Overview: Preventing Unintentional Resource Deletion
In this article, we dive into theprevent_destroy attribute within Terragrunt. This powerful flag helps protect critical infrastructure from accidental destruction, ensuring higher stability and data integrity in your Terraform workflows.
Why Enable prevent_destroy?
Cloud environments often involve complex, interdependent resources. A single inadvertent terraform destroy can trigger cascading failures, leading to downtime and data loss. By setting prevent_destroy = true, you instruct Terraform to refuse any destroy operation on the designated resource or module.
Be cautious when enabling
prevent_destroy globally. It can block legitimate operations that require a full teardown, so apply it selectively to high-value resources.Attribute Details
| Value | Description |
|---|---|
| true | Prohibit resource destruction |
| false | Allow resource destruction (default) |
Use Case: Protecting a VPC Module
Let’s walk through a step-by-step example. We will provision a VPC using a Terragrunt module and then lock it down to prevent accidental teardown.1. Provision the VPC
Create aterragrunt.hcl file with the following configuration:
2. Enable prevent_destroy
Modify the same terragrunt.hcl file to include the prevent_destroy attribute:
3. Verify Destruction Is Blocked
Attempt to destroy the VPC:4. Removing the Protection
When you need to tear down the VPC, simply setprevent_destroy = false or remove the attribute, then run:
Best Practices
| Practice | Description |
|---|---|
| Selective Protection | Apply prevent_destroy only to mission-critical resources |
| Review Before Changes | Use terragrunt plan to detect potential conflicts early |
| Documentation | Tag protected resources clearly in your repository |
For more details on Terragrunt attributes, refer to the Terragrunt Documentation.