stripe-eventbridge
Intro
A serverless Stripe to Eventbridge pipe for webhook events
Deploys a Lambda webhook endpoint that simply validates that the incoming webhook event is from Stripe, and if so, then the event is pushed onto AWS EventBridge for downstream applications to consume.
What gets deployed
Setup
- Install the serverless framework:
npm i -g serverless
- Deploy the stack containing the dependencies:
cd stacks && sls deploy && cd ..
. - This creates a Secret slot and an SNS queue for notifications about failed validations.
- Deploy the function:
sls deploy
- Once deployed, note the URL of the deployed function in the output.
- Login to the [https://dashboard.stripe.com/](Stripe Dashboard) and go to
Developers > Webhooks
and create a new endpoint. - Paste in the URL of the deployed function and choose which events you want to send to it.
- Save it, then reopen it and
Click to reveal
the signing secret. - Copy the value of the signing secret then open the AWS Secrets Manager console.
- Look for the Secret named
dev/stripe/stripe-webhook-secret
, click onSet Secret Value
and paste the signing secret in as plaintext.
The function you deployed will use this secret to validate the signature on any incoming events, to prove that they were generated by Stripe, before accepting them onto the EventBridge.
That's it! Try sending a test webhook event from the Stripe Dashboard and it will be added to the AWS EventBridge.
EventBridge configuration
Now, if you create rules in CloudWatch Events that match the pattern below, you can now route these events based on the event type to endpoints of your choice (such as Lambdas) while being assured that the events have already had their signatures checked.
For example, to select all of the payment_intent.succeeded events, you would use this pattern:
{
"detail-type": [
"payment_intent.succeeded"
],
"source": [
"Stripe"
]
}
Note: If you're using the Serverless Framework to create Lambdas to handle the above events, then the YAML syntax to have EventBridge trigger on the above would be:
functions:
myLambdaFunction:
handler: handler.myLambdaFunction
events:
- eventBridge:
pattern:
source:
- Stripe
detail-type:
- payment_intent.succeeded