0
0
Terraformcloud~10 mins

Prevent_destroy lifecycle rule in Terraform - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Prevent_destroy lifecycle rule
Define resource with prevent_destroy
Terraform plan detects destroy
Check lifecycle.prevent_destroy
Block destroy
Error message
Terraform checks if a resource marked with prevent_destroy is about to be destroyed. If yes, it blocks the action and shows an error.
Execution Sample
Terraform
resource "aws_s3_bucket" "example" {
  bucket = "my-bucket"
  lifecycle {
    prevent_destroy = true
  }
}
Defines an S3 bucket resource that Terraform will not allow to be destroyed.
Process Table
StepActionResource StateLifecycle Rule CheckResult
1Terraform plan detects resource destroyResource existsCheck prevent_destroyProceed to check rule
2Check lifecycle.prevent_destroyResource existsprevent_destroy = trueDestroy blocked
3Terraform blocks destroyResource existsprevent_destroy enforcedError: Destroy prevented
4User cancels destroyResource remainsNo destroyNo change
5If prevent_destroy was falseResource existsprevent_destroy = falseDestroy allowed
💡 Destroy blocked because prevent_destroy is true on the resource
Status Tracker
VariableStartAfter Step 1After Step 2After Step 3Final
resource_existstruetruetruetruetrue
prevent_destroytruetruetruetruetrue
destroy_allowedfalsefalsefalsefalsefalse
Key Moments - 2 Insights
Why does Terraform show an error instead of destroying the resource?
Because the lifecycle.prevent_destroy rule is set to true, Terraform blocks any destroy action as shown in execution_table step 3.
What happens if prevent_destroy is set to false or omitted?
Terraform allows the resource to be destroyed normally, as shown in execution_table step 5.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, at which step does Terraform block the destroy action?
AStep 4
BStep 2
CStep 3
DStep 5
💡 Hint
Check the 'Result' column for the step where 'Destroy blocked' and 'Error' appear.
According to the variable tracker, what is the value of 'destroy_allowed' after step 3?
Afalse
Btrue
Cundefined
Dnull
💡 Hint
Look at the 'destroy_allowed' row under 'After Step 3' in variable_tracker.
If prevent_destroy was false, what would Terraform do according to the execution table?
ABlock destroy and show error
BAllow destroy
CIgnore the resource
DRetry destroy multiple times
💡 Hint
See step 5 in execution_table under 'Result' column.
Concept Snapshot
Terraform lifecycle prevent_destroy rule:
- Add lifecycle { prevent_destroy = true } inside resource block
- Blocks any destroy action on that resource
- Terraform plan errors if destroy attempted
- Useful to protect critical resources from accidental deletion
Full Transcript
This visual execution trace shows how Terraform handles the prevent_destroy lifecycle rule. When a resource is marked with prevent_destroy true, Terraform detects any destroy action during plan and blocks it, showing an error. The resource remains intact. If prevent_destroy is false or omitted, Terraform allows the destroy normally. Variables track resource existence and destroy permission. Key moments clarify why errors occur and what changes if the rule is off. The quiz tests understanding of when and how Terraform blocks destruction.