S3 Bucket without versioning

ID

aws_s3_bucket_versioning

Severity

low

Vendor

AWS

Resource

Backup Recovery

Tags

non-reachable

Description

S3 Bucket without versioning. With versioning you can recover more easily from both unintended user actions and application failures. After versioning is enabled for a bucket, if Amazon S3 receives multiple write requests for the same object simultaneously, it stores all of those objects.

To fix it, you must configure versioning=true.

You have more information about this topic AWS S3 Versioning.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - amazon.aws.s3_bucket:
        name: mys3bucket
        policy: "{{ lookup('file','policy.json') }}"
        requester_pays: true
        tags:
          example: tag1
          another: tag2

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - amazon.aws.s3_bucket:
        name: mys3bucket
        policy: "{{ lookup('file','policy.json') }}"
        requester_pays: true
        versioning: true
        tags:
          example: tag1
          another: tag2