Description: 

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures. When you enable versioning for a bucket, if Amazon S3 receives multiple write requests for the same object simultaneously, it stores all of the objects.


Rationale: 

Enable versioning for a bucket, Amazon S3 automatically generates a unique version ID for the object being stored. In one bucket, for example, you can have two objects with the same key, but different version IDs. If you notice a significant increase in the number of HTTP 503-slow down responses received for Amazon S3 PUT or DELETE object requests to a bucket that has S3 Versioning enabled, you might have one or more objects in the bucket for which there are millions of versions.

If you delete an object, instead of removing it permanently, Amazon S3 inserts a delete marker, which becomes the current object version. You can always restore the previous version.

Note:  Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.


Remediation: 

    To enable server access logging for an S3 bucket

1. Sign in to the AWS Management Console and open the S3 console at https://console.aws.amazon.com/s3. 

2. In the Bucket name list, choose the name of the bucket that you want to enable server access logging for.

3. Choose Properties.

4. Choose Object Versioning.

5. Choose Enable Object Versioning. For Target, choose the name of the bucket that you want to receive the log record objects. The target bucket must be in the same Region as the source bucket and must not have a default retention period configuration.

6. Choose Save.


Default Value: Enabling and suspending versioning is done at the bucket level. When you enable versioning on an existing bucket, objects that are already stored in the bucket are unchanged. The version IDs (null), contents, and permissions remain the same. After you enable S3 Versioning for a bucket, each object that is added to the bucket gets a version ID, which distinguishes it from other versions of the same key.


References: 

   https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectVersioning.html