diff --git a/ops/keycloak/user_sources.tf b/ops/keycloak/user_sources.tf
index 01307fff8..f4207ba87 100644
--- a/ops/keycloak/user_sources.tf
+++ b/ops/keycloak/user_sources.tf
@@ -22,6 +22,13 @@ resource "keycloak_ldap_user_federation" "tvl_ldap" {
     "inetOrgPerson",
     "organizationalPerson",
   ]
+
+  lifecycle {
+    # Without this, terraform wants to recreate the resource.
+    ignore_changes = [
+      delete_default_mappers
+    ]
+  }
 }
 
 # keycloak_oidc_identity_provider.github will be destroyed