Hamburger Cross Icon
IaC Guardrails - Resource Destroy Protection

Resource Destroy Protection

Guardrail IaC Guardrails Beta Deployment And Infrastructure
iac.resource-destroy-protection

Ensures stateless infrastructure resources (EC2 instances, load balancers, networking) have lifecycle { prevent_destroy = true } to prevent accidental destruction of critical infrastructure.

iac infrastructure prevent_destroy stateless ec2
Get Started View All IaC Guardrails

Compatible Integrations

This guardrail works with the following integrations. Click to see how to use Resource Destroy Protection with each collector.

+
Resource Destroy Protection + Terraform Collector Provides parsed IaC configuration data

Enable This Guardrail

Add the parent policy to your lunar-config.yml to enable this guardrail.

📄 lunar-config.yml 
policies:
  - uses: github://earthly/lunar-lib/policies/iac@v1.0.0
    include: [resource-destroy-protection]
    # with: ...

How This Guardrail Works

This guardrail is part of the IaC Guardrails policy. It evaluates data collected by integrations and produces a pass/fail check with actionable feedback.

When enabled, this check runs automatically on every PR and in AI coding workflows, providing real-time enforcement of your engineering standards.

Learn How Lunar Works
1
Integrations Gather Data
Collectors extract metadata from code, CI pipelines, tool outputs, and scans
2
{ } Centralized as JSON
All data merged into each component's unified metadata document
3
This Guardrail Checks Current
Resource Destroy Protection runs and provides pass/fail feedback

Related Guardrails

Other guardrails in the IaC Guardrails policy.

Guardrail Deployment And Infrastructure
Valid

Validates that all IaC configuration files are syntactically correct. Invalid configurations will fail deployment.
Guardrail Deployment And Infrastructure
Waf Protection

Requires WAF protection for internet-facing services. Checks each IaC module for public resources and verifies WAF is...
Guardrail Deployment And Infrastructure
Datastore Destroy Protection

Ensures stateful resources (databases, storage buckets, caches) have lifecycle { prevent_destroy = true } to prevent...
IaC Guardrails

IaC Guardrails

This guardrail is part of the IaC Guardrails policy, which includes 4 guardrails for deployment and infrastructure.

View Policy

Ready to Automate Your Standards?

See how Lunar can turn your engineering wiki, compliance docs, or postmortem action items into automated guardrails with our 100+ built-in guardrails.

Works with any process
check Infrastructure conventions
check Post-mortem action items
check Security & compliance policies
check Testing & quality requirements
Automate Now
Turn any process doc into guardrails
Book a Demo