Add R2 bucket lock changelog entry + update bucket lock docs (#20566)

* Add R2 bucket lock changelog entry + update bucket lock docs

* Apply suggestions from code review

Co-authored-by: Matt Silverlock <[email protected]>

* pr suggestion: Added example lock rules per

* Change id parameter to name for both bucket lifecycle and r2 bucket lock commands

* Apply suggestions from code review

* clearer language on what bucket locks allow you to do

---------

Co-authored-by: Matt Silverlock <[email protected]>
Co-authored-by: Jun Lee <[email protected]>

Author: 3 people

src/content/changelog/r2/2025-03-06-r2-bucket-locks.mdx

@@ -0,0 +1,33 @@
+---
+title: Set retention polices for your R2 bucket with bucket locks
+description: Set retention polices for your R2 bucket with bucket locks
+products:
+  - r2
+date: 2025-03-06T10:00:00Z
+---
+
+You can now use [bucket locks](/r2/buckets/bucket-locks/) to set retention policies on your [R2 buckets](/r2/buckets/) (or specific prefixes within your buckets) for a specified period — or indefinitely. This can help ensure compliance by protecting important data from accidental or malicious deletion.
+
+Locks give you a few ways to ensure your objects are retained (not deleted or overwritten). You can:
+
+- Lock objects for a specific duration, for example 90 days.
+- Lock objects until a certain date, for example January 1, 2030.
+- Lock objects indefinitely, until the lock is explicitly removed.
+
+Buckets can have up to 1,000 [bucket lock rules](/r2/buckets/). Each rule specifies which objects it covers (via prefix) and how long those objects must remain retained.
+
+Here are a couple of examples showing how you can configure bucket lock rules using [Wrangler](/workers/wrangler/):
+
+#### Ensure all objects in a bucket are retained for at least 180 days
+
+```sh
+npx wrangler r2 bucket lock add <bucket> --name 180-days-all --retention-days 180
+```
+
+#### Prevent deletion or overwriting of all logs indefinitely (via prefix)
+
+```sh
+npx wrangler r2 bucket lock add <bucket> --name indefinite-logs --prefix logs/ --retention-indefinite
+```
+
+For more information on bucket locks and how to set retention policies for objects in your R2 buckets, refer to our [documentation](/r2/buckets/bucket-locks/).

src/content/docs/r2/buckets/bucket-locks.mdx

@@ -12,6 +12,14 @@ Before getting started, you will need:
 - An existing R2 bucket. If you do not already have an existing R2 bucket, refer to [Create buckets](/r2/buckets/create-buckets/).
 - (API only) An API token with [permissions](/r2/api/s3/tokens/#permissions) to edit R2 bucket configuration.
 
+### Enable bucket lock via dashboard
+
+1. From the Cloudflare dashboard, select **R2** from the sidebar.
+2. Select the bucket you would like to add bucket lock rule to.
+3. Switch to the **Settings** tab, then scroll down to the **Bucket lock rules** card.
+4. Select **Add rule** and enter the rule name, prefix, and retention period.
+5. Select **Save changes**.
+
 ### Enable bucket lock via Wrangler
 
 1. Install [`npm`](https://docs.npmjs.com/getting-started).
@@ -77,6 +85,12 @@ If your bucket is setup with [jurisdictional restrictions](/r2/reference/data-lo
 
 ## Get bucket lock rules for your R2 bucket
 
+### Dashboard
+
+1. From the Cloudflare dashboard, select **R2** from the sidebar.
+2. Select the bucket you would like to add bucket lock rule to.
+3. Switch to the **Settings** tab, then scroll down to the **Bucket lock rules** card.
+
 ### Wrangler
 
 To list bucket lock rules, run the [`r2 bucket lock list` command](/workers/wrangler/commands/#r2-bucket-lock-list):
@@ -91,6 +105,13 @@ For more information on required parameters and examples of how to get bucket lo
 
 ## Remove bucket lock rules from your R2 bucket
 
+### Dashboard
+
+1. From the Cloudflare dashboard, select **R2** from the sidebar.
+2. Select the bucket you would like to add bucket lock rule to.
+3. Switch to the **Settings** tab, then scroll down to the **Bucket lock rules** card.
+4. Locate the rule you want to remove, select the `...` icon next to it, and then select **Delete**.
+
 ### Wrangler
 
 To remove a bucket lock rule, run the [`r2 bucket lock remove` command](/workers/wrangler/commands/#r2-bucket-lock-remove):

src/content/partials/workers/wrangler-commands/r2.mdx

@@ -263,8 +263,8 @@ wrangler r2 bucket lifecycle add <NAME> [OPTIONS]
 
 - `NAME` <Type text="string" /> <MetaInfo text="required" />
   - The name of the R2 bucket to add a lifecycle rule to.
-- `--id` <Type text="string" /> <MetaInfo text="optional" />
-  - A unique identifier for the lifecycle rule.
+- `--name` <Type text="string" /> <MetaInfo text="optional" />
+  - A unique name for the lifecycle rule, used to identify and manage it. For example: `delete-logs-180-days`.
 - `--prefix` <Type text="string" /> <MetaInfo text="optional" />
   - Prefix condition for the lifecycle rule (leave empty for all prefixes).
 - `--expire-days` <Type text="number" /> <MetaInfo text="optional" />
@@ -296,8 +296,8 @@ wrangler r2 bucket lifecycle remove <NAME> [OPTIONS]
 
 - `NAME` <Type text="string" /> <MetaInfo text="required" />
   - The name of the R2 bucket to remove a lifecycle rule from.
-- `--id` <Type text="string" /> <MetaInfo text="required" />
-  - The unique identifier of the lifecycle rule to remove.
+- `--name` <Type text="string" /> <MetaInfo text="required" />
+  - The unique name of the lifecycle rule to remove.
 - `--jurisdiction` <Type text="string" /> <MetaInfo text="optional" />
   - The jurisdiction where the bucket exists, if a jurisdiction has been specified. Refer to [jurisdictional restrictions](/r2/reference/data-location/#jurisdictional-restrictions).
 
@@ -349,8 +349,8 @@ wrangler r2 bucket lock add <NAME> [OPTIONS]
 
 - `NAME` <Type text="string" /> <MetaInfo text="required" />
   - The name of the R2 bucket to add a bucket lock rule to.
-- `--id` <Type text="string" /> <MetaInfo text="optional" />
-  - A unique identifier for the bucket lock rule.
+- `--name` <Type text="string" /> <MetaInfo text="optional" />
+  - A unique name for the bucket lock rule, used to identify and manage it. For example: `retain-logs-180-days`.
 - `--prefix` <Type text="string" /> <MetaInfo text="optional" />
   - Prefix condition for the bucket lock rule (leave empty for all prefixes).
 - `--retention-days` <Type text="number" /> <MetaInfo text="optional" />
@@ -374,8 +374,8 @@ wrangler r2 bucket lock remove <NAME> [OPTIONS]
 
 - `NAME` <Type text="string" /> <MetaInfo text="required" />
   - The name of the R2 bucket to remove a bucket lock rule from.
-- `--id` <Type text="string" /> <MetaInfo text="required" />
-  - The unique identifier of the bucket lock rule to remove.
+- `--name` <Type text="string" /> <MetaInfo text="required" />
+  - The unique name of the bucket lock rule to remove.
 - `--jurisdiction` <Type text="string" /> <MetaInfo text="optional" />
   - The jurisdiction where the bucket exists, if a jurisdiction has been specified. Refer to [jurisdictional restrictions](/r2/reference/data-location/#jurisdictional-restrictions).