fhir-works-on-aws-deployment icon indicating copy to clipboard operation
fhir-works-on-aws-deployment copied to clipboard

Published 20 hours ago verified publisher icon awslabs

Does multi tenancy work in local development when pointing to AWS with multi tenancy enabled?

Open nirojshrestha019 opened this issue 2 years ago • 4 comments

What's on your mind? I have an AWS account where fire-works is deployed and multi-tenancy is enabled. All the multi-tenant features are working while I make API requests directly AWS API gateway URL. But when I use serverless offline start for local deployment fhir-works following https://github.com/awslabs/fhir-works-on-aws-deployment/blob/smart-mainline/DEVELOPMENT.md and am pointing to the same AWS account where multi-tenancy is deployed, it seems the multi-tenant feature is not working (i.e., I am able getting all the data from all the tenant. The expected result was to only get data from the particular tenant in local development as it did in direct AWS API gateway call )

I hope my question is clear. Can someone please confirm that multi tenancy work in local development when pointing to AWS with multi tenancy enabled? Versions (please complete the following information): - Release Version installed v2.5.1-smart

nirojshrestha019 avatar Jul 06 '22 21:07 nirojshrestha019

Hi @nirojshrestha019,

Thanks for reaching out! I'll look into it and get back to you.

Thanks, Yanyu

Bingjiling avatar Jul 07 '22 15:07 Bingjiling

Hi @nirojshrestha019 ,

I tried local deployment and was able to reproduce the behavior you described. I'll create a ticket in our backlog to address this issue, and once it's done, you should be able to pass in the parameter to enable multi-tenancy in local deployment with something like OFFLINE_ENABLE_MULTI_TENANCY=true.

At the meantime, you can manually update in the following two places as a workaround to enable multi-tenancy in serverless offline.

  1. In config.ts, update the line to const enableMultiTenancy = true;
  2. In stubs.ts, update the line to return { 'custom:tenantId': 'tenant1' };
  3. Re-built and run serverless offline again (Set the log level like serverless offline --logLevel debug will give more log information)
  4. All incoming request will be regarded as coming from tenant1

Hope this helps.

Thanks, Yanyu

Bingjiling avatar Jul 08 '22 18:07 Bingjiling

@Bingjiling Thanks so much for the workaround information. I will try it next week and let you know.

In the meantime, this issue still exists so I am not sure, should I close this issue or just let it be open until the solution has been pushed?

nirojshrestha019 avatar Jul 08 '22 21:07 nirojshrestha019

We can this ticket open and update it once the fix has been pushed.

nguyen102 avatar Jul 18 '22 01:07 nguyen102

FHIR Works on AWS has been moved to maintenance mode. While in maintenance, we will not add any new features to this solution. All security issues should be reported directly to AWS Security at [[email protected]] (mailto:[email protected]). If you are new to this solution, we advise you to explore using [HealthLake] (https://aws.amazon.com/healthlake), which is our managed service for building FHIR based transactional and analytics applications. You can get started by contacting your AWS Account team. If you are an existing customer of FHIR Works on AWS, and have additional questions or need immediate help, please reach out to [email protected] or contact your AWS Account team.

nisankep avatar Apr 03 '23 22:04 nisankep