsRequired	A message indicating if changes on the service provider require any updates on the consumer.	string
description	The reason for approval/rejection of the connection.	string
status	Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.	'Approved' 'Pending' 'Rejected'

ServiceAccessPolicyEntry

Name	Description	Value
objectId	An Azure AD object ID (User or Apps) that is allowed access to the FHIR service.	string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$ (required)

ServiceAcrConfigurationInfo

Name	Description	Value
loginServers	The list of the ACR login servers.	string[]
ociArtifacts	The list of Open Container Initiative (OCI) artifacts.	ServiceOciArtifactEntry[]

ServiceAuthenticationConfigurationInfo

Name	Description	Value
audience	The audience url for the service	string
authority	The authority url for the service	string
smartProxyEnabled	If the SMART on FHIR proxy is enabled	bool

ServiceCorsConfigurationInfo

Name	Description	Value
allowCredentials	If credentials are allowed via CORS.	bool
headers	The headers to be allowed via CORS.	string[]
maxAge	The max age to be allowed via CORS.	int Constraints: Min value = 0 Max value = 99999
methods	The methods to be allowed via CORS.	string[]
origins	The origins to be allowed via CORS.	string Constraints: Pattern = ^(?:(?:(?:[hH][tT][tT][pP](?:[sS]|))\:\/\/(?:[a-zA-Z0-9-]+[.]?)+(?:\:[0-9]{1,5})?|[*]))$[]

ServiceCosmosDbConfigurationInfo

Name	Description	Value
crossTenantCmkApplicationId	The multi-tenant application id used to enable CMK access for services in a data sovereign region.	string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$
keyVaultKeyUri	The URI of the customer-managed key for the backing database.	string
offerThroughput	The provisioned throughput for the backing database.	int Constraints: Min value = 400

ServiceExportConfigurationInfo

Name	Description	Value
storageAccountName	The name of the default export storage account.	string

ServiceImportConfigurationInfo

Name	Description	Value
enabled	If the import operation is enabled.	bool
initialImportMode	If the FHIR service is in InitialImportMode.	bool
integrationDataStore	The name of the default integration storage account.	string

ServiceOciArtifactEntry

Name	Description	Value
digest	The artifact digest.	string
imageName	The artifact name.	string
loginServer	The Azure Container Registry login server.	string

ServicesProperties

Name	Description	Value
accessPolicies	The access policies of the service instance.	ServiceAccessPolicyEntry[]
acrConfiguration	The azure container registry settings used for convert data operation of the service instance.	ServiceAcrConfigurationInfo
authenticationConfiguration	The authentication configuration for the service instance.	ServiceAuthenticationConfigurationInfo
corsConfiguration	The settings for the CORS configuration of the service instance.	ServiceCorsConfigurationInfo
cosmosDbConfiguration	The settings for the Cosmos DB database backing the service.	ServiceCosmosDbConfigurationInfo
exportConfiguration	The settings for the export operation of the service instance.	ServiceExportConfigurationInfo
importConfiguration	The settings for the import operation of the service instance.	ServiceImportConfigurationInfo
privateEndpointConnections	The list of private endpoint connections that are set up for this resource.	PrivateEndpointConnection[]
publicNetworkAccess	Control permission for data plane traffic coming from public networks while private endpoint is enabled.	'Disabled' 'Enabled'

ServicesResourceIdentity

Name	Description	Value
type	Type of identity being specified, currently SystemAssigned and None are allowed.	'None' 'SystemAssigned'

ServicesResourceTags

Name	Description	Value

Usage Examples

Azure Quickstart Templates

The following Azure Quickstart templates deploy this resource type.

Template	Description
Deploy Azure API for FHIR	This template creates an instance of Azure API for FHIR®. The Azure API for FHIR® is a managed, standards-based, and compliant healthcare data platform. It enables organizations to bring their clinical health data into the cloud based on the interoperable data standard FHIR®.

Terraform (AzAPI provider) resource definition

The services resource type can be deployed with operations that target:

• Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.HealthcareApis/services resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.HealthcareApis/services@2023-12-01"
  name = "string"
  parent_id = "string"
  identity {
    type = "string"
    identity_ids = [
      "string"
    ]
  }
  location = "string"
  tags = {
    {customized property} = "string"
  }
  body = {
    etag = "string"
    kind = "string"
    properties = {
      accessPolicies = [
        {
          objectId = "string"
        }
      ]
      acrConfiguration = {
        loginServers = [
          "string"
        ]
        ociArtifacts = [
          {
            digest = "string"
            imageName = "string"
            loginServer = "string"
          }
        ]
      }
      authenticationConfiguration = {
        audience = "string"
        authority = "string"
        smartProxyEnabled = bool
      }
      corsConfiguration = {
        allowCredentials = bool
        headers = [
          "string"
        ]
        maxAge = int
        methods = [
          "string"
        ]
        origins = [
          "string"
        ]
      }
      cosmosDbConfiguration = {
        crossTenantCmkApplicationId = "string"
        keyVaultKeyUri = "string"
        offerThroughput = int
      }
      exportConfiguration = {
        storageAccountName = "string"
      }
      importConfiguration = {
        enabled = bool
        initialImportMode = bool
        integrationDataStore = "string"
      }
      privateEndpointConnections = [
        {
          properties = {
            privateEndpoint = {
            }
            privateLinkServiceConnectionState = {
              actionsRequired = "string"
              description = "string"
              status = "string"
            }
          }
        }
      ]
      publicNetworkAccess = "string"
    }
  }
}

