From bebb6198b9c9c5f61d0b1bb9b2abdabbe1a1f750 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 1 Apr 2022 13:57:51 -0400
Subject: [PATCH] update docs

---
 standard/README.md | 7 +++++++
 standard/main.tf   | 5 +++++
 title26/README.md  | 7 +++++++
 title26/main.tf    | 6 ++++++
 4 files changed, 25 insertions(+)

diff --git a/standard/README.md b/standard/README.md
index 0343880..ce4c8a8 100644
--- a/standard/README.md
+++ b/standard/README.md
@@ -122,6 +122,12 @@ this shorter region value.
 ## Options :: name\_enforce\_region\_compact
 This flag always compacts the region, no mater whehter the name is longer than 63 characters or not.
 
+## Options :: object\_lock\_enable
+This is usable on bucket creation, and it will allow you to add external to this module an object lock
+configuration (aws\_s3\_object\_lock\_configuration).  See the [AWS Object Lock](AWS Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
+and the [Terraform AWS Provider](https://registry.terraform.io/providers/hashicorp%20%20/aws/4.7.0/docs/resources/s3_bucket_object_lock_configuration) docs for
+more details.  Setting this after bucket creation is possible but requires a support tickets, so you're better off doing it up front.
+
 # Outputs
 One output of note is the `s3_module_settings`. With this, you can get the settings used when calling the
 module, the original bucket name before prefix and suffixes, and other things.  It is a map.
@@ -217,6 +223,7 @@ No modules.
 | <a name="input_name_include_account"></a> [name\_include\_account](#input\_name\_include\_account) | Flag to determine if we include the AWS Account id in the resulting bucket name | `bool` | `false` | no |
 | <a name="input_name_include_region"></a> [name\_include\_region](#input\_name\_include\_region) | Flag to determine if we include the full region name in the resulting bucket name | `bool` | `false` | no |
 | <a name="input_name_include_region_compact"></a> [name\_include\_region\_compact](#input\_name\_include\_region\_compact) | Flag to determine if we the rewrite the full region name to a shorter region name if the resulting name > 63 characters.  Only usable with name\_include\_region. | `bool` | `true` | no |
+| <a name="input_object_lock_enabled"></a> [object\_lock\_enabled](#input\_object\_lock\_enabled) | Flag to enable object lock. This can only be set on bucket creation. See AWS documentation at https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html | `bool` | `false` | no |
 | <a name="input_require_explicit_encryption"></a> [require\_explicit\_encryption](#input\_require\_explicit\_encryption) | When enabled, adds bucket policy to Deny unencrypted uploads and incorrect encryption header.  Should not normally be needed. | `bool` | `false` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
 
diff --git a/standard/main.tf b/standard/main.tf
index 888649a..b0a3210 100644
--- a/standard/main.tf
+++ b/standard/main.tf
@@ -123,6 +123,11 @@
 * ## Options :: name_enforce_region_compact
 * This flag always compacts the region, no mater whehter the name is longer than 63 characters or not.
 *
+* ## Options :: object_lock_enable
+* This is usable on bucket creation, and it will allow you to add external to this module an object lock
+* configuration (aws_s3_object_lock_configuration).  See the [AWS Object Lock](AWS Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
+* and the [Terraform AWS Provider](https://registry.terraform.io/providers/hashicorp%20%20/aws/4.7.0/docs/resources/s3_bucket_object_lock_configuration) docs for 
+* more details.  Setting this after bucket creation is possible but requires a support tickets, so you're better off doing it up front.
 *
 * # Outputs
 * One output of note is the `s3_module_settings`. With this, you can get the settings used when calling the
diff --git a/title26/README.md b/title26/README.md
index 176f74a..661a50f 100644
--- a/title26/README.md
+++ b/title26/README.md
@@ -122,6 +122,12 @@ this shorter region value.
 ## Options :: name_enforce_region_compact
 This flag always compacts the region, no mater whehter the name is longer than 63 characters or not.
 
+## Options :: object_lock_enable
+This is usable on bucket creation, and it will allow you to add external to this module an object lock
+configuration (aws_s3_object_lock_configuration).  See the [AWS Object Lock](AWS Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
+and the [Terraform AWS Provider](https://registry.terraform.io/providers/hashicorp%20%20/aws/4.7.0/docs/resources/s3_bucket_object_lock_configuration) docs for
+more details.  Setting this after bucket creation is possible but requires a support tickets, so you're better off doing it up front.
+
 # Outputs
 One output of note is the `s3_module_settings`. With this, you can get the settings used when calling the
 module, the original bucket name before prefix and suffixes, and other things.  It is a map.
@@ -216,6 +222,7 @@ No modules.
 | <a name="input_name_include_account"></a> [name\_include\_account](#input\_name\_include\_account) | Flag to determine if we include the AWS Account id in the resulting bucket name | `bool` | `false` | no |
 | <a name="input_name_include_region"></a> [name\_include\_region](#input\_name\_include\_region) | Flag to determine if we include the full region name in the resulting bucket name | `bool` | `false` | no |
 | <a name="input_name_include_region_compact"></a> [name\_include\_region\_compact](#input\_name\_include\_region\_compact) | Flag to determine if we the rewrite the full region name to a shorter region name if the resulting name > 63 characters.  Only usable with name\_include\_region. | `bool` | `true` | no |
+| <a name="input_object_lock_enabled"></a> [object\_lock\_enabled](#input\_object\_lock\_enabled) | Flag to enable object lock. This can only be set on bucket creation. See AWS documentation at https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html | `bool` | `false` | no |
 | <a name="input_require_explicit_encryption"></a> [require\_explicit\_encryption](#input\_require\_explicit\_encryption) | When enabled, adds bucket policy to Deny unencrypted uploads and incorrect encryption header.  Should not normally be needed. | `bool` | `false` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
 
diff --git a/title26/main.tf b/title26/main.tf
index b7dd334..5705e06 100644
--- a/title26/main.tf
+++ b/title26/main.tf
@@ -123,6 +123,12 @@
 * ## Options :: name_enforce_region_compact
 * This flag always compacts the region, no mater whehter the name is longer than 63 characters or not.
 *
+* ## Options :: object_lock_enable
+* This is usable on bucket creation, and it will allow you to add external to this module an object lock
+* configuration (aws_s3_object_lock_configuration).  See the [AWS Object Lock](AWS Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
+* and the [Terraform AWS Provider](https://registry.terraform.io/providers/hashicorp%20%20/aws/4.7.0/docs/resources/s3_bucket_object_lock_configuration) docs for 
+* more details.  Setting this after bucket creation is possible but requires a support tickets, so you're better off doing it up front.
+*
 * # Outputs
 * One output of note is the `s3_module_settings`. With this, you can get the settings used when calling the
 * module, the original bucket name before prefix and suffixes, and other things.  It is a map.