Howdy. So, just a high-level question-set about the AWS Cloud Control API Provider that has been announced.
Since CloudFormation stores ‘state’ about objects (in a hidden backend), and Terraform State also stores ‘state’, doesn’t having a provider like this muddy the waters in terms of having a ‘single source of truth’ about those resources? More generally, how should an organization approach maintaining the concept of a ‘single source of truth’ for your infrastructure if you use both CloudFormation and Terraform?
More broadly, this question is also relevant for other aspects of Terraform use in an organization. My understanding is that Terraform generally doesn’t directly accomodate having anything but itself as the ‘source of truth’ for the state of an API. (This extends to anything manipulating the infrastructure/APIs outside of itself.) I’ve always been curious how Hashicorp and the communuity are considering how to ‘share’ the admiistration of a managed resource. Serverless Framework has this interesting article The definitive guide to using Terraform with the Serverless Framework , but does Hashicorp (happy to read something if it does and I missed it! : ) ) also have commentary on this topic?
(And yes, I know Terraform has the ‘Lifecycle’ blocks available in some resources, but in a typical Terraform code iterative development workflow, it’s usually added after-the-fact, only once Terraform plans show that the infrastructure has been unexpectedly changed.)
Thanks for the thoughtful replies! Cheers!