Hi,

I need to protect some critical resources from destroying by any means.

Using the prevent_destroy lifecycle block doesn’t work with terraform apply as I understand from the documentation and as I tested myself.

So, how can I enforce the prevent_destroy with the apply command and not only with destroy ?

Thanks,

Hi @nurhun,

The only sure way to prevent destroying by any means is to set a policy in an external system which can prevent destruction of the resource (many services even have options on individual resources to do this). The prevent_destroy feature within Terraform still needs a way to allow overriding or changing the configuration, which means the policy must always be verified outside of Terraform to be enforceable.