Drift Detection for AppSync Schema Changes

AlexEshoo commented 4 years ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The documentation for the aws_appsync_graphql_api notes that there is no drift detection for schema changes:

schema - (Optional) The schema definition, in GraphQL schema language format. Terraform cannot perform drift detection of this configuration.

This causes some problems/confusion when changes are made in the AWS console but not on the local state.

It looks like the AWS API provides an endpoint for getting the current schema for a graphql API in appsync: https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetIntrospectionSchema.html

Would this allow drift detection to be added to the terraform provider?

New or Affected Resource(s)

aws_appsync_graphql_api

Potential Terraform Configuration

resource "aws_appsync_graphql_api" "my_graphql_api" {
  authentication_type = "AMAZON_COGNITO_USER_POOLS"
  name = "myAPI"
  schema = data.local_file.graphql_schema.content
  user_pool_config {
    default_action = "ALLOW"
    user_pool_id = local.cognito_user_pool_id
  }
}

nikunjundhad commented 2 years ago

This feature is more required when you have multiple contributor with console and terraform code access for your appsync api. Person A directly change the schema in console for quick testing purpose and then forgot to remove those unintentional changes. And these changes are not showing as a difference during terraform planning and execution cycle and we lost track of change management. When Person B need to change schema which is required this will start creating confusion and he/she don't know what is the correct schema to keep. One showing in console or another which is in terraform infra code. Please add this feature to save this pain.

ryancausey commented 8 months ago

I just ran into this. I was assuming I could make test changes in the console in our nonprod environment, and then re-run the Terraform pipeline to reset those changes. It turns out this is not the case. It looks like this issue has been open for 4 years so far. What is the likelihood of this being picked up and fixed?

hashicorp / terraform-provider-aws