CloudWiki
Rules
Medium

Ensure S3 object versioning is enabled

Security & Compliance
PCI-DSS
APRA
MAS
NIST4
AWS Well-Architected Framework
Description

S3 object versioning is a feature that allows users to preserve, retrieve, and restore every version of an object in an S3 bucket. When S3 versioning is enabled, S3 automatically creates a unique version ID for each version of the object, making it easy to manage, recover, and restore previous versions of an object if needed. Ensuring S3 object versioning is enabled can help protect against data loss or accidental deletion of objects. However, it's important to note that enabling S3 object versioning can also increase storage costs, as multiple versions of the same object will be stored in the bucket.

Remediation

To ensure S3 object versioning is enabled, follow the below steps:

  1. Open the Amazon S3 console
  2. Select the bucket for which versioning needs to be enabled
  3. Click on the "Properties" tab
  4. Under the "Advanced Settings" section, click on "Versioning"
  5. Click on the "Edit" button
  6. Select the "Enable versioning" radio button
  7. Click on "Save changes"

Once you enable versioning, S3 will automatically version all the objects in the bucket, including any existing objects, and the older versions of the object will be stored. This ensures that if there is any data loss or deletion, the older versions can be restored.

Enforced Resources
S3 Bucket
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.