More Info:

AWS S3 buckets should use Multi-Factor Authentication (MFA) Delete feature in order to prevent the deletion of any versioned S3 objects (files).

Risk Level

Low

Address

Security

Compliance Standards

CISAWS, CBP

Triage and Remediation

Remediation

Sure, here are the step-by-step instructions to remediate the S3 Bucket misconfiguration of not having MFA Delete enabled in AWS:

  1. Log in to your AWS Management Console.
  2. Navigate to the S3 service.
  3. Click on the S3 bucket that you want to remediate.
  4. Click on the “Properties” tab.
  5. Scroll down to the “Delete” section and click on “Edit”.
  6. Select the “Enable MFA delete” checkbox.
  7. Click on “Save changes”.
  8. A pop-up window will appear asking you to enter your MFA code. Enter the code and click on “Save changes”.
  9. MFA Delete is now enabled for your S3 bucket.

Note: MFA Delete requires the use of a virtual MFA device or a hardware MFA device. You will need to configure MFA for your AWS account before you can enable MFA Delete for your S3 bucket.

Additional Reading: