func-api-registration-keys-post
Overview
Deploys the Lambda function that handles POST /registration-keys. Generates one-time 6-character device registration keys stored in DynamoDB with a 30-minute TTL. The route is authenticated via the Cognito JWT authorizer (any authenticated user).
CloudFormation Stack
firefly-func-api-registration-keys-post
CloudWatch Logs
| Setting | Value |
|---|---|
| Log group | /aws/lambda/firefly-func-api-registration-keys-post |
| Retention | 30 days |
Dependencies
Deploy Dependencies
| Workflow | Reason |
|---|---|
| api-gateway | ApiId and AuthorizerId resolved from stack outputs |
| dynamodb-registration-keys | Table must exist before the function is deployed and granted write access |
| shared-layer | Lambda layer must exist before function deployment |
Delete Dependencies
None — this workflow has no prerequisites.
Required By
Required By Deploy
| Workflow | Reason |
|---|---|
| run-integration-tests | Endpoint must be live before integration tests run |
Required By Delete
| Workflow | Reason |
|---|---|
| delete-api-gateway | Route registration must be removed before the API Gateway stack is deleted |
| delete-dynamodb-registration-keys | IAM permissions referencing the table must be removed first |
| delete-shared-layer | Layer reference must be removed before the layer stack is deleted |
IAM Permissions
The Lambda execution role (firefly-func-api-registration-keys-post-role) is granted:
dynamodb:PutItemonfirefly-registration-keysappconfig:StartConfigurationSession,appconfig:GetLatestConfigurationon*
Deploy Workflow
Description
Resolves the HTTP API Gateway ID, JWT Authorizer ID, shared layer ARN, and AppConfig extension layer ARN from CloudFormation stack outputs, then performs a SAM deploy.
Steps
- Configure AWS credentials.
- Look up
ApiIdfrom thefirefly-api-gatewaystack output. - Look up
AuthorizerIdfrom thefirefly-api-gatewaystack output. - Look up
SharedLayerArnfrom thefirefly-shared-layerstack output. - Look up
AppConfigExtensionLayerArnfrom thefirefly-shared-layerstack output. - SAM deploy
firefly-func-api-registration-keys-postwith parameters:ApiIdAuthorizerIdSharedLayerArnAppConfigExtensionLayerArn
Delete Workflow
Description
Calls sam delete to remove the Lambda function, its IAM role, and the API Gateway route integration. Also deletes the CloudWatch log group.
Steps
- Configure AWS credentials.
- SAM delete
firefly-func-api-registration-keys-post. - Delete CloudWatch log group
/aws/lambda/firefly-func-api-registration-keys-post.
Failure Scenarios
| Scenario | Behavior |
|---|---|
firefly-api-gateway stack not found | describe-stacks returns an error; workflow fails before SAM deploy. Deploy api-gateway first. |
firefly-dynamodb-registration-keys stack not deployed | Function deploys but returns errors at runtime. Deploy dynamodb-registration-keys first. |
firefly-shared-layer stack not found | Layer ARN lookup fails; SAM deploy is not attempted. Deploy shared-layer first. |