Property Values

Microsoft.HealthcareApis/services

Name	Description	Value
etag	An etag associated with the resource, used for optimistic concurrency when editing it.	string
identity	Setting indicating whether the service has a managed identity associated with it.	ServicesResourceIdentity
kind	The kind of the service.	'fhir' 'fhir-R4' 'fhir-Stu3' (required)
location	The resource location.	string (required)
name	The resource name	string Constraints: Min length = 3 Max length = 24 (required)
properties	The common properties of a service.	ServicesProperties
tags	Resource tags	Dictionary of tag names and values.
type	The resource type	"Microsoft.HealthcareApis/services@2023-12-01"

PrivateEndpoint

Name	Description	Value

PrivateEndpointConnection

Name	Description	Value
properties	Resource properties.	PrivateEndpointConnectionProperties

PrivateEndpointConnectionProperties

Name	Description	Value
privateEndpoint	The resource of private end point.	PrivateEndpoint
privateLinkServiceConnectionState	A collection of information about the state of the connection between service consumer and provider.	PrivateLinkServiceConnectionState (required)

PrivateLinkServiceConnectionState

Name	Description	Value
actionsRequired	A message indicating if changes on the service provider require any updates on the consumer.	string
description	The reason for approval/rejection of the connection.	string
status	Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.	'Approved' 'Pending' 'Rejected'

ServiceAccessPolicyEntry

Name	Description	Value
objectId	An Azure AD object ID (User or Apps) that is allowed access to the FHIR service.	string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$ (required)

ServiceAcrConfigurationInfo

Name	Description	Value
loginServers	The list of the ACR login servers.	string[]
ociArtifacts	The list of Open Container Initiative (OCI) artifacts.	ServiceOciArtifactEntry[]

ServiceAuthenticationConfigurationInfo

Name	Description	Value
audience	The audience url for the service	string
authority	The authority url for the service	string
smartProxyEnabled	If the SMART on FHIR proxy is enabled	bool

ServiceCorsConfigurationInfo

Name	Description	Value
allowCredentials	If credentials are allowed via CORS.	bool
headers	The headers to be allowed via CORS.	string[]
maxAge	The max age to be allowed via CORS.	int Constraints: Min value = 0 Max value = 99999
methods	The methods to be allowed via CORS.	string[]
origins	The origins to be allowed via CORS.	string Constraints: Pattern = ^(?:(?:(?:[hH][tT][tT][pP](?:[sS]|))\:\/\/(?:[a-zA-Z0-9-]+[.]?)+(?:\:[0-9]{1,5})?|[*]))$[]

ServiceCosmosDbConfigurationInfo

Name	Description	Value
crossTenantCmkApplicationId	The multi-tenant application id used to enable CMK access for services in a data sovereign region.	string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$
keyVaultKeyUri	The URI of the customer-managed key for the backing database.	string
offerThroughput	The provisioned throughput for the backing database.	int Constraints: Min value = 400

ServiceExportConfigurationInfo

Name	Description	Value
storageAccountName	The name of the default export storage account.	string

ServiceImportConfigurationInfo

Name	Description	Value
enabled	If the import operation is enabled.	bool
initialImportMode	If the FHIR service is in InitialImportMode.	bool
integrationDataStore	The name of the default integration storage account.	string

ServiceOciArtifactEntry

Name	Description	Value
digest	The artifact digest.	string
imageName	The artifact name.	string
loginServer	The Azure Container Registry login server.	string

ServicesProperties

Name	Description	Value
accessPolicies	The access policies of the service instance.	ServiceAccessPolicyEntry[]
acrConfiguration	The azure container registry settings used for convert data operation of the service instance.	ServiceAcrConfigurationInfo
authenticationConfiguration	The authentication configuration for the service instance.	ServiceAuthenticationConfigurationInfo
corsConfiguration	The settings for the CORS configuration of the service instance.	ServiceCorsConfigurationInfo
cosmosDbConfiguration	The settings for the Cosmos DB database backing the service.	ServiceCosmosDbConfigurationInfo
exportConfiguration	The settings for the export operation of the service instance.	ServiceExportConfigurationInfo
importConfiguration	The settings for the import operation of the service instance.	ServiceImportConfigurationInfo
privateEndpointConnections	The list of private endpoint connections that are set up for this resource.	PrivateEndpointConnection[]
publicNetworkAccess	Control permission for data plane traffic coming from public networks while private endpoint is enabled.	'Disabled' 'Enabled'

ServicesResourceIdentity

Name	Description	Value
type	Type of identity being specified, currently SystemAssigned and None are allowed.	'None' 'SystemAssigned'

ServicesResourceTags

Name	Description	Value