Most developers treat Terraform’s lifecycle block as a collection of optional tweaks.
It is not.
The lifecycle block rewrites how Terraform makes decisions inside the resource graph. It can reverse replacement order. It can block destruction entirely. It can tolerate drift. It can force replacement when nothing appears to change.
That means it changes identity behavior.
create_before_destroy alters downtime characteristics, but only if the remote API allows duplicate objects.prevent_destroy is a plan-time hard stop that protects critical resources from accidental deletion.ignore_changes stops enforcement, which means drift becomes invisible.replace_triggered_by expands blast radius intentionally.precondition converts unwritten policy into enforced logic.
None of these modify AWS. They modify Terraform’s judgment.
Understanding that boundary prevents one of the most common beginner mistakes: assuming lifecycle settings are convenience flags rather than structural safety controls.