AWS appsync documentation change
Summary
Added section explaining how API configuration changes propagate and their impact during deployment.
Security assessment
The change provides operational clarity about configuration propagation but does not address security vulnerabilities or document security features.
Diff
diff --git a/appsync/latest/devguide/best-practices.md b/appsync/latest/devguide/best-practices.md index 5ccfa3701..d45f51331 100644 --- a//appsync/latest/devguide/best-practices.md +++ b//appsync/latest/devguide/best-practices.md @@ -5 +5 @@ -Understand authentication methodsUse TLS for HTTP resolversUse roles with the least permissions possibleIAM policy best practices +Understand authentication methodsUnderstand how API configuration changes propagateUse TLS for HTTP resolversUse roles with the least permissions possibleIAM policy best practices @@ -29,0 +30,4 @@ For more information on authentication and authorization in AWS AppSync, see [Co +## Understand how API configuration changes propagate + +When you save changes to your API configuration, AWS AppSync starts to propagate the changes. Until your configuration change is propagated, AWS AppSync continues to serve your content from the previous configuration. After your configuration change is propagated, AWS AppSync immediately starts to serve your content based on the new configuration. While AWS AppSync is propagating your changes for an API, we can't determine whether the API is serving your content based on the previous configuration or the new configuration. +