S3 bucket versioning and lifecycle policies should be enabled¶
Description¶
S3 bucket versioning and lifecycle policies are used to protect data availability and integrity. By enabling object versioning, data is protected from overwrites and deletions. Lifecycle policies ensure sensitive data is deleted when appropriate.
Console Remediation Steps¶
Enable versioning:
Navigate to S3.
Select the desired S3 bucket.
Select the Properties tab.
Click Versioning.
Check Enable Versioning.
Enable lifecycle policy:
CLI Remediation Steps¶
Enable versioning:
aws s3api put-bucket-versioning --bucket <bucket name> --versioning-configuration Status=Enabled
Enable lifecycle policy:
aws s3api put-bucket-lifecycle-configuration --bucket <bucket name> --lifecycle-configuration file://lifecycle.json
See documentation for JSON sample here.