So I managed to find the problem with the OIDC- I made a bloggy-type post which I forgot I didn't put on earlier!! 🤦🏼‍♂️ The AWS IAM role wasn't properly configured to trust GitHub Actions as an OIDC provider. Then I realised that I needed to change the AWS region code to eu-west-1 (Ireland) for it to work! Then that was done and I was holding my breathe that it would all work well enough to not get an email! So far so good! Or was it? In a word, no. What had happened is when the actions tried to configure with the AWS credentials and assume a role using OIDC, it wouldn't allow it as it wasn't authorised. Cue the deep dive in the AWS IAM OIDC whitepapers, GitHubActions Documentation and a keep on trucking attitude which was tested quite a lot!!!!!!! So I had some food and thought about things… I have done something wrong somewhere. This is the essence of DevOps, isn't it? Doing something then seeing it fail and then finding out why it didn't deploy??? Yes. I do think it is. I have heard from various sources (and read Medium regularly..) that if you get it right the first time then there is something wrong or you have not done enough and the output is only "Hello, World"!! Anyway! I went back to the drawing board and had a decent scour of the code, the IAM role and policies I had put in place to allow access and found that I might have to do something a bit different. I made a new branch gh-pages, and then sent the .yaml code to deploy there, rather than from the main. I have now got two branches, and this is the result! I got it to work! Wahoo and all the joy! But wait! This is only on the gh-pages branch! What about the main branch and the sts:AssumeRoleWithWebIdentity error I had been having? Yeah it hadn't changed that part! :-( So I had another re-scour of the IAM Roles, policies, then asked the wonderful people in Cloud Talents what could be the problem? Anoop suggested that I have a look at the GitHub Org and repo name but I could see that it was all ok. I was going to even make a new IAM Role and discard the previous one but held off doing that for the time being.

Why should startups consider AWS over the other cloud providers? AWS empowers startups with unmatched flexibility, scalability, reliability, and cost efficiency. How so? by providing the essential tools and infrastructure for rapid growth, allowing for innovation and scaling without the burden of managing complex systems. With AWS, startups can focus on what truly matters—building their business—while AWS handles the infrastructure behind the scenes. AWS is the proven partner for startup success by providing flexible infrastructure to face the challenge of scaling by adjusting requirements without constraints. This adaptability allows startups to focus on building and innovating without worrying about infrastructure limitations. The pay as you go pricing method keeping costs manageable as scaling occurs. The range of pre-built services available accelerates product development, helping startups go to market faster. With less time spent managing infrastructure and more tools for innovation, enabling startups to quickly turn ideas into reality, outpacing the competition in speed and efficiency. AWS has a global reach which would enable startups to deploy services closer to their customers for better performance. AWS is an ecosystem that supports innovation by providing startups with everything needed to scale and thrive. One of the key lessons from AWS's creation was Amazon’s ability to recognize and capitalize on its internal capabilities to offer infrastructure as a service. AWS’s suite of services from compute and storage to machine learning and analytics which enables businesses to focus on innovation rather than managing complex infrastructure

Hi everyone👋, My name is Zandile. I live in Johannesburg, South Africa and I am junior cloud engineer and I am currently studying towards my SSA-CO3 certification. I plan on becoming an AWS DevOps Engineer by February 2025. I want to get these 3 things from the community: 1.  Learn more deeply about AWS. 2. Create projects to enhance my skillset 3. Meet amazing likeminded people. For fun I like to do these 3 things: 1.  Nap 2. Read 3. Do some adventures like quad biking and skydiving. Looking forward to meeting all of you!😁

Enjoyed this assignment and seemed to learn so much from this task. 1. Created S3 bucket 2. Uploaded the template files provided by @Fernando Goncalves 3. Configured to allow public access 4. Allowed static website hosting 5. Setup a distribution in cloudfront (this was easier than I expected) 6. Test - It was at this point I couldn't gert it to work so I added the following bucket policy and it seemed to work fine :) { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::leestechblog/*" } ] }

Finally I surpassed the week #01 assignment. Assignment Included: -Creating a complete setup of landing zone as mentioned in region Us-west-1 -Implemented a safe environment for multi account setup. Created Log archive and Audit account in OU's. Created specific "Development account" in Sandbox OU. Created IAM user in Identity management to access and manage the multi account setup. At last applying the Reduce Cost script through cloud shell to stop the bill from AWS Config. What I learn or achieved: As a starting a working in startup company to start a project its important to create a secure environment to manage and access the accounts. I am not stuck soo much but yes did some research from internet and also ask thing from community members they help me. Special thanks to @Fernando Goncalves and @Anoop Jayadharan to help me to sort things. Looking forward to start Week #02