Tools: My attempt on Cloud Resume Challenge in 2026 (Part 2)

Table Contents ## Smoke Tests with Cypress ## Multiple Environments ## AWS Cross-Account Access ## Lambda Gotchas ## DynamoDB Gotchas ## GitHub OIDC Gotchas with Multiple Environments This blog continues from My attempt on Cloud Resume Challenge in 2026. Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to ? It will become hidden in your post, but will still be visible via the comment's permalink. as well , this person and/or CODE_BLOCK: "StringLike": { "token.actions.githubusercontent.com:sub": "repo:<org>/<repo>:*" } CODE_BLOCK: "StringLike": { "token.actions.githubusercontent.com:sub": "repo:<org>/<repo>:*" } CODE_BLOCK: "StringLike": { "token.actions.githubusercontent.com:sub": "repo:<org>/<repo>:*" } - Smoke Tests with Cypress - Multiple Environments - AWS Cross-Account Access - Lambda Gotchas - DynamoDB Gotchas - GitHub OIDC Gotchas with Multiple Environments - Cypress is used for smoke tests to verify that the page loads correctly and to run basic sanity checks against real API requests. - In GitHub Actions, the Cypress binary must be installed explicitly and cached. This is because Cypress installs its binary via a postinstall script, while pnpm only downloads the JavaScript wrapper and Node APIs by default. - Multiple environments are set up to support controlled deployments. - Staging: Pull requests merged into the main branch trigger CI/CD and deploy automatically to the staging environment. - Production: Commits that have passed CI/CD are promoted to production by creating a release/* branch and tagging a release (for example, v1.0.0). - HCP Terraform authenticates to the AWS production account via OIDC to create most resources. - It then assumes a role in the admin account specifically for modifying DNS records. - Use structured JSON logging to improve integration with log aggregation and analytics platforms. - Lambda functions containing non-trivial business logic should be covered by unit tests. - Use the ADD operation in UpdateItem to simplify value initialization and atomic increments. - Use auto-generated table names to allow resource replacement (for example, when changing billing modes). - When a replacement occurs, restore the table from a backup rather than reinitializing it from scratch. - GitHub OIDC assumes an IAM role in the target AWS account, where the sub claim controls which repository is allowed to assume the role. - The sub field is often restricted to a single repository, but to support multiple environments, it must allow all refs: