NHSDigital
diff --git a/‎.pre-commit-config.yaml‎
Lines changed: 11 additions & 1 deletion b/‎.pre-commit-config.yaml‎
Lines changed: 11 additions & 1 deletion
diff --git a/‎.vscode/eps-prescription-status-update-api.code-workspace‎
Lines changed: 4 additions & 0 deletions b/‎.vscode/eps-prescription-status-update-api.code-workspace‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 5 additions & 1 deletion b/‎Makefile‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 9 additions & 8 deletions b/‎README.md‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎SAMtemplates/functions/main.yaml‎
Lines changed: 107 additions & 0 deletions b/‎SAMtemplates/functions/main.yaml‎
Lines changed: 107 additions & 0 deletions
diff --git a/‎SAMtemplates/messaging/main.yaml‎
Lines changed: 91 additions & 0 deletions b/‎SAMtemplates/messaging/main.yaml‎
Lines changed: 91 additions & 0 deletions
@@ -86,7 +86,7 @@ repos:
         files: ^packages\/checkPrescriptionStatusUpdates
         types_or: [ts, tsx, javascript, jsx, json]
         pass_filenames: false
-        
+
       - id: lint-nhsNotifyLambda
         name: Lint nhsNotifyLambda
         entry: npm
@@ -97,6 +97,16 @@ repos:
         types_or: [ts, tsx, javascript, jsx, json]
         pass_filenames: false
 
+      - id: lint-postDatedLambda
+        name: List Post-dated handling lambda
+        entry: npm
+        args:
+          ["run", "--prefix=packages/postDatedLambda", "lint"]
+        language: system
+        files: ^packages\/postDatedLambda
+        types_or: [ts, tsx, javascript, jsx, json]
+        pass_filenames: false
+
       - id: lint-commonTesting
         name: Lint common/testing
         entry: npm
 
@@ -32,6 +32,10 @@
       "name": "packages/nhsNotifyLambda",
       "path": "../packages/nhsNotifyLambda"
     },
+    {
+      "name": "packages/postDatedLambda",
+      "path": "../packages/postDatedLambda"
+    },
     {
       "name": "packages/nhsNotifyUpdateCallback",
       "path": "../packages/nhsNotifyUpdateCallback"
 
@@ -56,7 +56,7 @@ sam-list-resources: guard-AWS_DEFAULT_PROFILE guard-stack_name
 sam-list-outputs: guard-AWS_DEFAULT_PROFILE guard-stack_name
 	sam list stack-outputs --stack-name $$stack_name
 
-sam-validate: 
+sam-validate:
 	sam validate --template-file SAMtemplates/main_template.yaml --region eu-west-2
 	sam validate --template-file SAMtemplates/apis/main.yaml --region eu-west-2
 	sam validate --template-file SAMtemplates/apis/api_resources.yaml --region eu-west-2
@@ -120,6 +120,7 @@ lint-node: compile-node
 	npm run lint --workspace packages/cpsuLambda
 	npm run lint --workspace packages/checkPrescriptionStatusUpdates
 	npm run lint --workspace packages/nhsNotifyLambda
+	npm run lint --workspace packages/postDatedLambda
 	npm run lint --workspace packages/nhsNotifyUpdateCallback
 	npm run lint --workspace packages/common/testing
 	npm run lint --workspace packages/common/middyErrorHandler
@@ -152,6 +153,7 @@ test: compile
 	npm run test --workspace packages/cpsuLambda
 	npm run test --workspace packages/checkPrescriptionStatusUpdates
 	npm run test --workspace packages/nhsNotifyLambda
+	npm run test --workspace packages/postDatedLambda
 	npm run test --workspace packages/nhsNotifyUpdateCallback
 	npm run test --workspace packages/common/middyErrorHandler
 	npm run test --workspace packages/psuRestoreValidationLambda
@@ -172,6 +174,8 @@ clean:
 	rm -rf packages/cpsuLambda/lib
 	rm -rf packages/nhsNotifyLambda/coverage
 	rm -rf packages/nhsNotifyLambda/lib
+	rm -rf packages/postDatedLambda/coverage
+	rm -rf packages/postDatedLambda/lib
 	rm -rf packages/nhsNotifyUpdateCallback/coverage
 	rm -rf packages/nhsNotifyUpdateCallback/lib
 	rm -rf packages/checkPrescriptionStatusUpdates/lib
 
