diff --git a/main.tf b/main.tf
index ce8ca37..9681e6d 100644
--- a/main.tf
+++ b/main.tf
@@ -51,7 +51,7 @@ locals {
 resource "aws_s3_bucket" "this" {
   bucket        = var.bucket_name
   acl           = "private"
-  force_destroy = false
+  force_destroy = var.force_destroy
 
   server_side_encryption_configuration {
     rule {
diff --git a/variables.tf b/variables.tf
index bbc654e..0e42780 100644
--- a/variables.tf
+++ b/variables.tf
@@ -45,3 +45,8 @@ variable "allowed_endpoints" {
   default = [ ]
 }
 
+variable "force_destroy" {
+  description = "Protect or delete bucket"
+  type        = string
+  default     = "false"
+}