Vault_generic_secret provider should not overwrite existing secrets

I want to generate new default vault secrets but prevent overwriting/changing of already existing secrets.

how can I achieve this with vault_generic_secret? There is no “do not overwrite” argument.

got it.

lifecycle {
ignore_changes = all
}