@@ -1,12 +1,12 @@
 # EPS Prescription Status Update API
 
-![Build](https://github.com/NHSDigital/eps-prescription-status-update-api/actions/workflows/ci.yml/badge.svg?branch=main)  
+![Build](https://github.com/NHSDigital/eps-prescription-status-update-api/actions/workflows/ci.yml/badge.svg?branch=main)
 ![Release](https://github.com/NHSDigital/eps-prescription-status-update-api/actions/workflows/release.yml/badge.svg?branch=main)
 
 ## Versions and deployments
 
-Version release history can be found ot https://github.com/NHSDigital/eps-prescription-status-update-api/releases.  
-We use eslint convention for commit messages for commits to main branch. Descriptions for the types of changes in a release can be found in the [contributing guidelines](./CONTRIBUTING.md)  
+Version release history can be found ot https://github.com/NHSDigital/eps-prescription-status-update-api/releases.
+We use eslint convention for commit messages for commits to main branch. Descriptions for the types of changes in a release can be found in the [contributing guidelines](./CONTRIBUTING.md)
 Deployment history can be found at https://nhsdigital.github.io/eps-prescription-status-update-api/
 
 ## Introduction
@@ -20,6 +20,7 @@ This is the AWS layer that provides an API for EPS Prescription Status Update.
 - `packages/capabilityStatement` Returns a static capability statement.
 - `packages/cpsuLambda` Handles updating prescription status using a custom format.
 - `packages/nhsNotifyLambda` Handles sending prescription notifications to the NHS Notify service.
+- `packages/postDatedLambda` Handles business logic for post-dated prescriptions getting notifications \[deprecated\].
 - `packages/nhsNotifyUpdateCallback` Handles receiving notification updates from the NHS Notify service.
 - `packages/checkPrescriptionStatusUpdates` Validates and retrieves prescription status update data.
 - `packages/gsul` Expose data owned by PSU but needed by [PfP](https://github.com/NHSDigital/prescriptionsforpatients)
@@ -56,9 +57,9 @@ The contents of this repository are protected by Crown Copyright (C).
 
 ## Development
 
-It is recommended that you use visual studio code and a devcontainer as this will install all necessary components and correct versions of tools and languages.  
-See https://code.visualstudio.com/docs/devcontainers/containers for details on how to set this up on your host machine.  
-There is also a workspace file in .vscode that should be opened once you have started the devcontainer. The workspace file can also be opened outside of a devcontainer if you wish.  
+It is recommended that you use visual studio code and a devcontainer as this will install all necessary components and correct versions of tools and languages.
+See https://code.visualstudio.com/docs/devcontainers/containers for details on how to set this up on your host machine.
+There is also a workspace file in .vscode that should be opened once you have started the devcontainer. The workspace file can also be opened outside of a devcontainer if you wish.
 The project uses [SAM](https://aws.amazon.com/serverless/sam/) to develop and deploy the APIs and associated resources.
 
 All commits must be made using [signed commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits).
@@ -239,8 +240,8 @@ Workflows are in the `.github/workflows` folder:
 
 ### Github pages
 
-Github pages is used to display deployment information. The source for github pages is in the gh-pages branch.  
-As part of the ci and release workflows, the release tag (either the short commit SHA or release tag) is appended to \_data/{environment}\_deployments.csv so we have a history of releases and replaced in \_data/{environment}\_latest.csv so we now what the latest released version is.  
+Github pages is used to display deployment information. The source for github pages is in the gh-pages branch.
+As part of the ci and release workflows, the release tag (either the short commit SHA or release tag) is appended to \_data/{environment}\_deployments.csv so we have a history of releases and replaced in \_data/{environment}\_latest.csv so we now what the latest released version is.
 There are different makefile targets in this branch. These are
 
