Amazon_S3_24

Ensure S3 Object Lock is enabled

Description

Amazon S3 buckets have an Object Lock feature that prevents the objects they store from being deleted. Object Lock is an Amazon S3 feature that blocks object version deletion during a user-defined retention period. This feature provides two ways to manage object retention.

  1. Retention periods
  2. Legal Holds

1. Retention Periods:- In this A retention period specifies a fixed time frame during which an S3 object remains locked, meaning that it can’t be overwritten or deleted.

2. Legal Holds:- In this, A legal hold the same protection as a retention period, but without an expiration date. It remains active until you explicitly remove it.

Remediation

Perform the following steps to enable object lock:

  1. Sign in to AWS Management Console.
  2. click on to S3 dashboard at https://console.aws.amazon.com/s3/.
  3. Click + Create bucket button to start the setup process.
  4. Within Create bucket dialog box, perform the following:<ol style="list-style-type: lower-alpha

Service

S3

Severity

Low

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!