constructor()

in cdk/lib/super-mode-calculator.ts [17:116]

• 91 lines of code
• 2 McCabe index (conditional complexity)

	constructor(scope: App, id: string, props: GuStackProps) {
		super(scope, id, props);

		const scheduleRules = [
			{
				schedule: Schedule.rate(Duration.minutes(60)),
			},
		];

		const superModeCalculatorTable = new Table(
			this,
			'super-mode-calculator-table',
			{
				tableName: `super-mode-calculator-${this.stage}`,
				removalPolicy: RemovalPolicy.RETAIN,
				billingMode: BillingMode.PROVISIONED,
				partitionKey: {
					name: 'id',
					type: AttributeType.STRING,
				},
				sortKey: {
					name: 'startTimestamp',
					type: AttributeType.STRING,
				},
				readCapacity: 5,
				writeCapacity: 5,
				pointInTimeRecovery: this.stage === 'PROD',
			},
		);

		superModeCalculatorTable.addGlobalSecondaryIndex({
			indexName: 'end',
			partitionKey: { name: 'endDate', type: AttributeType.STRING },
			sortKey: { name: 'endTimestamp', type: AttributeType.STRING },
			projectionType: ProjectionType.ALL,
			readCapacity: 5,
			writeCapacity: 5,
		});

		const role = new Role(this, 'query-lambda-role', {
			// Set the name of the role rather than using an autogenerated name.
			// This is because if the ARN is too long then it breaks the authentication request to GCP
			roleName: `${appName}-${this.stage}`,
			assumedBy: new ServicePrincipal('lambda.amazonaws.com'),
		});
		role.addToPolicy(
			// Logging permissions
			new PolicyStatement({
				actions: [
					'logs:CreateLogGroup',
					'logs:CreateLogStream',
					'logs:PutLogEvents',
				],
				resources: ['*'],
			}),
		);
		role.addToPolicy(
			// Permission to read config from Parameter Store
			new PolicyStatement({
				actions: ['ssm:GetParameter'],
				resources: [
					`arn:aws:ssm:${this.region}:${this.account}:parameter/super-mode/${this.stage}/gcp-wif-credentials-config`,
				],
			}),
		);
		role.addToPolicy(
			new PolicyStatement({
				actions: ['dynamodb:Query'],
				resources: [
					`arn:aws:dynamodb:eu-west-1:${this.account}:table/super-mode-calculator-${this.stage}`,
					`arn:aws:dynamodb:eu-west-1:${this.account}:table/super-mode-calculator-${this.stage}/index/*`,
				],
			}),
		);
		role.addToPolicy(
			new PolicyStatement({
				actions: ['dynamodb:BatchWriteItem'],
				resources: [superModeCalculatorTable.tableArn],
			}),
		);

		new GuScheduledLambda(this, 'SuperModeCalculator', {
			app: appName,
			functionName: `${appName}-${this.stage}`,
			runtime: Runtime.NODEJS_20_X,
			handler: 'lambdas/lambda.handler',
			fileName: `${appName}.zip`,
			rules: scheduleRules,
			role,
			timeout: Duration.minutes(2),
			loggingFormat: LoggingFormat.TEXT,
			monitoringConfiguration:
				this.stage === 'PROD'
					? {
							toleratedErrorPercentage: 0,
							snsTopicName: 'alarms-handler-topic-PROD',
						}
					: { noMonitoring: true },
		});
	}