Terraformcloud~5 mins

Ignore_changes lifecycle rule in Terraform - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Sometimes, you want Terraform to ignore changes to certain resource attributes so it does not try to update them every time. The ignore_changes lifecycle rule tells Terraform to skip tracking changes on specified parts of a resource.

When a resource attribute is changed outside Terraform and you don't want Terraform to overwrite it.

When a cloud provider automatically updates some resource fields and you want to avoid constant updates.

When you want to manage some parts of a resource manually without Terraform interfering.

When you want to prevent Terraform from recreating a resource due to changes in specific attributes.

When you want to keep Terraform state stable despite external changes to certain resource properties.

Config File - main.tf

main.tf

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
  required_version = ">= 1.0"
}

provider "aws" {
  region = "us-east-1"
}

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"

  lifecycle {
    ignore_changes = [
      "tags.Name"
    ]
  }

  tags = {
    Name = "example-instance"
  }
}

This Terraform file creates an AWS EC2 instance.

The lifecycle block with ignore_changes tells Terraform to ignore any changes to the Name tag on this instance.

This means if someone changes the Name tag manually in AWS, Terraform will not try to revert it back.

Commands

Initializes Terraform, downloads the AWS provider plugin, and prepares the working directory.

Terminal

terraform init

Expected OutputExpected

Initializing the backend... Initializing provider plugins... - Finding hashicorp/aws versions matching "~> 4.0"... - Installing hashicorp/aws v4.60.0... - Installed hashicorp/aws v4.60.0 (signed by HashiCorp) Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure.

Applies the Terraform configuration to create the AWS EC2 instance without asking for confirmation.

Terminal

terraform apply -auto-approve

Expected OutputExpected

aws_instance.example: Creating... aws_instance.example: Still creating... [10s elapsed] aws_instance.example: Creation complete after 15s [id=i-0abcd1234efgh5678] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

→

-auto-approve - Skips interactive approval prompt

Shows the planned changes. If the Name tag is changed manually in AWS, Terraform will not plan to change it back because of ignore_changes.

Terminal

terraform plan

Expected OutputExpected

No changes. Infrastructure is up-to-date. This means that Terraform did not detect any changes to apply.

Key Concept

If you remember nothing else from this pattern, remember: ignore_changes tells Terraform to skip tracking and updating specific resource attributes.

Common Mistakes

Not specifying the exact attribute path in ignore_changes

Terraform will not ignore the intended changes and will try to update the resource anyway.

Use the correct attribute path syntax, like tags["Name"], to target the specific attribute.

Using ignore_changes to avoid fixing real configuration drift

It hides problems instead of solving them, leading to unmanaged differences and confusion.

Use ignore_changes only for attributes that change outside Terraform and are safe to ignore.

Summary

Use the lifecycle ignore_changes block inside a resource to tell Terraform which attributes to ignore.

Run terraform init to prepare the environment and terraform apply to create resources.

terraform plan shows no changes for ignored attributes even if they differ outside Terraform.