Merge branch 'main' into PRMP-1476

NogaNHS · web-flow · commit bf69c69b9920 · 2026-03-18T16:42:53.000Z
diff --git a/infrastructure/lambda-create-user-restriction.tf b/infrastructure/lambda-create-user-restriction.tf
@@ -5,19 +5,21 @@ module "create_user_restriction_lambda" {
   iam_role_policy_documents = [
     module.ndr-app-config.app_config_policy,
     aws_iam_policy.ssm_access_policy.policy,
-    module.user_restriction_table.dynamodb_write_policy_document
+    module.user_restriction_table.dynamodb_write_policy_document,
+    module.user_restriction_table.dynamodb_read_policy_document
   ]
   kms_deletion_window = var.kms_deletion_window
   rest_api_id         = aws_api_gateway_rest_api.ndr_doc_store_api.id
   resource_id         = module.user_restrictions_gateway.gateway_resource_id
   http_methods        = ["POST"]
   api_execution_arn   = aws_api_gateway_rest_api.ndr_doc_store_api.execution_arn
   lambda_environment_variables = {
-    APPCONFIG_APPLICATION   = module.ndr-app-config.app_config_application_id
-    APPCONFIG_ENVIRONMENT   = module.ndr-app-config.app_config_environment_id
-    APPCONFIG_CONFIGURATION = module.ndr-app-config.app_config_configuration_profile_id
-    WORKSPACE               = terraform.workspace
-    RESTRICTIONS_TABLE_NAME = module.user_restriction_table.table_name
+    APPCONFIG_APPLICATION     = module.ndr-app-config.app_config_application_id
+    APPCONFIG_ENVIRONMENT     = module.ndr-app-config.app_config_environment_id
+    APPCONFIG_CONFIGURATION   = module.ndr-app-config.app_config_configuration_profile_id
+    WORKSPACE                 = terraform.workspace
+    RESTRICTIONS_TABLE_NAME   = module.user_restriction_table.table_name
+    HEALTHCARE_WORKER_API_URL = local.is_sandbox ? "" : data.aws_ssm_parameter.healthcare_worker_api_base_url.value
   }
 
   depends_on = [
@@ -63,4 +65,4 @@ module "create_user_restriction_lambda_alarm_topic" {
       }
     ]
   })
-}
+}
diff --git a/infrastructure/lambda-search-patient.tf b/infrastructure/lambda-search-patient.tf
@@ -60,6 +60,7 @@ module "search-patient-details-lambda" {
     module.ndr-app-config.app_config_policy,
     module.auth_session_dynamodb_table.dynamodb_write_policy_document,
     module.auth_session_dynamodb_table.dynamodb_read_policy_document,
+    module.user_restriction_table.dynamodb_read_policy_document,
   ]
   kms_deletion_window = var.kms_deletion_window
   rest_api_id         = aws_api_gateway_rest_api.ndr_doc_store_api.id
@@ -73,6 +74,7 @@ module "search-patient-details-lambda" {
     PDS_FHIR_IS_STUBBED            = local.is_sandbox,
     WORKSPACE                      = terraform.workspace
     AUTH_SESSION_TABLE_NAME        = "${terraform.workspace}_${var.auth_session_dynamodb_table_name}"
+    RESTRICTIONS_TABLE_NAME        = module.user_restriction_table.table_name
   }
   api_execution_arn = aws_api_gateway_rest_api.ndr_doc_store_api.execution_arn
   depends_on = [
