Articles → AWS → Enable MFA For S3 Bucket

Enable MFA For S3 Bucket






Purpose





Steps




  1. Create an S3 bucket
  2. Enable MFA for the account
  3. Enable transfer acceleration on the S3 bucket
  4. Write the command to enable MFA for the S3 bucket
  5. Output



Create An S3 Bucket




Picture showing the S3 bucket created in AWS console
Click to Enlarge


Enable MFA For The Account





Enable Transfer Acceleration On The S3 Bucket





Write Command To Enable MFA For S3 Bucket




aws s3api put-bucket-versioning --profile <Your_Profile> --bucket <Bucket_Name> --versioning-configuration Status=Enabled,MFADelete=Enabled --mfa "<ARN_OF_MFA_DEVICE> <Code>"




  1. Your_Profile → Your profile stored in c:\users\[username]\.aws\config
    2. Picture showing the profile information in config file
    Click to Enlarge

  2. Bucket_Name → The S3 bucket on which MFA will be enabled
  3. ARN_OF_MFA_DEVICE → This is the ARN of your MFA device. You can get this value from the Your Security Credentials section
    4. Picture showing the Your Security Credentials screen for getting the ARN of MFA device
    Click to Enlarge

  4. Code → This is the six-digit code generated in the authenticator


Picture showing the MFA Delete enabled in S3 bucket
Click to Enlarge


Output




Picture showing the error message when user is trying to delete an object from S3 bucket
Click to Enlarge


Disable MFA




{
  "Bucket": "gyansangrah",
  "VersioningConfiguration": {
    "Status": "Suspended",
    "MFADelete": "Disabled"
  }
}




aws s3api put-bucket-versioning --bucket <bucket name> --cli-input-json <versioning-config.json file path> --mfa "<ARN_OF_MFA_DEVICE> <Code>"



Posted By  -  Karan Gupta
 
Posted On  -  Friday, August 5, 2022
 
Updated On  -  Thursday, August 3, 2023

Query/Feedback


Your Email Id  
 
Subject 
 
Query/FeedbackCharacters remaining 250