-
Hello Kumar Mahadevan,
Thank you for bringing this to our attention.
The OpenID Connect (OIDC) Identity Provider (IdP) authenticates the user and issues a Web Identity Token, but it does not directly call AssumeRoleWithWebIdentity. Instead, the client application (in this case, GitHub) makes this call to AWS STS to assume the IAM role and obtain temporary credentials.
We will make the necessary updates to ensure the explanation aligns with best practices and accurately represents the role of the IdP and client in the authentication process. These updates will soon be visible on the portal.
Let us know if you need further assistance.
Thanks again for your valuable input, and we truly appreciate your keen attention to detail!
Regards,
JR @ Tutorials Dojo
