Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable S3 Bucket Versioning Rule

Ensure compliance by enabling versioning for S3 buckets for enhanced data protection.

RuleS3 bucket versioning should be enabled
FrameworkFedRAMP Low Revision 4
Severity
High

Rule Description:

The rule requires enabling versioning for the S3 bucket to comply with the FedRAMP Low Revision 4 security standard. Versioning allows you to preserve, retrieve, and restore every version of an object within the bucket. This is crucial for data retention, backup, and recovery purposes, ensuring data integrity and meeting compliance requirements.

Troubleshooting Steps:

If versioning is not enabled for the S3 bucket, you may encounter the following issues:

  2. 1.
    Data Loss: Without versioning, accidental deletions or overwrites may result in irretrievable data loss.
  4. 2.
    Compliance Violation: The absence of versioning violates the security controls mandated by FedRAMP Low Revision 4.

Necessary Code:

To enable versioning for an S3 bucket, you need to use the AWS Command Line Interface (CLI) or AWS SDKs. Here is an example of the CLI command:

aws s3api put-bucket-versioning --bucket YOUR_BUCKET_NAME --versioning-configuration Status=Enabled

Make sure to replace 

YOUR_BUCKET_NAME
with the actual name of your S3 bucket.

Step-by-Step Guide for Remediation:

Follow these steps to enable versioning for an S3 bucket using the AWS CLI:

  2. 1.

    Install and configure the AWS CLI: If you haven't done so already, install the AWS CLI on your local machine and configure it with your AWS access credentials.

  4. 2.

    Open a terminal or command prompt: Launch a terminal or command prompt on your local machine.

  6. 3.

    Execute the AWS CLI command: Type or copy the following command into the terminal, replacing 

    YOUR_BUCKET_NAME
    with the actual name of your S3 bucket:

aws s3api put-bucket-versioning --bucket YOUR_BUCKET_NAME --versioning-configuration Status=Enabled
  2. 1.

    Press Enter: Hit the Enter key to execute the command.

  4. 2.

    Verify versioning status: To confirm that versioning has been enabled, you can retrieve the bucket's versioning configuration using the following command:

aws s3api get-bucket-versioning --bucket YOUR_BUCKET_NAME

Make sure the returned output shows 

"Status": "Enabled"
.

  2. 1.
    Repeat the process: If you have multiple buckets, ensure that versioning is enabled for all of them.

By following these steps, you will successfully enable versioning for your S3 bucket, ensuring compliance with the FedRAMP Low Revision 4 standard.

Is your System Free of Underlying Vulnerabilities?
Find Out Now