Enable S3 Bucket Versioning Rule

This rule ensures that S3 bucket versioning is enabled to maintain data integrity and security.

Rule	S3 bucket versioning should be enabled
Framework	NIST 800-53 Revision 5
Severity	✔ High

Rule Description

This rule requires enabling versioning for Amazon S3 buckets to comply with the security guidelines outlined in the NIST 800-53 Revision 5 publication.

Troubleshooting Steps

1.
Ensure you have the necessary permissions to enable versioning for S3 buckets.

2.
Check if versioning is already enabled for the bucket. If so, no further action is required.

3.
Verify if the S3 bucket is located in the correct region.

Code

There is no specific code required to enable versioning for S3 buckets as it can be done through the AWS Management Console, AWS Command Line Interface (CLI), or AWS SDKs.

Remediation Steps

AWS Management Console

1.
Open the AWS Management Console and navigate to the S3 service.

2.
Select the desired bucket for which you want to enable versioning.

3.
Click on the "Properties" tab.

4.
Under the "Versioning" section, click on "Edit".

5.
Select the option to enable versioning and click "Save changes".

AWS CLI

1.
Open the command line interface and ensure you have the AWS CLI installed and configured.

2.
Run the following command to enable versioning for the bucket:

aws s3api put-bucket-versioning --bucket <bucket-name> --versioning-configuration Status=Enabled

Replace

<bucket-name>

with the name of the bucket you want to enable versioning for.

1.
Verify if versioning is enabled by running the following command:

aws s3api get-bucket-versioning --bucket <bucket-name>

AWS SDKs

Refer to the documentation of the specific AWS SDK you are using to enable versioning for S3 buckets programmatically.

Verification Steps

To verify if versioning is enabled for the S3 bucket:

1.
Open the AWS Management Console and navigate to the S3 service.

2.
Select the bucket for which you enabled versioning.

3.
Check if the "Properties" tab displays the versioning status as "Enabled".

4.
Optionally, you can also use the AWS CLI command mentioned above to verify the versioning status programmatically.

Enable S3 Bucket Versioning Rule

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS Management Console

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS CLI

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS SDKs

Is your System Free of Underlying Vulnerabilities? Find Out Now

AWS Management Console

AWS CLI

AWS SDKs

Is your System Free of Underlying Vulnerabilities?
Find Out Now