Description:
Lightsail provides object storage called a bucket that is used to store your data. You can add objects to your bucket by uploading files using the Lighsail console or by configuring your application to put content like logs or other application data in the bucket.
Rational:
Versioning allows you to preserve, retrieve, and restore every version of every object storage in your bucket, providing an additional level of protection from accidental overwrites and deletes.
Impact:
The versioning state applies to all of the objects in that bucket. When you enable versioning in a bucket, all new objects are versioned and given a unique version ID. Objects that already existed in the bucket at the time versioning was enabled will thereafter always be versioned and given a unique version ID when they are modified by future requests.
Default Value:
By default, versioning is disabled.
Audit:
Sign in to AWS Management console
Go to the Lightsail service at https://lightsail.aws.amazon.com/
Select the storage tab and choose the bucket and click on it to examine
Go to the versioning tab and check whether it’s enabled or disabled
If you notice versioning is disabled, follow the implementation steps.
Remediation:
Pre-requisites:
Sign in as admin or IAM user with required permissions
Implementation steps:
Sign in to AWS Management console
Go to the Lightsail service at https://lightsail.aws.amazon.com/
Select the storage tab and choose the bucket and click on it to enable versioning
Go to the versioning tab and click on the toggle button to enable the versioning
Via CLI:
update-bucket
--bucket-name <value>
[--versioning <value>]
Backout plan:
Sign in to AWS Management console
Go to the Lightsail service at https://lightsail.aws.amazon.com/
Select the storage tab and choose the bucket and click on it to disable versioning
Go to the versioning tab and click on the toggle button to turn off the versioning
Reference:
https://aws.amazon.com/lightsail/
https://docs.aws.amazon.com/cli/latest/reference/lightsail/update-bucket.html