FHIRStore REST API - Bundles failing using Project ID but work with Project Number
25 views
Skip to first unread message
Steve Sanchez
Jul 23, 2024, 6:08:17 PM7/23/24
to GCP Healthcare Discuss
Hello!
I recently noticed that a service, which only sends bundle requests using REST endpoints, to our FHIRStore kept failing on our production environment. It's been working just fine in our development environment. After no luck in finding the cause of the issue I was suggested by a coworker to try using the the project number instead of the Project ID. That worked! But now there is a discrepancy between our environments, where development is doing well using the Project ID and production seems to only work when using the Project Number. The same request will fail using the Project ID and succeed using the Project Number on production. Any info on this would be great!
This is an example of the failure that we have:
Endpoint: https://healthcare.googleapis.com/v1/projects/production-XXXXXX/locations/us-east4/datasets/demo/fhirStores/demo-store/fhir
Status: 403 Forbidden
{
"issue": [
{
"code": "security",
"details": {
"text": "permission_denied"
},
"diagnostics": "Permission healthcare.fhirResources.update denied on resource projects/production-XXXXXX/locations/us-east4/datasets/demo/fhirStores/demo-store (or it may be malformed or not exist)",
"severity": "error"
}
],
"resourceType": "OperationOutcome"
}
Changing the url to use the Project number works:
/v1/projects/xxxxxxxxxx/locations
Notes:
* The store does exist
* We do have the update permissions configured.
I recently noticed that a service, which only sends bundle requests using REST endpoints, to our FHIRStore kept failing on our production environment. It's been working just fine in our development environment. After no luck in finding the cause of the issue I was suggested by a coworker to try using the the project number instead of the Project ID. That worked! But now there is a discrepancy between our environments, where development is doing well using the Project ID and production seems to only work when using the Project Number. The same request will fail using the Project ID and succeed using the Project Number on production. Any info on this would be great!
This is an example of the failure that we have:
Endpoint: https://healthcare.googleapis.com/v1/projects/production-XXXXXX/locations/us-east4/datasets/demo/fhirStores/demo-store/fhir
Status: 403 Forbidden
{
"issue": [
{
"code": "security",
"details": {
"text": "permission_denied"
},
"diagnostics": "Permission healthcare.fhirResources.update denied on resource projects/production-XXXXXX/locations/us-east4/datasets/demo/fhirStores/demo-store (or it may be malformed or not exist)",
"severity": "error"
}
],
"resourceType": "OperationOutcome"
}
Changing the url to use the Project number works:
/v1/projects/xxxxxxxxxx/locations
Notes:
* The store does exist
* We do have the update permissions configured.
Truc Le
Jul 24, 2024, 8:47:40 AM7/24/24
to Steve Sanchez, GCP Healthcare Discuss
Hi Steve,
We are confident that our FHIR store is capable of recognizing either the project number or the project ID. We kindly request that you provide the full request.
Additionally, we suggest enabling the Data Read audit log for the Cloud Healthcare API. This will allow you to verify the access log for your project, which provides detailed information regarding who attempted to access the resource and which specific resource was accessed.
Best,
Truc
Additionally, we suggest enabling the Data Read audit log for the Cloud Healthcare API. This will allow you to verify the access log for your project, which provides detailed information regarding who attempted to access the resource and which specific resource was accessed.
Best,
Truc
--
You received this message because you are subscribed to the Google Groups "GCP Healthcare Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gcp-healthcare-di...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gcp-healthcare-discuss/caa55b91-d38f-4a37-a95d-9b01486828c7n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages