microsoft · fhibf · Oct 17, 2023 · Oct 4, 2023 · Oct 6, 2023 · Oct 8, 2023
@@ -34,5 +34,7 @@ public class FhirServerConfiguration : IApiConfiguration
         public ArtifactStoreConfiguration ArtifactStore { get; } = new ArtifactStoreConfiguration();
 
         public ImplementationGuidesConfiguration ImplementationGuides { get; } = new ImplementationGuidesConfiguration();
+
+        public EncryptionConfiguration Encryption { get; } = new EncryptionConfiguration();
     }
 }
@@ -0,0 +1,77 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using Microsoft.Health.Fhir.Core.Configs;
+using Microsoft.Health.Fhir.Tests.Common;
+using Microsoft.Health.Test.Utilities;
+using Xunit;
+
+namespace Microsoft.Health.Fhir.Core.UnitTests.Config
+{
+    [Trait(Traits.OwningTeam, OwningTeam.Fhir)]
+    [Trait(Traits.Category, Categories.Operations)]
+    public sealed class EncryptionConfigurationTests
+    {
+        [Fact]
+        public void GivenAnEncryptionConfiguration_WhenContainsValues_ReturnAsEncryptionConfigurationSet()
+        {
+            EncryptionConfiguration encryption1 = new EncryptionConfiguration()
+            {
+                CustomerManagedKeyEncryption = new CustomerManagedKeyEncryption()
+                {
+                    KeyEncryptionKeyUrl = new Uri("https://fhir.com"),
+                },
+            };
+            Assert.True(encryption1.IsEncryptionSet());
+        }
+
+        [Fact]
+        public void GivenAnEncryptionConfiguration_WhenThereAreNoValues_ReturnAsEncryptionConfigurationNotSet()
+        {
+            EncryptionConfiguration encryption0 = new EncryptionConfiguration();
+            Assert.False(encryption0.IsEncryptionSet());
+
+            EncryptionConfiguration encryption1 = new EncryptionConfiguration()
+            {
+                CustomerManagedKeyEncryption = new CustomerManagedKeyEncryption()
+                {
+                    KeyEncryptionKeyIdentity = new EncryptionKeyIdentity()
+                    {
+                        FederatedClientId = null,
+                    },
+                },
+            };
+            Assert.False(encryption1.IsEncryptionSet());
+
+            EncryptionConfiguration encryption2 = new EncryptionConfiguration()
+            {
+                CustomerManagedKeyEncryption = new CustomerManagedKeyEncryption()
+                {
+                    KeyEncryptionKeyUrl = null,
+                },
+            };
+            Assert.False(encryption2.IsEncryptionSet());
+
+            EncryptionConfiguration encryption3 = new EncryptionConfiguration()
+            {
+                CustomerManagedKeyEncryption = null,
+            };
+            Assert.False(encryption3.IsEncryptionSet());
+
+            EncryptionConfiguration encryption4 = new EncryptionConfiguration()
+            {
+                CustomerManagedKeyEncryption = new CustomerManagedKeyEncryption()
+                {
+                    KeyEncryptionKeyIdentity = new EncryptionKeyIdentity()
+                    {
+                        FederatedClientId = "foo",
+                    },
+                },
+            };
+            Assert.False(encryption4.IsEncryptionSet());
+        }
+    }
+}
@@ -0,0 +1,45 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.Health.Fhir.Core.Features;
+using Microsoft.Health.Fhir.Core.Registration;
+using Microsoft.Health.Fhir.Tests.Common;
+using Microsoft.Health.Test.Utilities;
+using Xunit;
+
+namespace Microsoft.Health.Fhir.Core.UnitTests.Registration
+{
+    [Trait(Traits.OwningTeam, OwningTeam.Fhir)]
+    [Trait(Traits.Category, Categories.Operations)]
+    public sealed class FhirRuntimeConfigurationTests
+    {
+        public void GivenARuntimeConfiguration_WhenForAzureApiForFHIR_FollowsTheExpectedValues()
+        {
