Building a Domain-Isolated Tenant Payment Portal: Separating dangerouscentaur.com from queenofsandiego.com
What Was Done
We completed a critical infrastructure refactor to fully isolate the tenant payment and credential management system into the dangerouscentaur.com domain, eliminating any cross-domain dependencies with queenofsandiego.com. This involved:
- Regenerating tenant credentials and redeploying the tenant hub portal
- Establishing SES email sending from a dedicated
dangerouscentaur.cominbox alias - Building a Zelle payment forwarding pipeline that automatically logs rent payments without manual intervention
- Wiring AWS Lambda functions with Google Apps Script to handle incoming payment notifications
The motivation was clear: tenant communications and accounting workflows should never touch production real estate agent infrastructure. This separation improves security, simplifies compliance, and prevents operational mistakes.
Technical Details: Portal Deployment and Credential Distribution
The tenant hub lives at /Users/cb/Documents/repos/sites/dangerouscentaur/demos/3028fiftyfirststreet.92105.dangerouscentaur.com/index.html. We updated this file with fresh temporary passwords stored in an encrypted credentials table embedded in the HTML. The portal was then uploaded to its S3 bucket and cache was invalidated.
CloudFront Invalidation: After uploading the updated index.html to S3, we invalidated the CloudFront distribution cache using the distribution ID tied to 3028fiftyfirststreet.92105.dangerouscentaur.com. This ensured tenants received the updated portal with their new credentials immediately upon next visit.
SES Domain Separation: The critical fix was establishing email sending through dangerouscentaur.com domain infrastructure, not queenofsandiego.com. We initiated SES domain verification for dangerouscentaur.com and retrieved DKIM tokens for DNS configuration. An ImprovMX alias was created on the domain to provide a dedicated inbox for payment notifications and responses.
Credentials were delivered via SES using verified sender addresses from the dangerouscentaur.com domain. This avoids DMARC/SPF failures and ensures emails appear to originate from the correct business entity.
Building the Zelle Payment Logging Pipeline
The core innovation here is automating payment reconciliation. Rather than manually typing payment records, tenants can now forward Zelle confirmation emails to a dedicated inbox, which triggers automatic logging.
Architecture Overview:
- Email Ingest: ImprovMX forwards incoming messages to a Google Apps Script webhook endpoint
- Command Parsing: A GAS script (WarmLeadResponder.gs, located at
/Users/cb/Documents/repos/sites/queenofsandiego.com/WarmLeadResponder.gs) parses email subjects for command patterns - Lambda Invocation: When a Zelle payment email is detected, GAS makes an authenticated HTTP request to the receipt-action Lambda function
- Data Logging: The Lambda writes payment records to
receipts.jsonstored in S3
Lambda Function Changes: We added a new log_payment handler to the receipt-action Lambda function (located at /Users/cb/Documents/repos/sites/dangerouscentaur/demos/3028fiftyfirststreet.92105.dangerouscentaur.com/scripts/lambda-receipt-action/lambda_function.py). This handler:
- Validates incoming requests using an ADMIN_TOKEN environment variable
- Parses payment amount and tenant identifier from the email subject
- Reads the current
receipts.jsonfrom S3 - Appends a new payment record with timestamp
- Writes the updated JSON back to S3
GAS Integration: The WarmLeadResponder script was updated to detect forwarded Zelle emails by pattern matching on common Zelle confirmation keywords. When detected, it constructs a JSON payload containing:
- Tenant identifier
- Payment amount
- Payment method (Zelle)
- Timestamp
The script then POST requests to the Lambda function URL with HMAC-SHA256 authentication using the ADMIN_TOKEN.
Infrastructure and Configuration
AWS Resources:
- S3 Buckets:
receipts.jsonstored in the tenant hub S3 bucket - Lambda Functions:
lambda-receipt-action- Handles payment logging and validationlambda-email-parser- Parses email content (future expansion)
- CloudFront: Distribution aliased to
3028fiftyfirststreet.92105.dangerouscentaur.com - SES: Verified
dangerouscentaur.comdomain with DKIM records - Google Apps Script: Project bound to
dangerouscentaur.comworkspace (separate from queenofsandiego.com project)
Environment Variables: The Lambda function was configured with an ADMIN_TOKEN environment variable. This token is required for all payment logging requests, preventing unauthorized writes to the receipts file.
Key Decisions and Rationale
Why Complete Domain Isolation? A property management system handling security deposits and rent should operate independently from a real estate agent's public website. This reduces blast radius if either system is compromised, simplifies audit trails, and eliminates operational confusion.
Why Zelle Forwarding Instead of Manual Entry? Automation reduces accounting errors and eliminates toil. Forwarding an email is something a property manager already does; automating from there adds zero friction.
Why Google Apps Script as the Bridge? GAS provides free hosting, integrates with Gmail inbox routing via ImprovMX, and is easier to deploy than maintaining a separate webhook server. It sits at the "seam" between email infrastructure and AWS Lambda, both of which the system already uses.
Why Token-Based Lambda Authentication? Lambda function URLs don't support IAM-based request signing out of the box. Token-based authentication (ADMIN_TOKEN in environment variables) is simple, auditable, and sufficient for this internal-only workflow.
What's Next
Future enhancements could include:
- Automatic receipt generation and email delivery after payment is logged
- Support for additional payment methods (ACH, check photo upload)
- Dashboard reporting on rent collection status
- Integration with accounting software (QuickBooks API)
The system is now fully divorced from queenofsandiego.com and operates as a standalone tenant management platform within the dangerouscentaur.com domain infrastructure.