Rule: S3 Bucket Versioning Enabled
Check whether S3 bucket versioning is enabled as per the high severity benchmark 'Booting Up: Things to Do First'.
| Rule | S3 bucket versioning should be enabled |
| Framework | CISA-cyber-essentials |
| Severity | ✔ High |
Rule Description
S3 bucket versioning should be enabled for CISA-cyber-essentials. S3 bucket versioning allows you to preserve multiple versions of an object in your bucket. Enabling versioning provides additional protection against accidental deletion, overwrites, and malware attacks. It provides an easy way to recover from unintended changes or errors in your application.
Troubleshooting Steps
- 1.Check if versioning is already enabled for the S3 bucket.
- 2.If versioning is not enabled, proceed to enable it.
Necessary Code
There are no specific codes required for enabling S3 bucket versioning. It can be done through the AWS Management Console or the AWS CLI.
Step-by-Step Guide
Follow the below steps to enable S3 bucket versioning:
AWS Management Console
- 1.Login to the AWS Management Console.
- 2.Navigate to the S3 service.
- 3.Select the desired bucket (in this case, CISA-cyber-essentials).
- 4.Click on the "Properties" tab.
- 5.Scroll down to the "Versioning" section and click on "Edit".
- 6.Select the radio button for "Enable versioning".
- 7.Click on "Save changes" to enable versioning for the bucket.
AWS CLI
- 1.Open the AWS CLI or AWS CloudShell.
- 2.Run the following command to enable versioning for the S3 bucket:
aws s3api put-bucket-versioning --bucket CISA-cyber-essentials --versioning-configuration Status=Enabled - 3.Verify the versioning status by running the following command:
aws s3api get-bucket-versioning --bucket CISA-cyber-essentials
The output of the above command should show that versioning is enabled for the specified bucket.
By following these steps, you will enable S3 bucket versioning for CISA-cyber-essentials, ensuring better data protection and recovery capabilities.