 - `run-jekyll` - runs the site locally so changes can be previewed during development
 
@@ -33,6 +33,10 @@ Parameters:
     Type: String
     Default: none
 
+  PostDatedNotificationsSQSQueueUrl:
+    Type: String
+    Default: none
+
   SQSSaltSecret:
     Type: AWS::SecretsManager::Secret::Name<String>
 
@@ -121,6 +125,7 @@ Resources:
         Variables:
           TABLE_NAME: !Ref PrescriptionStatusUpdatesTableName
           NHS_NOTIFY_PRESCRIPTIONS_SQS_QUEUE_URL: !Ref NHSNotifyPrescriptionsSQSQueueUrl
+          POST_DATED_PRESCRIPTIONS_SQS_QUEUE_URL: !Ref PostDatedNotificationsSQSQueueUrl
           SQS_SALT: !Ref SQSSaltSecret
           ENABLED_SITE_ODS_CODES_PARAM: !Ref EnabledSiteODSCodesParam
           ENABLED_SYSTEMS_PARAM: !Ref EnabledSystemsParam
@@ -165,6 +170,7 @@ Resources:
             - Fn::ImportValue: !Sub ${StackName}:tables:UsePrescriptionStatusUpdatesKMSKeyPolicyArn
             - Fn::ImportValue: !Sub ${StackName}-UseNotificationSQSQueueKMSKeyPolicyArn
             - Fn::ImportValue: !Sub ${StackName}-WriteNHSNotifyPrescriptionsSQSQueuePolicyArn
+            - Fn::ImportValue: !Sub ${StackName}-WritePostDatedNotificationsSQSQueuePolicyArn
             - Fn::ImportValue: !Sub ${StackName}-GetSQSSaltSecretPolicy
             - Fn::ImportValue: !Sub ${StackName}-GetNotificationsParameterPolicy
         LogRetentionInDays: !Ref LogRetentionInDays
@@ -489,6 +495,98 @@ Resources:
             - Fn::ImportValue: !Sub ${StackName}-GetPSUSecretPolicy
             - Fn::ImportValue: !Sub ${StackName}-UsePSUSecretsKMSKeyPolicyArn
 
