Skip to main content

Configure HealthShare Health Connect Cloud Productions

Interoperability productions enable you to connect other systems to Health Connect Cloud so that you can transform and route messages between them. Generally speaking, productions consist of three types of business hosts:

  • Business Services — Business services have inbound adapters that accept incoming messages from an external system.

  • Business Processes — Business processes take messages from a business service and process them (for example, transforming them from one format to another) and then pass them to a business operation.

  • Business Operations — Business operations have outbound adapters that send outgoing messages to an external system.

In Health Connect Cloud, you can create a new production on the Productions page and then configure it in the Management Portal, by going to Interoperability > Configure > Production.

For general information on productions, see Introduction to Interoperability ProductionsOpens in a new tab.

For guidelines on how to configure Health Connect Cloud productions in some common specific scenarios, see the following sections.

Configure a Production to Use SFTP

Create Authorization Credentials

Before configuring a production to use SFTP, create the authorization credentials that will be used in your productions. This task creates SFTP passphrase credentials that correspond to the file transfer user you created for your tenant on the Files pageOpens in a new tab of the Cloud Services Portal.

  1. In the Health Connect Cloud Management Portal, select Interoperability > Configure > Credentials.

  2. If necessary, change the namespace to that of your production.

  3. In the right panel of the Credentials Viewer page, enter an ID that will be used in your production configuration.

  4. Enter the User Name of the file transfer user from your tenant’s Files page.

  5. Click Save.

Configure a Production to Use SFTP

After you have set up SFTP for your tenant on the Files pageOpens in a new tab of the Cloud Services Portal, you can configure a production to ingest files from a folder in your S3 bucket or output files to a folder in your S3 bucket. A business service can watch an input folder for incoming files, such as HL7 or X12 messages, and pass them to a business process for transformation or other processing. A business process can also pass outgoing files to a business operation, which can in turn deposit them in an output folder.

This section applies to business services (inbound adapters) and business operations (outbound adapters) that are of Input Type or Output Type FTP.

  1. In the Management Portal, select Interoperability > Configure > Production.

  2. If necessary, change the namespace to that of your production.

  3. Select your business service or business operation.

  4. Click the Settings tab.

  5. Configure the Basic Settings and SFTP Settings, as described below.

  6. Click Apply when you are done to save your settings.

Basic Settings Section

  • File Path — Enter a file path, as listed in the Paths column for your file transfer user on your tenant’s Files page.

  • FTP Server — Enter the server listed on your tenant’s Files page under SFTP Connection Instructions.

    The server will look something like: s-abc.server.transfer.us-east-1.amazonaws.com.

  • FTP Port — Type the port number 22.

SFTP Section

  • SFTP Authentication Methods — Type the letter k, indicating that the adapter will use public/private key authentication.

  • SFTP Public Key File — Enter the path to the public key file on your server, for example, /connect/ftp/xyz-sftp-public-key.txt, where xyz is the name of your file transfer user.

  • SFTP Private Key File — Enter the path to the private key file on your server, for example, /connect/ftp/xyz-sftp-private-key.txt, where xyz is the name of your file transfer user.

  • SFTP Passphrase Credentials — Select the credentials you created in Create Authorization Credentials.

See Upload SFTP Keys to ServerOpens in a new tab for information on uploading public and private key files.

Configure a Production to Use a Firewall Rule

This section describes the settings required to configure a business service to use a firewall rule that you have defined on the Firewall page of your deployment.

  1. In the Management Portal, select Interoperability > Configure > Production.

  2. If necessary, change the namespace to that of your production.

  3. Select your business service.

  4. Click the Settings tab.

  5. Configure the Basic Settings and Connection Settings, as described below.

  6. Click Apply when you are done to save your settings.

Basic Settings Section

  • IP Port — Enter a port within the port range of your firewall rule.

Connection Settings Section

  • SSL Configuration — Enter an SSL/TLS configuration to be used to secure traffic when using an external firewall rule.

    For business services, select a server SSL/TLS configuration.

  • Local Interface — Leave blank.

    The IP Port is bound to the correct Local Interface automatically.

Connect to the Business Service

To connect to a business service from the external system, use the IP Port you specified in the business service settings. Connect to the Virtual IP Address listed on the Overview page if using a private firewall rule. Connect to the External IP listed on the Overview page if using an external firewall rule.

To quickly test connectivity from the other system to a business service, use the command nc -vv <Health Connect Cloud IP address> <port number> on Linux or tnc <Health Connect Cloud IP address> -Port <port number> on Windows.

The following examples show how to test connectivity to the Virtual IP Address 192.168.22.254 over the private network on port 5000.

Linux

nc -vv 192.168.22.254 5000
Connection to 192.168.22.254 5000 port [tcp/*] succeeded!

Windows:

tnc 192.168.22.254 -Port 5000


ComputerName     : 192.168.22.254
RemoteAddress    : 192.168.22.254
RemotePort       : 5000
InterfaceAlias   : Ethernet 2
SourceAddress    : <Source IP address>
TcpTestSucceeded : True

Configure a Production to Use SSL

This section describes how to configure a business service or business operation to use an SSL/TLS Configuration that you have defined on the SSL/TLS Configurations page of your deployment.

