There are cases where a workspace is started or updated and an important resource is deleted and re-created. Sometimes, this is fine, such as a Kubernetes pod, secret, or another ephemeral resource.

However, some resources (e.g. volume) should never be deleted since it results in data loss. For example, @sreya changed his username in Coder and deleted all of his code in his workspace (fix in #3571)

While that specific issue can be patched at the template level (use uid instead of username for labels), and #802 addresses a template safeguard for parameters, there will still be unexpected ways data will be lost in a template that we (or Coder admins in a deployment) haven't thought of.

Terraform's prevent_destroy 🙌🏼

This meta-argument, when set to true, will cause Terraform to reject with an error any plan that would destroy the infrastructure object associated with the resource, as long as the argument remains present in the configuration.

This meta-argument ensures a resource is never accidentally deleted. However, there are a couple of problems:

1. You may want to destroy a resource when you "delete" the workspace, but you want to prevent_destroy on stops. There is no built-in way to conditionally apply prevent_destroy: "Variables may not be used here" for prevent_destroy hashicorp/terraform#22544
2. A bit more unclear: What an admin actually want to prevent_destroy on delete, and perhaps manually clean up orphaned disks on a batch process or something? In this case, a delete workspace would always "fail" in Coder.