fhir-works-on-aws-deployment icon indicating copy to clipboard operation
fhir-works-on-aws-deployment copied to clipboard

Published 20 hours ago verified publisher icon awslabs

[Bug] restHook lambda loading the entire fhirServer

Open Zambonilli opened this issue 2 years ago • 1 comments

Describe the bug The subscriptionsRestHook lambda is currently loading the entire fhirServer indirectly by importing the ensureAsyncInit method in src/index.ts and the fhirServer being instantiated in the index.ts file by default. This is causing us to have to add role permissions for configuration values stored in our parameter store and secrets manager for populating the FhirConfig interface in config.ts which are not being used by this lambda.

To Reproduce Steps to reproduce the behavior:

  1. Update a FhirConfig interface field value to be populated from parameter store in src/config.ts
  2. Run serverless-offline
  3. See that the subscriptionsRestHook lambda is failing because it tries to load the parameter store value even though it should not require the fhirServer.

Expected behavior fhirServer to not be loaded in any lambda except the fhirServer lambda.

Screenshots Import statement in subscriptionsRestHook lambda code. https://github.com/awslabs/fhir-works-on-aws-deployment/blob/mainline/src/subscriptions/restHookLambda/restHook.ts#L8

Automatic loading of fhirServer on nodejs parsing the src/index.ts file. https://github.com/awslabs/fhir-works-on-aws-deployment/blob/mainline/src/index.ts#L29

Versions (please complete the following information):

  • v2.5.1-smart

Additional context We've updated in our private fork to lazy load the serverlessHandler variable in src/index.ts inside of the exports.handler. Which has fixed the automatic loading of the fhirServer in subscriptionsRestHook. Alternatively, ensureAsyncInit could be moved to a more generic and reusable spot like the interface package's utilities.

Zambonilli avatar Jul 12 '22 17:07 Zambonilli

Thanks for your bug report. I've added this bug report to our backlog. We'll keep this ticket updated with any news related to the bug.

nguyen102 avatar Jul 13 '22 16:07 nguyen102

FHIR Works on AWS has been moved to maintenance mode. While in maintenance, we will not add any new features to this solution. All security issues should be reported directly to AWS Security at [[email protected]] (mailto:[email protected]). If you are new to this solution, we advise you to explore using [HealthLake] (https://aws.amazon.com/healthlake), which is our managed service for building FHIR based transactional and analytics applications. You can get started by contacting your AWS Account team. If you are an existing customer of FHIR Works on AWS, and have additional questions or need immediate help, please reach out to [email protected] or contact your AWS Account team.

nisankep avatar Apr 03 '23 22:04 nisankep