/stripe-eventbridge

Connect Stripe events to AWS EventBridge

Primary LanguageJavaScriptMIT LicenseMIT

stripe-eventbridge

Intro

A serverless Stripe to Eventbridge pipe for webhook events

Deploys a Lambda webhook endpoint that simply validates that the incoming webhook event is from Stripe, and if so, then the event is pushed onto AWS EventBridge for downstream applications to consume.

What gets deployed

Architecture overview

Setup

  1. Install the serverless framework: npm i -g serverless
  2. Deploy the stack containing the dependencies: cd stacks && sls deploy && cd ...
  3. This creates a Secret slot and an SNS queue for notifications about failed validations.
  4. Deploy the function: sls deploy
  5. Once deployed, note the URL of the deployed function in the output.
  6. Login to the [https://dashboard.stripe.com/](Stripe Dashboard) and go to Developers > Webhooks and create a new endpoint.
  7. Paste in the URL of the deployed function and choose which events you want to send to it.
  8. Save it, then reopen it and Click to reveal the signing secret.
  9. Copy the value of the signing secret then open the AWS Secrets Manager console.
  10. Look for the Secret named dev/stripe/stripe-webhook-secret, click on Set Secret Value and paste the signing secret in as plaintext.

The function you deployed will use this secret to validate the signature on any incoming events, to prove that they were generated by Stripe, before accepting them onto the EventBridge.

That's it! Try sending a test webhook event from the Stripe Dashboard and it will be added to the AWS EventBridge.

EventBridge configuration

Now, if you create rules in CloudWatch Events that match the pattern below, you can now route these events based on the event type to endpoints of your choice (such as Lambdas) while being assured that the events have already had their signatures checked.

For example, to select all of the payment_intent.succeeded events, you would use this pattern:

{
  "detail-type": [
    "payment_intent.succeeded"
  ],
  "source": [
    "Stripe"
  ]
}

Note: If you're using the Serverless Framework to create Lambdas to handle the above events, then the YAML syntax to have EventBridge trigger on the above would be:

functions:
  myLambdaFunction:
    handler: handler.myLambdaFunction
    events:
      - eventBridge:
          pattern:
            source:
              - Stripe
            detail-type:
              - payment_intent.succeeded