Tools: My attempt on Cloud Resume Challenge in 2026 (Part 2)

Table Contents ## Smoke Tests with Cypress ## Multiple Environments ## AWS Cross-Account Access ## Lambda Gotchas ## DynamoDB Gotchas ## GitHub OIDC Gotchas with Multiple Environments This blog continues from My attempt on Cloud Resume Challenge in 2026. Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse CODE_BLOCK: "StringLike": { "token.actions.githubusercontent.com:sub": "repo:<org>/<repo>:*" } Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: "StringLike": { "token.actions.githubusercontent.com:sub": "repo:<org>/<repo>:*" } CODE_BLOCK: "StringLike": { "token.actions.githubusercontent.com:sub": "repo:<org>/<repo>:*" } - Smoke Tests with Cypress - Multiple Environments - AWS Cross-Account Access - Lambda Gotchas - DynamoDB Gotchas - GitHub OIDC Gotchas with Multiple Environments - Cypress is used for smoke tests to verify that the page loads correctly and to run basic sanity checks against real API requests. - In GitHub Actions, the Cypress binary must be installed explicitly and cached. This is because Cypress installs its binary via a postinstall script, while pnpm only downloads the JavaScript wrapper and Node APIs by default. - Multiple environments are set up to support controlled deployments. - Staging: Pull requests merged into the main branch trigger CI/CD and deploy automatically to the staging environment. - Production: Commits that have passed CI/CD are promoted to production by creating a release/* branch and tagging a release (for example, v1.0.0). - HCP Terraform authenticates to the AWS production account via OIDC to create most resources. - It then assumes a role in the admin account specifically for modifying DNS records. - Use structured JSON logging to improve integration with log aggregation and analytics platforms. - Lambda functions containing non-trivial business logic should be covered by unit tests. - Use the ADD operation in UpdateItem to simplify value initialization and atomic increments. - Use auto-generated table names to allow resource replacement (for example, when changing billing modes). - When a replacement occurs, restore the table from a backup rather than reinitializing it from scratch. - GitHub OIDC assumes an IAM role in the target AWS account, where the sub claim controls which repository is allowed to assume the role. - The sub field is often restricted to a single repository, but to support multiple environments, it must allow all refs: