databricks · andrewnester · Sep 9, 2025 · Aug 20, 2025 · Sep 2, 2025 · Sep 2, 2025
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/databricks.yml b/acceptance/bundle/lifecycle/prevent-destroy/databricks.yml
@@ -0,0 +1,20 @@
+bundle:
+  name: prevent-destroy
+
+lifecycle: &lifecycle_base
+  lifecycle:
+    prevent_destroy: true
+
+pipeline: &pipeline_base
+  resources:
+    pipelines:
+      my_pipelines:
+        name: "test-pipeline"
+        libraries:
+          - notebook:
+              path: "./test-notebook.py"
+        <<: *lifecycle_base
+        schema: test-schema
+        catalog: main
+
+<<: *pipeline_base
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/out.direct-exp.txt b/acceptance/bundle/lifecycle/prevent-destroy/out.direct-exp.txt
@@ -0,0 +1,48 @@
+
+>>> errcode [CLI] bundle plan
+
+>>> musterr [CLI] bundle destroy --auto-approve
+Error: resource my_pipelines has lifecycle.prevent_destroy set, but the plan calls for this resource to be recreated or destroyed. To avoid this error, disable lifecycle.prevent_destroy for pipelines.my_pipelines
+
+
+Exit code (musterr): 1
+
+>>> errcode [CLI] bundle plan
+recreate pipelines.my_pipelines
+
+>>> musterr [CLI] bundle deploy
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+Error: resource my_pipelines has lifecycle.prevent_destroy set, but the plan calls for this resource to be recreated or destroyed. To avoid this error, disable lifecycle.prevent_destroy for pipelines.my_pipelines
+
+
+Exit code (musterr): 1
+
+>>> errcode [CLI] bundle plan
+recreate pipelines.my_pipelines
+
+>>> [CLI] bundle deploy --auto-approve
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+
+This action will result in the deletion or recreation of the following Lakeflow Declarative Pipelines along with the
+Streaming Tables (STs) and Materialized Views (MVs) managed by them. Recreating the pipelines will
+restore the defined STs and MVs through full refresh. Note that recreation is necessary when pipeline
+properties such as the 'catalog' or 'storage' are changed:
+  recreate pipeline my_pipelines
+Deploying resources...
+Updating deployment state...
+Deployment complete!
+
+>>> errcode [CLI] bundle plan
+delete pipelines.my_pipelines
+
+>>> [CLI] bundle deploy --auto-approve
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+
+This action will result in the deletion or recreation of the following Lakeflow Declarative Pipelines along with the
+Streaming Tables (STs) and Materialized Views (MVs) managed by them. Recreating the pipelines will
+restore the defined STs and MVs through full refresh. Note that recreation is necessary when pipeline
+properties such as the 'catalog' or 'storage' are changed:
+  delete pipeline my_pipelines
+Deploying resources...
+Updating deployment state...
+Deployment complete!
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/out.terraform.txt b/acceptance/bundle/lifecycle/prevent-destroy/out.terraform.txt
@@ -0,0 +1,84 @@
+
+>>> errcode [CLI] bundle plan
+
+>>> musterr [CLI] bundle destroy --auto-approve
+Error: exit status 1
+
+Error: Instance cannot be destroyed
+
+  on bundle.tf.json line 15, in resource.databricks_pipeline:
+  15:       "my_pipelines": {
+
+Resource databricks_pipeline.my_pipelines has lifecycle.prevent_destroy set,
+but the plan calls for this resource to be destroyed. To avoid this error and
+continue with the plan, either disable lifecycle.prevent_destroy or reduce
+the scope of the plan using the -target flag.
+
+
+
+Exit code (musterr): 1
+
+>>> errcode [CLI] bundle plan
+Error: exit status 1
+
+Error: Instance cannot be destroyed
+
+  on bundle.tf.json line 15, in resource.databricks_pipeline:
+  15:       "my_pipelines": {
+
+Resource databricks_pipeline.my_pipelines has lifecycle.prevent_destroy set,
+but the plan calls for this resource to be destroyed. To avoid this error and
+continue with the plan, either disable lifecycle.prevent_destroy or reduce
+the scope of the plan using the -target flag.
+
+
+
+Exit code: 1
+
+>>> musterr [CLI] bundle deploy
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+Error: exit status 1
+
+Error: Instance cannot be destroyed
+
+  on bundle.tf.json line 15, in resource.databricks_pipeline:
+  15:       "my_pipelines": {
+
+Resource databricks_pipeline.my_pipelines has lifecycle.prevent_destroy set,
+but the plan calls for this resource to be destroyed. To avoid this error and
+continue with the plan, either disable lifecycle.prevent_destroy or reduce
+the scope of the plan using the -target flag.
+
+
+
+Exit code (musterr): 1
+
+>>> errcode [CLI] bundle plan
+recreate pipelines.my_pipelines
+
+>>> [CLI] bundle deploy --auto-approve
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+
+This action will result in the deletion or recreation of the following Lakeflow Declarative Pipelines along with the
+Streaming Tables (STs) and Materialized Views (MVs) managed by them. Recreating the pipelines will
+restore the defined STs and MVs through full refresh. Note that recreation is necessary when pipeline
+properties such as the 'catalog' or 'storage' are changed:
+  recreate pipeline my_pipelines
+Deploying resources...
+Updating deployment state...
+Deployment complete!
+
+>>> errcode [CLI] bundle plan
+delete pipelines.my_pipelines
+
+>>> [CLI] bundle deploy --auto-approve
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+
+This action will result in the deletion or recreation of the following Lakeflow Declarative Pipelines along with the
+Streaming Tables (STs) and Materialized Views (MVs) managed by them. Recreating the pipelines will
+restore the defined STs and MVs through full refresh. Note that recreation is necessary when pipeline
+properties such as the 'catalog' or 'storage' are changed:
+  delete pipeline my_pipelines
+Deploying resources...
+Updating deployment state...
+Deployment complete!
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/out.test.toml b/acceptance/bundle/lifecycle/prevent-destroy/out.test.toml
@@ -0,0 +1,5 @@
+Local = true
+Cloud = false
+
+[EnvMatrix]
+  DATABRICKS_CLI_DEPLOYMENT = ["terraform", "direct-exp"]
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/output.txt b/acceptance/bundle/lifecycle/prevent-destroy/output.txt
@@ -0,0 +1,15 @@
+
+>>> [CLI] bundle validate
+Name: prevent-destroy
+Target: default
+Workspace:
+  User: [USERNAME]
+  Path: /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default
+
+Validation OK!
+
+>>> [CLI] bundle deploy
+Uploading bundle files to /Workspace/Users/[USERNAME]/.bundle/prevent-destroy/default/files...
+Deploying resources...
+Updating deployment state...
+Deployment complete!
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/script b/acceptance/bundle/lifecycle/prevent-destroy/script
@@ -0,0 +1,22 @@
+trace $CLI bundle validate
+
