Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS上でStripeを利用したアプリをより安全にデプロイする方法 /jaws-pankrat...

Hidetaka Okamoto
November 21, 2021
Technology
1
170

AWS上でStripeを利用したアプリをより安全にデプロイする方法 /jaws-pankration-2021

JAWS PANKRATION 2021登壇資料です。
https://jawspankration2021.jaws-ug.jp/sessions/40

Hidetaka Okamoto

November 21, 2021
Tweet

More Decks by Hidetaka Okamoto

See All by Hidetaka Okamoto
OpenAI APIで API Changelogを要約してみた話 / chatgpt-osaka-1
hideokamoto
0
450
コミュニティ運営から 中の人に変わって感じたこと
hideokamoto
0
53
Developerが Developer Advocateになった話 / dev-rel-meetup-tokyo-71
hideokamoto
0
260
Jamstack開発者のための App Runner入門
hideokamoto
1
420
WordPressでの webサイト制作2022 / ngk2022s
hideokamoto
0
380
JavaScript(TypeScript)で メディアサイトを インフラから構築する方法 / jsconf-jp-2021
hideokamoto
2
4k
Shifter Headlessと Headless WordPressの紹介
hideokamoto
0
1.6k
Stripe & Next.js + AWS Amplify で会員 + 定期課金機能 / JP_Stripes20210903
hideokamoto
7
3k
後付けで 従量課金プランの 提供を開始した話 / 20210609-jp_stripes
hideokamoto
0
180

Other Decks in Technology

See All in Technology
カメラを用いた店内計測におけるオプトインの仕組みの実現 / ai-optin-camera
cyberagentdevelopers
PRO
1
120
一休.comレストランにおけるRustの活用
kymmt90
3
570
オニオンアーキテクチャで実現した 本質課題を解決する インフラ移行の実例
hryushm
14
3k
2024-10-30-reInventStandby_StudyGroup_Intro
shinichirokawano
1
590
WINTICKETアプリで実現した高可用性と高速リリースを支えるエコシステム / winticket-eco-system
cyberagentdevelopers
PRO
1
190
新卒1年目が向き合う生成AI事業の開発を加速させる技術選定 / ai-web-launcher
cyberagentdevelopers
PRO
7
1.5k
[JAWS-UG金沢支部×コンテナ支部合同企画]コンテナとは何か
furuton
3
160
Emacs x Nostr
hakkadaikon
1
150
Apple/Google/Amazonの決済システムの違いを踏まえた定期購読課金システムの構築 / abema-billing-system
cyberagentdevelopers
PRO
1
210
AIを駆使したゲーム開発戦略: 新設AI組織の取り組み / sge-ai-strategy
cyberagentdevelopers
PRO
1
130
初心者に Vue.js を 教えるには
tsukuha
5
380
【若手エンジニア応援LT会】AWS Security Hubの活用に苦労した話
kazushi_ohata
0
150

Featured

See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
504
140k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.6k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
The Cult of Friendly URLs
andyhume
78
6k
KATA
mclloyd
29
13k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
27
1.9k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Designing Experiences People Love
moore
138
23k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
Music & Morning Musume
bryan
46
6.1k

Transcript

  1. How to develop application safely using Stripe on AWS

  2. Agenda • About Stripe • Using AWS to use Stripe

    more secure • Community information about Stripe

  3. https://stripe.com/

  4. We can add/do... • Send invoice and charge it •

    Membership / Subscription • Create marketplace (CtoC) • POS / Finance / Card / eKYC / etc...

  5. Use case https://getshifter.io https://stripe.com/

  6. Use Case: Shifter • Save/update credit card • Create/modify subscription

    • Provide PAYG option plan to customer • Analyze business (on Stripe Dashboard) • etc...

  7. How to use it?

  8. We need to get the API key to call Stripe

    API

  9. Publishable API Key • For frontend • Tokenize Card and

    confirm payment Secret API Key • For backend • Access & modify all resource in Stripe

  10. Publishable API Key • For frontend • Tokenize Card and

    confirm payment Secret API Key • For backend • Access & modify all resource in Stripe

  11. “Restricted API Key” -> Custom API key -> Custom policy

  12. Use API Key to init Client

  13. And call Stripe API

  14. • Stripe Secret API key is critical • We can

    access&modify real customer data • We need to hold it secure

  15. AWS can hold the API key security

  16. https://aws.amazon.com/secrets-manager/

  17. None
  18. None

  19. • We never place API key on our local •

    Just call AWS API to get it • Set once, only read

  20. Amplify CLI supports AWS Secrets Manager (and SSM)

  21. Automatically generate a code to get the env value

  22. • Secrets Manager can handle API key secure • AWS

    Amplify can use this from CLI • Stripe with AWS is good for developer • Let’s create your own SaaS bussiness !

  23. Info & Community

  24. Official Docs & Tutorial https://stripe.dev Japanese Community https://www.facebook.com/groups/jpstripes Discord https://discord.com/invite/stripe

  25. https://qiita.com/advent-calendar/2021/stripe

  26. https://stripe.events/jpdevguides

  27. Thanks!