  1. In the Management Portal, select Interoperability > Configure > Production.

  2. If necessary, change the namespace to that of your production.

  3. Select your business service or business operation.

  4. Click the Settings tab.

  5. In the Connection Settings section, in the SSL Configuration field, select an SSL/TLS configuration.

    For business services, select a server SSL/TLS configuration.

    For business operations, select a client SSL/TLS configuration.

  6. Click Apply when you are done to save your settings.

Configure a Production to Send SSL Certificate Expiration Alerts

If you want to receive an alert when an SSL certificate is near its expiration date, you can configure the ZMSP.HCC.CertCheckService business service to send email notifications a specified number of days before the certificate expires. The business service can be configured once and used to monitor all SSL configurations on a system or it can be configured individually for each production. To configure the business service for a production:

  1. Configure alert processingOpens in a new tab for your production. For example, you can use a simple email alert processorOpens in a new tab.

  2. Add the ZSMP.HCC.CertCheckService business service to your production.

  3. Configure the Scope setting for the new business service. You can set it to:

    • Server — the business service will check all enabled SSL configurations available on a system.

    • Namespace — the business service will only collect active values for the SSLConfig parameter in the currently running production.

  4. Configure the ExpiryDays setting. This setting determines the number of days before a certificate’s expiration date that the alert should be triggered. The alert will continue to be triggered each time the business service is run until the certificate is updated. This setting must be between 7 and 30.

  5. Set CallInterval to the frequency (in seconds) that the service should be called. For example, set it to 86400, so that the business service will run daily.

Configure a Production to Use Snowflake

Configuring a production to connect to a Snowflake data warehouse requires some special configuration, as described in this section. Before performing the steps below, make sure you have done the steps described in Create a Snowflake SQL Gateway Configuration.

Configure Credentials

In order to connect to Snowflake from a production, you need to add your Snowflake credentials to the production.

  1. In the Health Connect Cloud Management Portal, select Interoperability > Configure > Credentials.

  2. If necessary, change the namespace to that of your production.

  3. In the right panel of the Credentials Viewer page, enter an ID that will be used in your production configuration.

  4. Enter the Snowflake User Name and Password you specified when you created the SQL Gateway configuration.

  5. Click Save.

Create Business Service

Connecting to Snowflake from a production requires a business service..

  1. In the Management Portal, select Interoperability > Configure > Production.

  2. If necessary, change the namespace to that of your production.

  3. Next to Services, click the + to create a new business service.

  4. On the All Services tab:

    1. For Service Class, select EnsLib.JavaGateway.Service.

    2. Type an Service Name and select Enable Now.

    3. Click OK.

  5. Click the name of your new business service.

  6. Click the Settings tab.

  7. Under Additional Settings, in the Class Path box, type /iris/dev/java/lib/1.8/snowflake-jdbc.jar.

  8. Click Apply when you are done to save your settings.

Create Business Operation

Next, create a business operation and configure it to connect to your SQL Gateway and use your Snowflake credentials.

  1. In the Management Portal, select Interoperability > Configure > Production.

  2. If necessary, change the namespace to that of your production.

  3. Next to Operations, click the + to create a new business operation.

  4. On the All Operations tab:

    1. For Operation Class, select EnsLib.SQL.Operation.GenericOperation.

    2. Type an Operation Name and select Enable Now.

    3. Click OK.

  5. Click the name of your new business operation.

  6. Click the Settings tab.

  7. Under Basic Settings:

    1. In the DSN box, enter the data source name to use.

      This is the same as the Configuration Name of your Snowflake SQL Gateway Configuration.

    2. box, select the Snowflake credentials you configured earlier.

  8. Under Connection Settings:

    1. In the Java Gateway Service box, select the name of the Business Service you created earlier.

    2. In the JDBC Driver box, type net.snowflake.client.jdbc.SnowflakeDriver.

    3. In the JDBC Classpath box, type /iris/dev/java/lib/1.8/snowflake-jdbc.jar.

    4. In the Connection Attributes box, type the attribute string to use when connecting to Snowflake.

      This string takes the form warehouse=<warehouse_name>;database=<db_name>;schema=<schema_name>.

  9. Under Data, in the RequestClass box, select Ens.Request.

  10. Click Apply when you are done to save your settings.

Test Snowflake Connectivity

To check that you have configured your production correctly, you can use the Test tool in the business operation.

  1. In the Management Portal, select Interoperability > Configure > Production.

  2. If necessary, change the namespace to that of your production.

  3. Click the name of your new business operation.

  4. Click the Settings tab.

  5. Under Data, in the Query box, type a test query.

    For example: SELECT TOP 10 * FROM <db_name>.<schema_name>.<table_name>.

  6. Click Apply when you are done to save your settings.

  7. Click the Actions tab, and then click Test.

  8. In the popup window:

    1. In the Request Type box, select Ens.Request.

    2. Under Request Details, click Invoke Testing Service.

    3. Under Test Results, once the status bar completes, click Visual Trace to see the results.

      If the query or the communication fails, you will see an error message in this section.


Previous sectionHealthShare Health Connect Cloud Reference Information
FeedbackOpens in a new tab