func-api-users-patch

Overview

Deploys the Lambda function that handles PATCH /users/{email}. Updates a user's super user status (Cognito group membership) and/or environment access (DynamoDB record). The route is authenticated via the Cognito JWT authorizer.

CloudFormation Stack

firefly-func-api-users-patch

CloudWatch Logs

Setting	Value
Log group	`/aws/lambda/firefly-func-api-users-patch`
Retention	30 days

Dependencies

Deploy Dependencies

Workflow	Reason
api-gateway	`ApiId` and `AuthorizerId` resolved from stack outputs
cognito	Authorizer is created as part of the api-gateway stack, which depends on Cognito; function requires Cognito User Pool access
dynamodb-users	`DynamoDbUsersTableName` resolved from stack outputs; function reads and updates the users table

Delete Dependencies

None — this workflow has no prerequisites.

Required By

Required By Deploy

Workflow	Reason
run-integration-tests	Endpoint must be live before integration tests run

Required By Delete

Workflow	Reason
delete-api-gateway	Route registration must be removed before the API Gateway stack is deleted

Deploy Workflow

Description

Resolves the HTTP API Gateway ID, JWT Authorizer ID, Cognito User Pool ID, and DynamoDB Users table name from their respective stack outputs, then performs a SAM build and deploy. The function is granted Cognito group management permissions and DynamoDB GetItem/UpdateItem on the users table.

Steps

Configure AWS credentials.
Look up ApiId from the firefly-api-gateway stack output.
Look up AuthorizerId from the firefly-api-gateway stack output.
Look up UserPoolId from the firefly-cognito stack output.
Look up UsersTableName from the firefly-dynamodb-users stack output.
SAM build.
SAM deploy firefly-func-api-users-patch with parameters:
- ApiId
- AuthorizerId
- CognitoUserPoolId
- DynamoDbUsersTableName
- EnvironmentName

Sequence Diagram

Delete Workflow

Description

Calls sam delete to remove the Lambda function and its associated IAM role and API Gateway route integration.

Steps

Configure AWS credentials.
SAM delete firefly-func-api-users-patch.

Sequence Diagram

Failure Scenarios

Scenario	Behavior
`firefly-api-gateway` stack not found	`describe-stacks` returns an error; workflow fails before SAM deploy is attempted. Deploy `api-gateway` first.
Authorizer ID lookup fails	Deploy fails; the JWT authorizer is created by the `api-gateway` stack — redeploy `api-gateway` to restore it.
`firefly-dynamodb-users` stack not found	`describe-stacks` returns an error; workflow fails before SAM deploy is attempted. Deploy `dynamodb-users` first.
Cognito User Pool not deployed	Function deploys successfully but cannot manage group membership at runtime. Deploy `cognito` first.

Hardware

Versions

Controller Application

Configuration

Hardware Registration and Configuration Application

Home Assistant Auto Discovery and MQTT

FireFly Management Console

Lambda Functions

Deployment and Deletion

func-api-users-patch

Overview

CloudFormation Stack

CloudWatch Logs

Dependencies

Deploy Dependencies

Delete Dependencies

Required By

Required By Deploy

Required By Delete

Deploy Workflow

Description

Steps

Sequence Diagram

Delete Workflow

Description

Steps

Sequence Diagram

Failure Scenarios

Controller Application

Configuration

Hardware Registration and Configuration Application

func-api-users-patch ​

Overview ​

CloudFormation Stack ​

CloudWatch Logs ​

Dependencies ​

Deploy Dependencies ​

Delete Dependencies ​

Required By ​

Required By Deploy ​

Required By Delete ​

Deploy Workflow ​

Description ​

Steps ​

Sequence Diagram ​

Delete Workflow ​

Description ​

Steps ​

Sequence Diagram ​

Failure Scenarios ​

func-api-users-patch

Overview

CloudFormation Stack

CloudWatch Logs

Dependencies

Deploy Dependencies

Delete Dependencies

Required By

Required By Deploy

Required By Delete

Deploy Workflow

Description

Steps

Sequence Diagram

Delete Workflow

Description

Steps

Sequence Diagram

Failure Scenarios