Terraform lifecycle rules lifecycle controls how Terraform creates, updates, and destroys a resource. resource "aws_db_instance" "main" { identifier = "main-db" lifecycle { create_before_destroy = true prevent_destroy = true ignore_changes = [ password , engine_version ] } } create_before_destroy By default Terraform destroys then creates. With create_before_destroy it creates the replacement first - useful for resources that can't have downtime (load balancers, DNS records, certificates). resource "aws_instance" "web" { ami = data . aws_ami . latest . id instance_type = "t3.small" lifecycle { create_before_destroy = true } } prevent_destroy Blocks terraform destroy and any plan that would delete the resource. Good for databases and S3 buckets you can't lose.…