main
Powered By GitBook
AWS S3 Bucket Has MFA Delete Enabled
Risk
Remediation Effort
Low
Low
This policy validates that a S3 bucket has MFA Delete enabled.
MFA delete ensures that all actions to delete objects in the bucket are authenticated with MFA. This provides an additional layer of security against malicious or accidental data loss.
Remediation
To remediate this, you must use a root account access key and execute the following command:
1
$ aws put-bucket-versioning --bucket <example-bucket> MFADelete=Enabled
Copied!
This cannot be performed from the AWS Console or in CloudFormation
Reference
Last modified 6mo ago
Copy link