As the name suggests, ignore_changes can be used to ignore changes to a resource.

For example, let's say you create a Virtual Private Cloud (VPC) on Amazon Web Services (AWS) with a tag. Check out my article Create Update or Delete a Virtual Private Cloud (VPC) using Terraform.

resource "aws_vpc" "my-vpc" {
  cidr_block = "10.0.0.0/16"

  tags = {
    Name = "my-vpc"
  }

}

In the AWS console, I see that the VPC has tag Name = my-vpc.

Let's say the Name tag is changed to my-updated-vpc in the AWS console.

At this point, the name of the VPC in AWS will be different from the name of the VPC that Terraform has. When the terraform plan or terraform apply commands are used, Terraform will want to change the name of the VPC back to my-vpc.

~]$ terraform plan
Terraform will perform the following actions:

  # module.virtual_private_clouds.aws_vpc.my-vpc will be updated in-place
  ~ resource "aws_vpc" "my-vpc" {
        id                               = "vpc-06af016a250ef8541"
      ~ tags                             = {
          ~ "Name" = "my-updated-vpc" -> "my-vpc"
        }
      ~ tags_all                         = {
          ~ "Name" = "my-updated-vpc" -> "my-vpc"
        }
        # (15 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

lifecycle ignore_changes can be used to instruct Terraform to ignore any changes to the cidr_block and tags.

resource "aws_vpc" "my-vpc" {
  cidr_block = "10.0.0.0/16"

  tags = {
    Name = "my-vpc"
  }

  lifecycle {
    ignore_changes = [
      cidr_block,
      tags
    ]
  }

}

And now the terraform plan or terraform apply commands should show that no changes will be made to the tags.

~]$ terraform plan
No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.