AWS healthlake documentation change
Summary
Added documentation for _security and _tag filtering parameters to the $export operation
Security assessment
The change documents security filtering parameters that provide access control mechanisms for data exports. This is a security feature enhancement rather than a response to a specific security vulnerability.
Diff
diff --git a/healthlake/latest/devguide/reference-fhir-operations-export.md b/healthlake/latest/devguide/reference-fhir-operations-export.md index d1f00da54..a08ac468d 100644 --- a//healthlake/latest/devguide/reference-fhir-operations-export.md +++ b//healthlake/latest/devguide/reference-fhir-operations-export.md @@ -97,0 +98,2 @@ Name | Required? | Description | Example +`_security` | No | Filter exported resources by `meta.security` Coding values. Use the `system|code` format. When multiple values are provided, resources must match all of them (AND semantics). Use `system|` (trailing pipe, no code) to match any code from a given system. | `&_security=https://myorg.com/tenant%7Cclinic-A` +`_tag` | No | Filter exported resources by `meta.tag` Coding values. Uses the same `system|code` format and AND semantics as `_security`. When both `_security` and `_tag` are specified, resources must match both filters. | `&_tag=https://myorg.com/dept%7Ccardiology`