Articles → AWS → Enable MFA For S3 Bucket

Enable MFA For S3 Bucket



  1. Create a S3 bucket
  2. Enable MFA for the account
  3. Write command to enable MFA for S3 bucket
  4. Output

Create A S3 Bucket

Picture showing the S3 bucket created in AWS console

Click to Enlarge

Enable MFA For The Account

Write Command To Enable MFA For S3 Bucket

aws s3api put-bucket-versioning --profile <Your_Profile> --bucket <Bucket_Name> --versioning-configuration Status=Enabled,MFADelete=Enabled --mfa "<ARN_OF_MFA_DEVICE> <Code>"

  1. Your_Profile → Your profile stored in "c:\users\< username >\.aws\config
  2. Picture showing the profile information in config file

    Click to Enlarge

  3. Bucket_Name → The S3 bucket on which MFA will be enabled
  4. ARN_OF_MFA_DEVICE → This is the ARN of your MFA device. You can get this value from "Your Security Credentials" section
  5. Picture showing the Your Security Credentials screen for getting the ARN of MFA device

    Click to Enlarge

  6. Code → This is the six-digit code generated in authenticator

Picture showing the MFA Delete enabled in S3 bucket

Click to Enlarge


Picture showing the error message when user is trying to delete an object from S3 bucket

Click to Enlarge

Disable MFA

aws s3api put-bucket-versioning --profile <Your_Profile> --bucket <Bucket_Name> --versioning-configuration Status=Disabled,MFADelete=Enabled --mfa "<ARN_OF_MFA_DEVICE> <Code>"

Posted By  -  Karan Gupta
Posted On  -  Friday, August 5, 2022


Your Email Id  
Query/FeedbackCharacters remaining 250