lacework-global-94
Ensure the S3 bucket requires MFA to delete objects
Description
Objects in the bucket are able to be deleted according to bucket ACL or policy. If objects in the bucket are considered permanent, MFA delete can help prevent accidental deletion by requiring a second factor.
Remediation
MFA delete must be enabled through the AWS CLI. Please see AWS documentation for a complete understanding:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html
VersioningState
MfaDeleteState