-
Notifications
You must be signed in to change notification settings - Fork 774
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Retain resources on destroy #1615
Comments
Hello and thank you for this issue! The core team regularly reviews new issues and discusses them, but this can take a little time. Please bear with us while we get to your issue. If you're interested, the contribution guide has a section about the decision-making process. |
Hi @JonathanManass. |
Hi @Evi1Pumpkin. If I understand the removed block correctly, the aim is to use it when removing resources from the terraform configuration, so replacing a resource block by a removed block before applying. The way I use opentofu is to have one workspace per customer environment. With this solution, I could just run the destroy without any manual action to be taken beforehand, and know my resource will not be deleted. |
Hi @JonathanManass, |
OpenTofu Version
Use Cases
When creating certain resources that we need to keep when deleting the environment, I don't want to do any manual actions.
There are certain resources, such as buckets or log groups, that especially for production environments, need to be kept for several months after the deletion of an environment.
Attempted Solutions
Currently the only way to do this is to remove it from the state manually or to comment the resource and add a removed block which is not better.
Proposal
My proposal is the same as that of my references below, just for a different use case.
This means adding another keyword to the lifecycle block that will either work alongside prevent_destroy or replace it.
lifecycle {
on_destroy = <destroy|prevent|retain|(ignore)>
}
With destroy being the default behaviour (could be that this is unnecessary except for the case where this can be made dynamic)
Prevent being the prevent_destroy = true curent behaviour
Retain meaning that the resource is removed from the state but the actual destroy operation is not sent to the provider
You could even imagine an additional
ignore
operation which would be similar to retain and would also leave the resource in the statelifecycle {
retain_on_destroy = <true|false>
}
which would be the same as the Retain from the first proposal (the resource is removed from the state but the actual destroy operation is not sent to the provider).
References
The text was updated successfully, but these errors were encountered: