Hello All,
I am new to Terraform here . So when i am about to Plan my Script i get the below
Plan: 5 to add, 0 to change, 1 to destroy
1 to destroy : Is this going to really destroy my resource group which i had modified ?
I have some queries too , it would be better if i can reach out to anyone . Please provide me your email address whoever can help me on terraforms here. But please answer this question
Also after changing the Resource names , the terraform was trying to delete my resource group from azure . Is this correct?
azurerm_resource_group.main: Destroying… [id=/subscriptions//resourceGroups/newResourceUS]
azurerm_resource_group.main: Still destroying… [id=/subscriptions/a/resourceGroups/newResourceUS, 10s elapsed]
^CInterrupt received.
Please help me out here
I’ve noticed that source resource providers don’t handle modifications gracefully and want to recreate the resource. It would make sense if things like that just resulted in a change, but I’ve run into this issue recently as well for a different resource. I think it is more an issue with the TF provider instead of TF itself 
oh no , thanks 
any solution or workaround you found?
The specific resource I was working with was the AWS Cognito User Pool resource. I found that when I added/updated attributes to that resource, it wanted to re-create the whole thing. Since we have user data in there, that is obviously a bad thing.
The Cognito User Pool (luckily) has a TF data source. So we just manually manage the User Pool for now, and then we link our other TF resources to reference the data source. For cognito, it happens to be the only data source, so we lucked out 
oh lucky you good to know 
but isnt there a proper guide for terraform where we can reuse existing vms / not destroy something?
Terraform providers prefer to do in-place updates where possible, but the underlying APIs do not always support that. For names of objects in particular, many services consider those to be immutable once an object is created and so they cannot be changed without recreating them.
terraform plan will always tell you when a provider has indicated that replacement is required by printing out a header on the plan block like this:
# azurerm_resource.group.main must be replaced
-/+ resource "azurerm_resource_group" "main" {
name = "foo" -> "bar" # requires replacement
}
The # requires replacement annotation shows specifically which changes are forcing the object replacement, so that you can undo those changes if you wish to apply the other changes in-place without replacing the object.
As you saw, it also counts this as one to add and one to destroy in the plan summary.
If the underlying API will not permit an in-place change then sadly the Terraform provider can’t do anything to change that.
How can i actually not force terraform to delete my resource , it just deleted my resources in azure There should be something which tell do not do it .
I tried life cycle and it didnt save me too
lifecycle {
create_before_destroy = true
}
}
If you want Terraform to never destroy something, you can instruct it using prevent_destroy in the lifecycle block:
lifecycle {
prevent_destroy = true
}
If you specify that then Terraform will fail to plan altogether in your case because what you’ve asked it to do is impossible: there is no way to change the name without destroying the object. So that will avoid Terraform destroying your object but will not address the root problem here, which is that the underlying API cannot do what you want here and Terraform cannot compensate for that.
An alternative answer is to tell Terraform to ignore the fact that the name has changed, and not try to change it at all:
lifecycle {
ignore_changes = [name]
}
In this case, Terraform will just leave the name as it is, regardless of any changes to it in your Terraform configuration. In other words, the name value in configuration will only be considered when creating an object, and ignored once that object exists.
1 Like
oh this looks achievable . Will get back once i do this change . Thanks again mart!