Once you enable Versioning for a bucket, S3 preserves existing objects anytime you perform a PUT, POST, COPY, or DELETE operation on them. You can enable versioning while creating an object or later from the Properties tab of the bucket.
Important notes on versioning
-
The bucket owner, the AWS account that created the bucket (root account), and all authorized IAM users can enable versioning.
-
Only the owner of an S3 bucket can permanently delete a version.
-
If you delete an object, you can restore it. If you delete a version, you cannot restore it.
-
You can set Lifecycle rules to manage the lifetime and the cost of storing multiple versions of your objects.
-
S3 Lifecycle management can work with or without enabling versioning.
-
Pricing: Normal S3 rates apply for every version of an object stored or requested.
-
Versioning’s MFA Delete capability can be used to provide an additional layer of security while deleting versions.
Notes on MFA Delete
-
Versioning’s MFA Delete capability uses multi-factor authentication for deleting versions permanently in addition to the standard AWS account credentials based authentication.
-
You can enable MFA delete using the Amazon Rest API for S3 or the bucket explorer.
-
Only the bucket owner (root account) can enable MFA delete.
-
Once you enabled MFA delete, all future requests to change the versioning state or delete a version will require the request header x-amz-mfa .
-
`With every Delete Object Rest API request you also must send registered MFA Device's Serial Number and its AuthenticationCode.
-
- heartin's blog
- Log in or register to post comments
Comments
completed
completed