+trace $CLI bundle deploy
+
+trace errcode $CLI bundle plan >out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+trace musterr $CLI bundle destroy --auto-approve >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+
+# Changing the catalog name, deploy must fail because pipeline will be recreated
+update_file.py databricks.yml 'catalog: main' 'catalog: mainnew'
+trace errcode $CLI bundle plan >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+trace musterr $CLI bundle deploy >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+
+# Removing the prevent_destroy, deploy must succeed
+update_file.py databricks.yml 'prevent_destroy: true' 'prevent_destroy: false'
+trace errcode $CLI bundle plan >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+trace $CLI bundle deploy --auto-approve >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+
+update_file.py databricks.yml 'prevent_destroy: false' 'prevent_destroy: true'
+# Removing the pipeline, deploy must succeed
+update_file.py databricks.yml '<<: *pipeline_base' ''
+trace errcode $CLI bundle plan >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
+trace $CLI bundle deploy --auto-approve >>out.$DATABRICKS_CLI_DEPLOYMENT.txt 2>&1
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/test-notebook.py b/acceptance/bundle/lifecycle/prevent-destroy/test-notebook.py
@@ -0,0 +1,3 @@
+# Databricks notebook source
+
+print("Hello, World!")
diff --git a/acceptance/bundle/lifecycle/prevent-destroy/test.toml b/acceptance/bundle/lifecycle/prevent-destroy/test.toml
@@ -0,0 +1,5 @@
+EnvVaryOutput = "DATABRICKS_CLI_DEPLOYMENT"
+
+Ignore = [
+    ".databricks"
+]
diff --git a/acceptance/bundle/lifecycle/test.toml b/acceptance/bundle/lifecycle/test.toml
@@ -0,0 +1,2 @@
+Local = true
+Cloud = false
diff --git a/acceptance/bundle/refschema/out.fields.txt b/acceptance/bundle/refschema/out.fields.txt
@@ -27,6 +27,8 @@ resources.apps.*.effective_budget_policy_id	string	ALL
 resources.apps.*.effective_user_api_scopes	[]string	ALL
 resources.apps.*.effective_user_api_scopes[*]	string	ALL
 resources.apps.*.id	string	ALL
+resources.apps.*.lifecycle	resources.Lifecycle	INPUT
+resources.apps.*.lifecycle.prevent_destroy	bool	INPUT
 resources.apps.*.modified_status	string	INPUT
 resources.apps.*.name	string	ALL
 resources.apps.*.oauth2_app_client_id	string	ALL
@@ -87,6 +89,8 @@ resources.database_catalogs.*.create_database_if_not_exists	bool	ALL
 resources.database_catalogs.*.database_instance_name	string	ALL
 resources.database_catalogs.*.database_name	string	ALL
 resources.database_catalogs.*.id	string	INPUT
+resources.database_catalogs.*.lifecycle	resources.Lifecycle	INPUT
+resources.database_catalogs.*.lifecycle.prevent_destroy	bool	INPUT
 resources.database_catalogs.*.modified_status	string	INPUT
 resources.database_catalogs.*.name	string	ALL
 resources.database_catalogs.*.uid	string	ALL
@@ -109,6 +113,8 @@ resources.database_instances.*.effective_stopped	bool	ALL
 resources.database_instances.*.enable_pg_native_login	bool	ALL
 resources.database_instances.*.enable_readable_secondaries	bool	ALL
 resources.database_instances.*.id	string	INPUT
+resources.database_instances.*.lifecycle	resources.Lifecycle	INPUT
+resources.database_instances.*.lifecycle.prevent_destroy	bool	INPUT
 resources.database_instances.*.modified_status	string	INPUT
 resources.database_instances.*.name	string	ALL
