Serverless Booking Platform
Full-stack SaaS booking platform with 106 Lambda functions, PostgreSQL, real-time notifications via email and WhatsApp, Stripe billing, Google Calendar sync, and multi-tenant architecture — all serverless on AWS.
Overview
A production-grade SaaS booking platform built entirely on AWS serverless infrastructure. The system handles appointment scheduling, staff management, customer communications, billing, and analytics — serving multiple businesses through a multi-tenant architecture.
The platform runs 106 Lambda functions across 20+ service modules, with a React frontend served via CloudFront, PostgreSQL for data persistence, and real-time notifications through email and WhatsApp.
Architecture
The platform is organized into five layers, each handling a distinct concern.
Entry Layer
Users access the platform through Amazon CloudFront, which serves the Vite/React SPA from an S3 bucket and routes API requests to API Gateway. Every API request passes through a JWT Authorizer Lambda that validates authentication tokens before reaching the core business logic.
The API Gateway is configured with throttling (100 req/s sustained, 200 burst), request tracing via X-Ray, and CORS policies scoped to the production domain.
Core (Private Subnet)
The heart of the platform — 106 Lambda functions written in Python, deployed inside a VPC private subnet for security. The functions are organized by domain:
- Auth: Login, register, JWT refresh, password reset, email verification
- Appointments: Create, cancel, update status, recurring bookings
- Availability: Set availability windows, holiday management, slot calculation
- Staff: CRUD, staff login, password management, scheduling
- Services: Service catalog, pricing, duration configuration
- Customers: Customer profiles, search, activity history
- Business: Business registration, settings, profile management
- Locations: Multi-location support, amenities
- Billing: Stripe checkout sessions, subscriptions, trial management, webhooks
- Calendar: Google Calendar connect, sync, disconnect
- Campaigns: Marketing campaigns, email blasts
- Forms: Custom intake forms, response collection
- Reviews: Customer review collection and display
- Waitlist: Queue management for fully booked slots
- Analytics: Booking trends, growth metrics, usage dashboards
- GDPR: Data export, account deletion, compliance
- Dashboard: KPIs, activity feed, health checks
- Admin: Super admin operations, feature flags
- System: Health checks, error monitoring
All Lambda functions access the database through VPC endpoints, keeping traffic off the public internet.
Data Layer
- RDS PostgreSQL — Primary database running in the VPC private subnet. Stores all business data, appointments, customer records, and configuration. Encrypted at rest with automated backups.
- S3 Photos — Object storage for business photos, profile images, and uploaded assets.
- SQS FIFO — Notification queue with exactly-once processing and a dead-letter queue for failed messages. Ensures no notification is sent twice or lost.
Notification Layer
Asynchronous customer communications processed through the SQS queue:
- SES (Simple Email Service) — Transactional emails: booking confirmations, reminders, cancellations, marketing campaigns
- WhatsApp — Direct messaging for appointment reminders and confirmations, with scheduled sends
- Notification Lambdas — Processor functions that read from SQS, format messages, and dispatch through the appropriate channel. Includes 2-hour and day-before reminder schedules.
Operations
- Secrets Manager — Stores JWT signing secrets, Stripe API keys, and database credentials. Rotated automatically.
- EventBridge — Scheduled triggers for recurring tasks: appointment reminders, trial expiry checks, KPI snapshots.
- CloudWatch — Centralized logging, custom metrics, and operational dashboards for all 106 Lambda functions.
- SNS Alarms — Alert notifications for error spikes, DLQ depth, and database health.
External Integrations
- Stripe — Full payment integration: checkout sessions, customer portal, subscription management, webhook processing for payment events.
- Google Calendar — Two-way sync: appointments created in the platform appear in the business owner's Google Calendar and vice versa.
- Apple Auth & Google Auth — Social login for frictionless customer onboarding.
Infrastructure as Code
The entire platform is defined in AWS CDK (TypeScript) across 7 stacks:
| Stack | Resources |
|---|---|
| NetworkStack | VPC, subnets, security groups, VPC endpoints |
| DatabaseStack | RDS PostgreSQL, Secrets Manager |
| StorageStack | S3 buckets (frontend + photos) |
| ComputeStack | 106 Lambda functions, layers, IAM roles |
| ApiStack | API Gateway, JWT authorizer, CloudFront |
| MessagingStack | SQS queues, SNS topics, SES |
| MonitoringStack | CloudWatch alarms, dashboards, EventBridge rules |
Security
- VPC isolation — Lambdas and RDS run in private subnets with no public internet access
- VPC endpoints — S3, Secrets Manager, and SQS accessed through private endpoints
- JWT authentication — Every API request validated by a dedicated authorizer Lambda
- Secrets Manager — No hardcoded credentials; all secrets rotated and encrypted
- Encryption — Data encrypted at rest (RDS, S3, SQS) and in transit (TLS everywhere)
- GDPR compliance — Built-in data export and account deletion workflows
Key Design Decisions
106 single-purpose Lambdas over monolith: Each Lambda handles exactly one API operation. Cold starts are minimal (small package size), IAM permissions are scoped precisely, and deployments are independent — updating the appointment creation logic doesn't risk breaking billing.
FIFO SQS for notifications: Exactly-once processing prevents duplicate emails/WhatsApp messages. The dead-letter queue catches failures for manual review rather than silently dropping notifications.
Multi-tenant from day one: Database schema, API authorization, and data isolation are designed for multi-tenancy. Adding a new business is configuration, not code.
Results
- 106 Lambda functions across 20+ business domains
- 7 CDK stacks managing all infrastructure as code
- Multi-channel notifications — email + WhatsApp with scheduled reminders
- Stripe billing with subscription management and customer portal
- Google Calendar two-way sync
- GDPR compliant with data export and deletion built in
- Zero server management — fully serverless, scales automatically