lacework-global-94

Ensure the S3 bucket requires MFA to delete objects

Description

Objects in the bucket are able to be deleted according to bucket ACL or policy. If objects in the bucket are considered permanent, MFA delete can help prevent accidental deletion by requiring a second factor.

Remediation

MFA delete must be enabled through the AWS CLI. Please see AWS documentation for a complete understanding:

https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html

VersioningState

MfaDeleteState

Ensure the S3 bucket requires MFA to delete objects​

Description​

Remediation​

Ensure the S3 bucket requires MFA to delete objects

Description

Remediation