 resources.database_instances.*.node_count	int	ALL
@@ -294,6 +300,8 @@ resources.jobs.*.job_clusters[*].new_cluster.workload_type.clients	compute.Clien
 resources.jobs.*.job_clusters[*].new_cluster.workload_type.clients.jobs	bool	INPUT	STATE
 resources.jobs.*.job_clusters[*].new_cluster.workload_type.clients.notebooks	bool	INPUT	STATE
 resources.jobs.*.job_id	int64	REMOTE
+resources.jobs.*.lifecycle	resources.Lifecycle	INPUT
+resources.jobs.*.lifecycle.prevent_destroy	bool	INPUT
 resources.jobs.*.max_concurrent_runs	int	INPUT	STATE
 resources.jobs.*.modified_status	string	INPUT
 resources.jobs.*.name	string	INPUT	STATE
@@ -2082,6 +2090,8 @@ resources.pipelines.*.libraries[*].maven.repo	string	INPUT	STATE
 resources.pipelines.*.libraries[*].notebook	*pipelines.NotebookLibrary	INPUT	STATE
 resources.pipelines.*.libraries[*].notebook.path	string	INPUT	STATE
 resources.pipelines.*.libraries[*].whl	string	INPUT	STATE
+resources.pipelines.*.lifecycle	resources.Lifecycle	INPUT
+resources.pipelines.*.lifecycle.prevent_destroy	bool	INPUT
 resources.pipelines.*.modified_status	string	INPUT
 resources.pipelines.*.name	string	ALL
 resources.pipelines.*.notifications	[]pipelines.Notifications	INPUT	STATE
@@ -2389,6 +2399,8 @@ resources.schemas.*.grants[*].principal	string	INPUT
 resources.schemas.*.grants[*].privileges	[]resources.SchemaGrantPrivilege	INPUT
 resources.schemas.*.grants[*].privileges[*]	resources.SchemaGrantPrivilege	INPUT
 resources.schemas.*.id	string	INPUT
+resources.schemas.*.lifecycle	resources.Lifecycle	INPUT
+resources.schemas.*.lifecycle.prevent_destroy	bool	INPUT
 resources.schemas.*.metastore_id	string	REMOTE
 resources.schemas.*.modified_status	string	INPUT
 resources.schemas.*.name	string	ALL
@@ -2422,6 +2434,8 @@ resources.sql_warehouses.*.health.summary	string	REMOTE
 resources.sql_warehouses.*.id	string	INPUT	REMOTE
 resources.sql_warehouses.*.instance_profile_arn	string	ALL
 resources.sql_warehouses.*.jdbc_url	string	REMOTE
+resources.sql_warehouses.*.lifecycle	resources.Lifecycle	INPUT
+resources.sql_warehouses.*.lifecycle.prevent_destroy	bool	INPUT
 resources.sql_warehouses.*.max_num_clusters	int	ALL
 resources.sql_warehouses.*.min_num_clusters	int	ALL
 resources.sql_warehouses.*.modified_status	string	INPUT
@@ -2494,6 +2508,8 @@ resources.synced_database_tables.*.database_instance_name	string	ALL
 resources.synced_database_tables.*.effective_database_instance_name	string	ALL
 resources.synced_database_tables.*.effective_logical_database_name	string	ALL
 resources.synced_database_tables.*.id	string	INPUT
+resources.synced_database_tables.*.lifecycle	resources.Lifecycle	INPUT
+resources.synced_database_tables.*.lifecycle.prevent_destroy	bool	INPUT
 resources.synced_database_tables.*.logical_database_name	string	ALL
 resources.synced_database_tables.*.modified_status	string	INPUT
 resources.synced_database_tables.*.name	string	ALL
@@ -2527,6 +2543,8 @@ resources.volumes.*.grants[*].principal	string	INPUT
 resources.volumes.*.grants[*].privileges	[]resources.VolumeGrantPrivilege	INPUT
 resources.volumes.*.grants[*].privileges[*]	resources.VolumeGrantPrivilege	INPUT
 resources.volumes.*.id	string	INPUT
+resources.volumes.*.lifecycle	resources.Lifecycle	INPUT
+resources.volumes.*.lifecycle.prevent_destroy	bool	INPUT
 resources.volumes.*.metastore_id	string	REMOTE
 resources.volumes.*.modified_status	string	INPUT
 resources.volumes.*.name	string	ALL

