Ensure that your AWS S3 buckets have the versioning flag enabled in order to preserve and recover overwritten and deleted S3 objects as an extra layer of data protection and/or data retention.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Using versioning-enabled S3 buckets will allow you to preserve, retrieve, and restore every version of an S3 object. S3 versioning can be used for data protection and retention scenarios such as recovering objects that have been accidentally/intentionally deleted or overwritten by AWS users or applications and archiving previous versions of objects to AWS Glacier for long-term low-cost storage.
To determine if your S3 buckets have versioning enabled, perform the following:
To enable object versioning for your existing S3 buckets, perform the following: