Versioning, MFA Delete, and Replication
Enable versioning to protect against accidental deletion, configure cross-region replication, and add MFA Delete.
S3 Versioning: Why It Matters
S3 Versioning enables you to preserve, retrieve, and restore every version of every object stored in a bucket. When versioning is enabled, each PUT creates a new version with a unique version ID; the old version is retained, not overwritten. If an object is deleted, S3 adds a delete marker as the current version but keeps all previous versions. This protects against accidental overwrites, accidental deletions, and unintended application-level data corruption—the most common data loss scenarios in production.
# Enable versioning on a bucket
aws s3api put-bucket-versioning \
--bucket my-important-bucket \
--versioning-configuration Status=Enabled
# List all versions of an object
aws s3api list-object-versions \
--bucket my-important-bucket \
--prefix my-document.pdfVersioning States and Transitions
An S3 bucket can be in one of three versioning states: Unversioned (default, no version IDs), Versioning-enabled (all new objects get unique version IDs, all overwrites create new versions), or Versioning-suspended (new objects get a null version ID, but existing versions are retained). You cannot delete versioning once enabled—only suspend it. Objects created before versioning was enabled have a null version ID and are not affected until overwritten or deleted.
All lessons in this course
- Buckets, Objects, and Regions
- S3 Access Control: Bucket Policies and ACLs
- Versioning, MFA Delete, and Replication
- Storage Classes and Lifecycle Policies