private getDeallocateGamerFunction()

in infrastructure/cdk/lib/layer/processingLayer.ts [133:204]


    private getDeallocateGamerFunction() {
        /**
         * This function requires access to 
         * SystemsManager
         *      process.env.SESSION_PARAMETER = /<getAppRefName>/session
         * DynamoDB Tables
         *      process.env.SESSION_CONTROL_TABLENAME = getAppRefName+'SessionControl'
         */

        let sessionParameter : any;
        let parameterName : string;
        if (SESSION_PARAMETER) {
            sessionParameter =  this.properties.getParameter('parameter.session');
            parameterName =  sessionParameter.ref;
        }
        else  {
            sessionParameter = { parameterName : '/'+this.properties.getApplicationName().toLocaleLowerCase()+'/session'};
            parameterName = sessionParameter.parameterName;
        }
        let sessionControlTable: Table | undefined = <Table> this.properties.getParameter('table.sessionControl');
        if (sessionParameter && sessionControlTable) {
            let createdFunction: Lambda.Function =
                new Lambda.Function(this, this.properties.getApplicationName() + 'DeallocateGamerFn', {
                    runtime:Lambda.Runtime.NODEJS_14_X,
                    handler: 'index.handler',
                    code: Lambda.Code.fromAsset(path.join(lambdasLocation,'deallocateGamer')),
                    environment: {
                        'SESSION_CONTROL_TABLENAME': sessionControlTable.tableName,
                        'SESSION_PARAMETER': parameterName
                    }
                    , functionName: this.properties.getApplicationName() + 'DeallocateGamerFn'
                    , description: 'This function deallocates the gamer when a relevant event is identified (sign out, close window etc)'
                    , memorySize: 128
                    , timeout: Duration.seconds(60)
                    , role: new IAM.Role(this, this.properties.getApplicationName() + 'DeallocateGamerFn_Role', {
                        roleName: this.properties.getApplicationName() + 'DeallocateGamerFn_Role'
                        , assumedBy: new IAM.ServicePrincipal('lambda.amazonaws.com')
                        , managedPolicies : [ ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole') ]
                        , inlinePolicies: {
                            'DynamoDBPermissions':
                                new IAM.PolicyDocument({
                                    statements : [
                                        new IAM.PolicyStatement( {
                                            resources : [ sessionControlTable.tableArn ],
                                            actions : [ 
                                                'dynamodb:GetItem',
                                                'dynamodb:UpdateItem',
                                                'dynamodb:Scan',
                                                'dynamodb:Query'
                                            ]
                                        })
                                    ]
                                }),
                            'SystemsManagerPermissions':
                                new IAM.PolicyDocument({
                                    statements : [
                                        new IAM.PolicyStatement({
                                            resources : [ 'arn:aws:ssm:'+this.properties.region+':'+this.properties.accountId+':parameter'+sessionParameter.parameterName ]
                                           ,actions: [
                                               'ssm:GetParameter',
                                               'ssm:GetParameters'
                                            ]
                                        })
                                    ]
                                })
                        }
                    })
                });
            return createdFunction;
        }
        else return undefined;
    }