Most engineers assume renaming a Terraform resource is harmless.
It is not.
Terraform does not track infrastructure by cloud name.
It tracks infrastructure by state address.
Change the label.
Change the address.
Terraform plans a destroy and create operation.
In this lesson, I break down:
- Why identity lives in the state file
- How
movedblocks prevent unintended replacement - Why
for_eachkeys are part of identity - Why you must separate address refactors from behavior changes
Safe refactoring is not about clean code.
It is about preserving identity while restructuring configuration.