Ensure that S3 bucket has versioning enabled

Versioning in Amazon S3 is a means of keeping multiple variants of an object in the same bucket. Versioning-enabled buckets can help you recover objects from accidental deletion or overwrite. Hence, versioning should be enabled on S3 bucket.

Risk Level: Low
Cloud Entity: Simple Storage Service (S3)
CloudGuard Rule ID: D9.CFT.OPE.04
Covered by Spectral: Yes
Category: Storage

GSL LOGIC

AWS_S3_Bucket should have VersioningConfiguration.Status='Enabled'

REMEDIATION

From CFT
Set AWS::S3::Bucket VersioningConfiguration.Status property to Enabled

References

  1. https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html
  2. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-versioningconfig.html

Simple Storage Service (S3)

Companies today need the ability to simply and securely collect, store, and analyze their data at a massive scale. Amazon S3 is object storage built to store and retrieve any amount of data from anywhere ��� web sites and mobile apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver 99.999999999% durability, and stores data for millions of applications used by market leaders in every indu

Compliance Frameworks

  • AWS CloudFormation ruleset