+  ## Post-dated lambda definitions
+  PostDatedNotifyLambdaScheduleEventRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service:
+                - scheduler.amazonaws.com
+            Action:
+              - sts:AssumeRole
+      ManagedPolicyArns:
+        - !Ref PostDatedNotifyLambdaScheduleEventRolePolicy
+
+  PostDatedNotifyLambdaScheduleEventRolePolicy:
+    Type: AWS::IAM::ManagedPolicy
+    Properties:
+      PolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Action:
+              - lambda:InvokeFunction
+            Resource:
+              - !GetAtt PostDatedNotifyLambda.Arn
+
+  PostDatedNotifyLambda:
+    Type: AWS::Serverless::Function
+    Properties:
+      FunctionName: !Sub ${StackName}-postDatedNotifyLambda
+      Timeout: 900
+      CodeUri: ../../packages/
+      Handler: main.handler
+      Role: !GetAtt PostDatedNotifyLambdaResources.Outputs.LambdaRoleArn
+      Environment:
+        Variables:
+          LOG_LEVEL: !Ref LogLevel
+          NHS_NOTIFY_PRESCRIPTIONS_SQS_QUEUE_URL: !Ref NHSNotifyPrescriptionsSQSQueueUrl
+          POST_DATED_PRESCRIPTIONS_SQS_QUEUE_URL: !Ref PostDatedNotificationsSQSQueueUrl
+          TABLE_NAME: !Ref PrescriptionNotificationStatesTableName
+      Events:
+        ScheduleEvent:
+          Type: ScheduleV2
+          Properties:
+            Name: !Sub ${StackName}-PostDatedNotifySchedule
+            ScheduleExpression: "rate(3 minutes)"
+            RoleArn: !GetAtt PostDatedNotifyLambdaScheduleEventRole.Arn
+    Metadata:
+      BuildMethod: esbuild
+      guard:
+        SuppressedRules:
+          - LAMBDA_DLQ_CHECK
+          - LAMBDA_INSIDE_VPC
+          - LAMBDA_CONCURRENCY_CHECK
+      BuildProperties:
+        Minify: true
+        Target: es2020
+        Sourcemap: true
+        packages: bundle
+        # set tsconfig path to whatever you actually have for this lambda package
+        tsconfig: postDatedLambda/tsconfig.json
+        EntryPoints:
+          - postDatedLambda/src/main.ts
+
+  PostDatedNotifyLambdaResources:
+    Type: AWS::Serverless::Application
+    Properties:
+      Location: lambda_resources.yaml
+      Parameters:
+        StackName: !Ref StackName
+        LambdaName: !Sub ${StackName}-postDatedNotifyLambda
+        LambdaArn: !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:${StackName}-postDatedNotifyLambda
+        LogRetentionInDays: !Ref LogRetentionInDays
+        CloudWatchKMSKeyId: !ImportValue account-resources:CloudwatchLogsKmsKeyArn
+        EnableSplunk: !Ref EnableSplunk
+        SplunkSubscriptionFilterRole: !ImportValue lambda-resources:SplunkSubscriptionFilterRole
+        SplunkDeliveryStreamArn: !ImportValue lambda-resources:SplunkDeliveryStream
+        IncludeAdditionalPolicies: true
+        AdditionalPolicies: !Join
+          - ","
+          - - Fn::ImportValue: !Sub ${StackName}-WriteNHSNotifyPrescriptionsSQSQueuePolicyArn
+            - Fn::ImportValue: !Sub ${StackName}-ReadNHSNotifyPrescriptionsSQSQueuePolicyArn
+            - Fn::ImportValue: !Sub ${StackName}-UseNotificationSQSQueueKMSKeyPolicyArn
+            - Fn::ImportValue: !Sub ${StackName}-WritePostDatedNotificationsSQSQueuePolicyArn
+            - Fn::ImportValue: !Sub ${StackName}-ReadPostDatedNotificationsSQSQueuePolicyArn
+            - Fn::ImportValue: !Sub ${StackName}:tables:${PrescriptionNotificationStatesTableName}:TableReadPolicyArn
+            - Fn::ImportValue: !Sub ${StackName}:tables:${PrescriptionNotificationStatesTableName}:TableWritePolicyArn
+            - Fn::ImportValue: !Sub ${StackName}:tables:UsePrescriptionNotificationStatesKMSKeyPolicyArn
+  ## End of post-dated lambda bits
+
   NHSNotifyUpdateCallback:
     Type: AWS::Serverless::Function
     Properties:
@@ -719,3 +817,12 @@ Outputs:
   NHSNotifyUpdateCallbackFunctionArn:
     Description: The function ARN of the NHSNotifyUpdateCallback lambda
     Value: !GetAtt NHSNotifyUpdateCallback.Arn
+
+  # Post-dated lambda outputs
+  PostDatedNotifyLambdaFunctionName:
+    Description: The function name of the postDatedNotifyLambda
+    Value: !Ref PostDatedNotifyLambda
+
+  PostDatedNotifyLambdaFunctionArn:
+    Description: The function ARN of the postDatedNotifyLambda
+    Value: !GetAtt PostDatedNotifyLambda.Arn
@@ -102,6 +102,65 @@ Resources:
               - kms:Decrypt
             Resource: !GetAtt NHSNotifyPrescriptionsSQSQueue.Arn
 
