diff --git a/tidb-cloud/tidb-cloud-auditing.md b/tidb-cloud/tidb-cloud-auditing.md
index 1e3c11065ed8f..d6c00b8b49cef 100644
--- a/tidb-cloud/tidb-cloud-auditing.md
+++ b/tidb-cloud/tidb-cloud-auditing.md
@@ -36,6 +36,10 @@ To enable audit logging for AWS, take the following steps:
 
 Specify an Amazon S3 bucket in your corporate-owned AWS account as a destination to which TiDB Cloud writes the audit logs.
 
+> Note:
+>
+> Do not enable object lock on the AWS S3 bucket. Enabling object lock will prevent TiDB Cloud from pushing audit log files to S3.
+
 For more information, see [Creating a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-bucket-overview.html) in the AWS User Guide.
 
 #### Step 2. Configure Amazon S3 access