diff --git a/bundle/config/resources/apps.go b/bundle/config/resources/apps.go
@@ -24,6 +24,7 @@ type AppPermission struct {
 
 type App struct {
 	BaseResource
+	apps.App // nolint App struct also defines Id and URL field with the same json tag "id" and "url"
 
 	// SourceCodePath is a required field used by DABs to point to Databricks app source code
 	// on local disk and to the corresponding workspace path during app deployment.
@@ -36,8 +37,6 @@ type App struct {
 	Config map[string]any `json:"config,omitempty"`
 
 	Permissions []AppPermission `json:"permissions,omitempty"`
-
-	apps.App // nolint App struct also defines Id and URL field with the same json tag "id" and "url"
 }
 
 func (a *App) UnmarshalJSON(b []byte) error {

diff --git a/bundle/config/resources/base.go b/bundle/config/resources/base.go
@@ -5,4 +5,5 @@ type BaseResource struct {
 	ID             string         `json:"id,omitempty" bundle:"readonly"`
 	ModifiedStatus ModifiedStatus `json:"modified_status,omitempty" bundle:"internal"`
 	URL            string         `json:"url,omitempty" bundle:"internal"`
+	Lifecycle      Lifecycle      `json:"lifecycle,omitempty"`
 }
diff --git a/bundle/config/resources/clusters.go b/bundle/config/resources/clusters.go
@@ -24,10 +24,9 @@ type ClusterPermission struct {
 
 type Cluster struct {
 	BaseResource
+	compute.ClusterSpec
 
 	Permissions []ClusterPermission `json:"permissions,omitempty"`
-
-	compute.ClusterSpec
 }
 
 func (s *Cluster) UnmarshalJSON(b []byte) error {

diff --git a/bundle/config/resources/dashboard.go b/bundle/config/resources/dashboard.go
@@ -46,10 +46,10 @@ type DashboardConfig struct {
 
 type Dashboard struct {
 	BaseResource
-	Permissions []DashboardPermission `json:"permissions,omitempty"`
-
 	DashboardConfig
 
+	Permissions []DashboardPermission `json:"permissions,omitempty"`
+
 	// FilePath points to the local `.lvdash.json` file containing the dashboard definition.
 	// This is inlined into serialized_dashboard during deployment. The file_path is kept around
 	// as metadata which is needed for `databricks bundle generate dashboard --resource <dashboard_key>` to work.

diff --git a/bundle/config/resources/database_catalog.go b/bundle/config/resources/database_catalog.go
@@ -12,7 +12,6 @@ import (
 
 type DatabaseCatalog struct {
 	BaseResource
-
 	database.DatabaseCatalog
 }
 

diff --git a/bundle/config/resources/database_instance.go b/bundle/config/resources/database_instance.go
@@ -24,10 +24,9 @@ type DatabaseInstancePermission struct {
 
 type DatabaseInstance struct {
 	BaseResource
+	database.DatabaseInstance
 
 	Permissions []DatabaseInstancePermission `json:"permissions,omitempty"`
-
-	database.DatabaseInstance
 }
 
 func (d *DatabaseInstance) Exists(ctx context.Context, w *databricks.WorkspaceClient, name string) (bool, error) {

diff --git a/bundle/config/resources/job.go b/bundle/config/resources/job.go
@@ -25,10 +25,9 @@ type JobPermission struct {
 
 type Job struct {
 	BaseResource
+	jobs.JobSettings
 
 	Permissions []JobPermission `json:"permissions,omitempty"`
-
-	jobs.JobSettings
 }
 
 func (j *Job) UnmarshalJSON(b []byte) error {

diff --git a/bundle/config/resources/lifecycle.go b/bundle/config/resources/lifecycle.go
@@ -0,0 +1,8 @@
+package resources
+
+// Lifecycle is a struct that contains the lifecycle settings for a resource.
+// It controls the behavior of the resource when it is deployed or destroyed.
+type Lifecycle struct {
+	// Lifecycle setting to prevent the resource from being destroyed.
+	PreventDestroy bool `json:"prevent_destroy,omitempty"`
+}
diff --git a/bundle/config/resources/mlflow_experiment.go b/bundle/config/resources/mlflow_experiment.go
@@ -24,10 +24,9 @@ type MlflowExperimentPermission struct {
 
 type MlflowExperiment struct {
 	BaseResource
+	ml.Experiment
 
 	Permissions []MlflowExperimentPermission `json:"permissions,omitempty"`
-
-	ml.Experiment
 }
 
 func (s *MlflowExperiment) UnmarshalJSON(b []byte) error {
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Databricks notebook source

		print("Hello, World!")
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,7 +12,6 @@ import ( @@
     type DatabaseCatalog struct {
     	BaseResource
     	database.DatabaseCatalog
     }
@@ Expand Down @@