This project is not associated with PayID operated by NPP Australia Ltd. People in Australia are prohibited from using this project. See below for more details.
Ready to get started with your own PayID server on AWS Lambda?
You'll need:
- an AWS account.
- a domain you want to use for your PayIDs.
- a certificate imported into Amazon Certificate Manager in the
us-east-1
region. - after the stack is added, you'll have to update your domain to use Amazon's name servers in the Route53 hosted zone that's created for you.
- PayIDs can be added by uploading a
json
file to the S3 bucket created by the stack.(#how-do-i-add-payids).
Here's an example of what the form looks like: all you'll need is the domain you want to use for PayIDs.
If you have the domain and certificate, and you're okay with using Amazon's name servers, then click the button below to get started.
If you'd prefer to use the AWS command line to create your stack, we have scripts to make your life easier. Check out our instructions for using them.
Note: this is a set of instructions known to work by those who created this stack, but there are likely other ways of importing a certificate. This guide only seeks to show the steps for the one used during our development of this CloudFormation stack.
Note: this must be added in the us-east-1
region or the CloudFormation will not create your stack/PayID server correctly. The reason for this is that the Lambda uses API Gateway for HTTP access which leverages a Cloudfront distribution for pointing a domain to it, and Cloudfront distributions require ACM certs to exist in `us-east-1. This is mentioned on the AWS documentation here.
Link to console: https://console.aws.amazon.com/acm/home?region=us-east-1
At this point, you've gone as far as you can in the AWS console and will be in a state pending validation as shown below:
You'll need to use that information with your registrar to add a CNAME
record so ACM can validate that you own the domain. Here's an example of what this looks like on the registrar we used:
Now you'll just have to wait for ACM to see the CNAME
you added and issue the cert. After this happens you should see the status change:
Once you have finished creating the CloudFormation Stack using our template, you'll need to update your nameserver settings on your registrar to use Amazon's.
Step 1: View the nameservers in the stack output, or go to Route53 in the AWS console and click on your hosted zone
If you're still on the CloudFormation page looking at the stack, the Outputs
tab will list the nameservers you need to use.
If you've already closed the tab or navigated away, you can find the same information in Route53.
Link to Route53: https://console.aws.amazon.com/route53/v2/hostedzones
Once you're on this page, click on the domain you used in the stack template (in this example, somedomainyouown.com
):
Clicking on the hosted zone will display the nameservers you need to use with your registrar:
Paste the values you saw in the previous step into wherever your registrar allows you to change them. For example:
Several scripts are provided to make it simple to request a AWS certificate for your payid domain and launch the payid lambda stack on your domain.
- request-certificate.sh - to request a certificate via AWS certificate manager for a given domain.
- create-stack.sh - to create the PayID lambda stack on your account for a given domain.
- AWS cli must be installed (see https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)
aws configure
must have been configured with an Access Key created via https://console.aws.amazon.com/iam/home?region=us-east-1#/security_credentials- You must have a domain and the ability to configure DNS for your domain.
Commamd: ./request-certificate.sh <domain-name>
Example:
$ ./request-certificate.sh hodl.payid.ml
Requesting certificate for hodl.payid.ml
Certificate requested. Please create the following CNAME record for your domain:
_09dee7696e4d458fb16fead080465035.hodl.payid.ml. CNAME _b1fddaad4657f8e03167be7b61dc3685.jfrzftwwjs.acm-validations.aws.
Once the certificate request is completed, create the CNAME for your domain as specified in the output.
Wait for AWS Certificate Manager to issue your certificate before proceeding to the next command.
Commamd: ./create-stack.sh <domain-name>
Example:
$ ./create-stack.sh hodl.payid.ml
Creating stack hodl-payid-ml-payid-stack in AWS...
Waiting for changeset to be created..
Waiting for stack create/update to complete
Successfully created/updated stack - hodl-payid-ml-payid-stack
Created successfully
Please update the Nameservers for your domain to
nameserver1 ns-1288.awsdns-33.org
nameserver2 ns-852.awsdns-42.net
nameserver3 ns-1593.awsdns-07.co.uk
nameserver4 ns-8.awsdns-01.com
Once completed, update the nameservers for your domain to the ones specified in the output.
When the stack is created, an S3 bucket titled {name of stack}-s3bucket-{unique hash}
is created.
PayIDs can be added to this bucket by uploading json
files to the bucket, each of which contains a single user that conforms to the PayID schema. You can upload new files to the bucket via https://s3.console.aws.amazon.com/s3/buckets/.
A test account is provided on creation at testaccount.json
:
{
"addresses":[
{
"paymentNetwork":"XRPL",
"environment":"TESTNET",
"addressDetailsType":"CryptoAddressDetails",
"addressDetails":{
"address":"T772A73My52QaUonaai6VE4X98zLu7VBQSXJKLYimjXDAJi"
}
}
]
}
The name of the file is used to resolve the PayID - testaccount.json
will be resolved by mydomain.tld/testaccount
.
Releases can be found in the releases tab, with the file payid-stack.yaml
attached.
The version you have installed will be visible in the description of the stack in CloudFormation (for example, something like [v1.0] PayID Lambda Server and API Gateway front end
) and also in the Outputs
of the stack under the name PayIdLambdaStackVersion
.
To perform an update, click the Update
button when viewing the stack and upload the version of payid-stack.yaml
you want to upgrade to.
Note: While this will update the Lambda function it could also update other resources as well in the stack, including API Gateway, S3, etc. We'll outline changes in the release notes if other resources are altered, but be sure to look at the changelog for indications that other resources may be impacted.
By using, reproducing, or distributing this code, you agree to the terms and conditions for use (including the Limitation of Liability) in the Apache License 2.0. If you do not agree, you may not use, reproduce, or distribute the code. This code is not authorised for download in Australia. Any persons located in Australia are expressly prohibited from downloading, using, reproducing or distributing the code. This code is not owned by, or associated with, NPP Australia Limited, and has no sponsorship, affiliation or other connection with the “Pay ID” service operated by NPP Australia Limited in Australia.