Rule: S3 Bucket Versioning Should Be Enabled

This rule ensures that S3 bucket versioning is enabled to provide data protection and backup capabilities.

Rule	S3 bucket versioning should be enabled
Framework	NIST 800-171 Revision 2
Severity	✔ High

Rule Description:

S3 bucket versioning should be enabled to meet the security requirements outlined in NIST 800-171 Revision 2. Versioning allows the preservation of all versions of an object within the bucket, providing protection against accidental deletion, overwrites, or malicious activities. This ensures the integrity and availability of data stored in the S3 bucket and supports compliance with the NIST 800-171 Revision 2 guidelines.

Troubleshooting Steps:

1.
Check if bucket versioning is already enabled:
- Open the Amazon S3 Management Console.
- Navigate to the bucket in question.
- Click on the "Properties" tab.
- Look for the "Versioning" section and check if it is already enabled.

2.

If bucket versioning is not enabled, follow the remediation steps below.

Remediation Steps:

To enable versioning for an S3 bucket, you can use the AWS Command Line Interface (CLI) or the AWS Management Console. Here's a step-by-step guide using the CLI:

AWS CLI Method:

1.

Open a terminal or command prompt.

2.

Install and configure the AWS CLI if you haven't already done so.

Run the following command to enable versioning for the S3 bucket:

aws s3api put-bucket-versioning --bucket <bucket-name> --versioning-configuration Status=Enabled

Replace

<bucket-name>

with the name of your S3 bucket.

4.
Verify that versioning is enabled for the bucket by executing the following command:
```
aws s3api get-bucket-versioning --bucket <bucket-name>
```
This command will display the versioning status of the bucket.

5.

Confirm that the output shows that versioning is enabled for the bucket.

AWS Management Console Method:

1.

Open the Amazon S3 Management Console.

2.

Navigate to the bucket in question.

3.

Click on the "Properties" tab.

4.

Under the "Versioning" section, click on the "Edit" button.

5.

Select the "Enable versioning" option.

6.

Click "Save" to enable versioning for the bucket.

7.

Verify that versioning is enabled by checking the "Properties" tab again.

Note:

Enabling versioning for an S3 bucket ensures that all subsequent versions of an object are stored and can be accessed if needed. However, keep in mind that enabling versioning will also incur additional storage costs as each version of an object will be retained in the bucket. It is recommended to set lifecycle policies to manage the lifecycle of the versions and minimize storage costs.

Rule: S3 Bucket Versioning Should Be Enabled

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS CLI Method:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS Management Console Method:

Is your System Free of Underlying Vulnerabilities? Find Out Now

AWS CLI Method:

AWS Management Console Method:

Is your System Free of Underlying Vulnerabilities?
Find Out Now