+  ## Post-dated SQS queue starts here
+  PostDatedNotificationsSQSQueue:
+    Type: AWS::SQS::Queue
+    Properties:
+      QueueName: !Sub ${StackName}-PostDatedNotifications.fifo
+      FifoQueue: true
+      ContentBasedDeduplication: false
+      KmsMasterKeyId: !Ref NotificationSQSQueueKMSKeyAlias
+      MessageRetentionPeriod: 86400    # 1 day in seconds
+      RedrivePolicy:
+        deadLetterTargetArn: !GetAtt PostDatedNotificationsDeadLetterQueue.Arn
+        maxReceiveCount: 13 # processed every 6 hours for 3 days, plus one for the first time it's placed on queue.
+      VisibilityTimeout: 300
+
+  PostDatedNotificationsDeadLetterQueue:
+    Type: AWS::SQS::Queue
+    Properties:
+      QueueName: !Sub ${StackName}-PostDatedNotificationsDeadLetter.fifo
+      FifoQueue: true
+      ContentBasedDeduplication: false
+      KmsMasterKeyId: !Ref NotificationSQSQueueKMSKeyAlias
+      MessageRetentionPeriod: 604800   # 1 week in seconds
+      VisibilityTimeout: 300
+
+  ReadPostDatedNotificationsSQSQueuePolicy:
+    Type: AWS::IAM::ManagedPolicy
+    Properties:
+      PolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Action:
+              - sqs:ReceiveMessage
+              - sqs:DeleteMessage
+              - sqs:ChangeMessageVisibility
+              - sqs:GetQueueAttributes
+              - sqs:GetQueueUrl
+              - kms:GenerateDataKey
+              - kms:Decrypt
+            Resource: !GetAtt PostDatedNotificationsSQSQueue.Arn
+
+  WritePostDatedNotificationsSQSQueuePolicy:
+    Type: AWS::IAM::ManagedPolicy
+    Properties:
+      ManagedPolicyName: !Sub ${StackName}-PostDatedNotificationsSendMessagePolicy
+      PolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          - Effect: Allow
+            Action:
+              - sqs:SendMessage
+              - sqs:SendMessageBatch
+              - sqs:DeleteMessage
+              - sqs:GetQueueUrl
+              - kms:GenerateDataKey
+              - kms:Decrypt
+            Resource: !GetAtt PostDatedNotificationsSQSQueue.Arn
+  # End of post-dated stuff
+
 Outputs:
   NHSNotifyPrescriptionsSQSQueueUrl:
     Description: The URL of the NHS Notify Prescriptions SQS Queue
@@ -138,3 +197,35 @@ Outputs:
     Value: !Ref UseNotificationSQSQueueKMSKeyPolicy
     Export:
       Name: !Sub ${StackName}-UseNotificationSQSQueueKMSKeyPolicyArn
+
+  # Post dated SQS outputs start here
+  PostDatedNotificationsSQSQueueUrl:
+    Description: The URL of the Post Dated Notifications SQS Queue
+    Value: !Ref PostDatedNotificationsSQSQueue
+    Export:
+      Name: !Sub ${StackName}-PostDatedNotificationsSQSQueueUrl
+
+  PostDatedNotificationsSQSQueueArn:
+    Description: The ARN of the Post Dated Notifications SQS Queue
+    Value: !GetAtt PostDatedNotificationsSQSQueue.Arn
+    Export:
+      Name: !Sub ${StackName}-PostDatedNotificationsSQSQueueArn
+
+  PostDatedNotificationsDeadLetterQueueArn:
+    Description: The ARN of the Post Dated Notifications Dead Letter Queue
+    Value: !GetAtt PostDatedNotificationsDeadLetterQueue.Arn
+    Export:
+      Name: !Sub ${StackName}-PostDatedNotificationsDeadLetterQueueArn
+
+  ReadPostDatedNotificationsSQSQueuePolicyArn:
+    Description: ARN of policy granting permission to read the post dated notifications queue
+    Value: !Ref ReadPostDatedNotificationsSQSQueuePolicy
+    Export:
+      Name: !Sub ${StackName}-ReadPostDatedNotificationsSQSQueuePolicyArn
+
+  WritePostDatedNotificationsSQSQueuePolicyArn:
+    Description: ARN of policy granting permission to write to the post dated notifications queue
+    Value: !Ref WritePostDatedNotificationsSQSQueuePolicy
+    Export:
+      Name: !Sub ${StackName}-WritePostDatedNotificationsSQSQueuePolicyArn
+  # End