Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enabling Rule: S3 Bucket Versioning

Check if S3 bucket versioning is enabled according to Audit and Accountability (AU) standard.

RuleS3 bucket versioning should be enabled
FrameworkNIST 800-53 Revision 5
Severity
High

Rule Description:

S3 bucket versioning should be enabled to comply with the security requirements of the NIST 800-53 Revision 5 standard. Versioning allows you to track changes made to objects stored in an S3 bucket over time, providing enhanced data protection, durability, and recovery options.

Troubleshooting Steps:

  1. 1.
    Verify that you have the necessary permissions to enable versioning on the S3 bucket.
  2. 2.
    Confirm that the S3 bucket is not already versioned by checking the bucket's versioning configuration.

Necessary Code:

No code is required for this specific rule. However, if versioning is not currently enabled, you will need to use the AWS Command Line Interface (CLI) or AWS SDKs to enable versioning on the S3 bucket.

Step-by-Step Guide for Remediation:

  1. 1.

    Open the AWS Management Console and navigate to the S3 service.

  2. 2.

    Locate the S3 bucket that needs versioning enabled and select it.

  3. 3.

    Click on the "Properties" tab in the bucket's details pane.

  4. 4.

    Scroll down to the "Versioning" section and click on the "Edit" button.

  5. 5.

    In the "Versioning" dialog box, select the option to "Enable versioning."

  6. 6.

    Click on the "Save" button to enable versioning for the S3 bucket.

  7. 7.

    Verify that versioning is enabled by refreshing the bucket's details and checking the "Versioning" section.

Notes:

  • Versioning can have cost implications, as it increases storage costs by storing multiple versions of each object. Ensure that you have considered the impact on your storage costs before enabling versioning.
  • Enabling versioning is irreversible, meaning once it is enabled, it cannot be disabled for the bucket. Be certain that versioning is required before enabling it.

Is your System Free of Underlying Vulnerabilities?
Find Out Now