+            IFhirRuntimeConfiguration runtimeConfiguration = new AzureApiForFhirRuntimeConfiguration();
+
+            Assert.Equal(KnownDataStores.CosmosDb, runtimeConfiguration.DataStore);
+            Assert.False(runtimeConfiguration.IsSelectiveSearchParameterSupported);
+            Assert.True(runtimeConfiguration.IsExportBackgroundWorkedSupported);
+            Assert.False(runtimeConfiguration.IsCustomerKeyValidationBackgroudWorkerSupported);
+            Assert.False(runtimeConfiguration.IsTransactionSupported);
+        }
+
+        public void GivenARuntimeConfiguration_WhenForAzureHealthDataServices_FollowsTheExpectedValues()
+        {
+            IFhirRuntimeConfiguration runtimeConfiguration = new AzureHealthDataServicesRuntimeConfiguration();
+
+            Assert.Equal(KnownDataStores.SqlServer, runtimeConfiguration.DataStore);
+            Assert.True(runtimeConfiguration.IsSelectiveSearchParameterSupported);
+            Assert.False(runtimeConfiguration.IsExportBackgroundWorkedSupported);
+            Assert.True(runtimeConfiguration.IsCustomerKeyValidationBackgroudWorkerSupported);
+            Assert.True(runtimeConfiguration.IsTransactionSupported);
+        }
+    }
+}
@@ -0,0 +1,16 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+
+namespace Microsoft.Health.Fhir.Core.Configs
+{
+    public sealed class CustomerManagedKeyEncryption
+    {
+        public EncryptionKeyIdentity KeyEncryptionKeyIdentity { get; set; }
+
+        public Uri KeyEncryptionKeyUrl { get; set; }
+    }
+}
@@ -0,0 +1,27 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+namespace Microsoft.Health.Fhir.Core.Configs
+{
+    public sealed class EncryptionConfiguration
+    {
+        public CustomerManagedKeyEncryption CustomerManagedKeyEncryption { get; set; }
+
+        public bool IsEncryptionSet()
+        {
+            if (CustomerManagedKeyEncryption != null)
+            {
+                // KeyEncryptionKeyUrl is the only required property.
+                // KeyEncryptionKeyIdentity.FederatedClientId is optional.
+                if (CustomerManagedKeyEncryption.KeyEncryptionKeyUrl != null)
+                {
+                    return true;
+                }
+            }
+
+            return false;
+        }
+    }
+}
@@ -0,0 +1,12 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+namespace Microsoft.Health.Fhir.Core.Configs
+{
+    public sealed class EncryptionKeyIdentity
+    {
+        public string FederatedClientId { get; set; }
+    }
+}
@@ -16,5 +16,7 @@ public class AzureApiForFhirRuntimeConfiguration : IFhirRuntimeConfiguration
         public bool IsExportBackgroundWorkedSupported => true;
 
         public bool IsCustomerKeyValidationBackgroudWorkerSupported => false;
+
+        public bool IsTransactionSupported => false;
     }
 }
@@ -16,5 +16,7 @@ public class AzureHealthDataServicesRuntimeConfiguration : IFhirRuntimeConfigura
         public bool IsExportBackgroundWorkedSupported => false;
 
         public bool IsCustomerKeyValidationBackgroudWorkerSupported => true;
+
+        public bool IsTransactionSupported => true;
     }
 }
@@ -23,5 +23,10 @@ public interface IFhirRuntimeConfiguration
         /// Customer Key Validation background worker keeps running and checking the health of customer managed key.
         /// </summary>
         bool IsCustomerKeyValidationBackgroudWorkerSupported { get; }
+
+        /// <summary>
+        /// Support to transactions.
+        /// </summary>
+        bool IsTransactionSupported { get; }
     }
 }
@@ -140,6 +140,12 @@
             "USCore": {
                 "MissingData": false
             }
+        },
+        "Encryption": {
+            "CustomerManagedKeyEncryption": {
+                "KeyEncryptionKeyIdentity": null,
+                "KeyEncryptionKeyUrl": null
+            }
         }
     },
     "CosmosDb": {