/aws-plaid-demo-app

Build a fintech app on AWS to link bank accounts using Plaid API

Primary LanguagePythonMIT No AttributionMIT-0

AWS Plaid Demo

Table of contents

  1. Introduction
  2. Architecture
  3. Prerequisites
  4. Tools and services
  5. Usage
  6. Clean up
  7. Reference
  8. Contributing
  9. License

Introduction

This repo demonstrates how to build a Fintech app on AWS that uses Plaid Link to connect a user to their bank account. The app allows users to sign up using Amazon Cognito, select their bank from a list, log in to the bank, and display the accounts. The app is built using AWS Amplify, Amazon API Gateway, Amazon Cognito, AWS Secrets Manager, Amazon Simple Queue Service and Amazon DynamoDB.

Architecture

architecture

The architecture consists of a React application hosted on Amplify Hosting. The API is an AWS Lambda function behind an Amazon API Gateway. The API stores and retrieves data from DynamoDB. When webhooks are received from Plaid, those are stored in a FIFO SQS queue for processing.

Prerequisites

Tools and services

  • AWS Lambda - AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers, creating workload-aware cluster scaling logic, maintaining event integrations, or managing runtimes.
  • Amazon Cognito - Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Amazon Cognito scales to millions of users and supports sign-in with social identity providers, such as Apple, Facebook, Google, and Amazon, and enterprise identity providers via SAML 2.0 and OpenID Connect.
  • Amazon API Gateway - Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.
  • AWS Amplify - AWS Amplify is a complete solution that lets frontend web and mobile developers easily build, ship, and host full-stack applications on AWS, with the flexibility to leverage the breadth of AWS services as use cases evolve.
  • Amazon Simple Queue Service - Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
  • Amazon DynamoDB - Amazon DynamoDB is a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale.
  • AWS Secrets Manager - AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles.
  • AWS CloudFormation - AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code.

Usage

Parameters

Parameter Type Default Description
Environment String dev Environment tag
GitHubOrg String aws-samples Source code GitHub organization
GitHubRepo String aws-plaid-demo-app Source code GitHub repository
PlaidClientId String Plaid Client ID
PlaidSecretKey String Plaid Secret Key
PlaidEnvironment String sandbox Plaid Environment
GitHubAccessToken String GitHub Personal Access Token (PAT)

Installation

  1. GitHub: Create a personal access token with the repo scope selected. The access token will be used by AWS Amplify to securely connect to your GitHub account to access the source code. Amplify will then build, deploy and host the application using Amplify Hosting.
  2. GitHub: Fork the repository to your personal account. This is required so Amplify can access the repository and download the source code.
  3. Plaid: Ensure you have both a client_id and Sandbox Secret available on the Keys page
git clone https://github.com/<GitHubUserName>/aws-plaid-demo-app
cd aws-plaid-demo-app
sam build --use-container --parallel --cached
sam deploy \
  --guided \
  --tags "GITHUB_ORG=<GitHubUserName> GITHUB_REPO=aws-plaid-demo-app"

SAM will then prompt you to provide values for the missing parameters listed above:

Setting default arguments for 'sam deploy'
=========================================
Stack Name [sam-app]: aws-plaid-demo-app
AWS Region [us-east-1]:
Parameter Environment [dev]:
Parameter GitHubOrg: <GitHubUserName>
Parameter GitHubRepo [aws-plaid-demo-app]:
Parameter PlaidClientId: *************
Parameter PlaidSecretKey: *************
Parameter PlaidEnvironment [sandbox]:
Parameter GitHubAccessToken: *************
#Shows you resources changes to be deployed and require a 'Y' to initiate deploy
Confirm changes before deploy [y/N]:
#SAM needs permission to be able to create roles to connect to the resources in your template
Allow SAM CLI IAM role creation [Y/n]:
Capabilities [['CAPABILITY_IAM']]: CAPABILITY_IAM CAPABILITY_AUTO_EXPAND
#Preserves the state of previously provisioned resources when an operation fails
Disable rollback [y/N]:
Save arguments to configuration file [Y/n]:
SAM configuration file [samconfig.toml]:
SAM configuration environment [default]:

SAM will then monitor the CloudFormation stack as its being deployed. Once CloudFormation completes, you can access the application within the Amplify Console to monitor the deployment progress.

Testing the Application

Click the FrontendUrl listed CloudFormation Outputs (or the Domain URL from the Amplify Console) to access the application. You should see a screen like this:

login_screen

Go through the process to create a new account providing your email address for the username. Cognito will send you a verification code to verify your email. Then click on the "Connect with Plaid" button to begin the linking process.

connect_with_plaid

Select "Bank of America" and use these demo credentials:

  • Username: user_good
  • Password: pass_good
  • Code: 1111

Continue through the Plaid Link process to have "Bank of America" and its accounts linked to the application.

Clean up

Deleting the CloudFormation Stack will remove the Lambda functions, Amplify application, API Gateway and DynamoDB table.

sam delete

Reference

Contributing

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.