DEV Community

Cover image for Secure the S3 Bucket with MFA
waqas_ahmed01 for AWS Community Builders

Posted on • Edited on

2

Secure the S3 Bucket with MFA

Do you know that you can secure your S3 Bucket by integrating the MFA to avoid any object deletion accidently?

The answer is Yes...!!
You can enable the MFA on S3 bucket but first you will need to enable the versioning on the bucket. Also the MFA can't be enable via AWS Management Console so either use AWS CLI or AWS SDK to enable MFA. In this article, I will walk you though the step by step instruction to enable MFA.

Step - 1: Configure MFA Device

AWS Support multiple types of MFA device both physical hardware on virtual. In this blog, we will configure virtual MFA

Login in your AWS Account, on right top click on Avatar and select Security Credentials , select the first option Authentication App

AWS Supported MFA Devices

I will be using Twillo Authy app for authentication. Generate the secret key and enter into Authy app to configure new account, as shown in figure below

Twillo Authy App

Image description

Once configure it'll show virtual device under the MFA on AWS Console

Virtual Device Type AWS Console

Step - 2: Enable the Versioning on S3 Bucket

If versioning is not enable on S3 bucket make sure to enable that before enabling the MFA. We will use AWS CLI to configure the Versioning.

aws s3api put-bucket-versioning --bucket <bucket_name> --versioning-configuration Status=Enabled
Enter fullscreen mode Exit fullscreen mode

Enable Versioning for S3 Bucket

Step - 3: Enable the MFA

We will be using following AWS CLI command to enable versioning.

aws s3api put-bucket-versioning --bucket <bucket_name>--versioning-configuration Status=Enabled,MFADelete=Enabled --mfa "arn:aws:iam::<>:mfa/root-account-mfa-device Passcode"
Enter fullscreen mode Exit fullscreen mode

MFA Serial can be found into AWS Console

Virtual MFA Device Serial No:

Image description

tarrahhhh! Congratulation, you have configured the MFA for S3 Bucket.

If you like this article than don't forget to share it with others ;)

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

Best Practices for Running  Container WordPress on AWS (ECS, EFS, RDS, ELB) using CDK cover image

Best Practices for Running Container WordPress on AWS (ECS, EFS, RDS, ELB) using CDK

This post discusses the process of migrating a growing WordPress eShop business to AWS using AWS CDK for an easily scalable, high availability architecture. The detailed structure encompasses several pillars: Compute, Storage, Database, Cache, CDN, DNS, Security, and Backup.

Read full post

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay