S3 Object Versioning and MFA Delete Study Notes

Posted on Leave a comment
AWS Cover
Reading Time: 2 minutes

In this post, I make available my notes about S3 Object Versioning made from Adrian Cantrill’s course AWS Certified Solutions Architect – Associate (SAA-C02). The Q&A session below can be used to validate your knowledge or create Flashcards for study. Since this is a piece of knowledge in construction there may be mistakes, drop a comment for any suggestions.


Object versioning is established at bucket level and can go only from the state Disabled to Enabled and Suspend. Once enabled it can never be disabled, only suspended. Object versioning keeps a version of the object every time an operation modifies the object, which increases the s3 bucket usage, and even when suspended the version remains.

Without versioning, objects are identified only by the key, and Version ID null and changes override the object; with object versioning, the id holds the version and the current version is always the latest modified object. Since versioning can’t be disabled, the unique way to zero cost is to upload the files to a new bucket without versioning and delete the old bucket.

When deleting an object without specifying a Version, a Delete Marker is added, and previous versions are hidden in the AWS console UI but not deleted, so it consumes s3 bucket space. A Delete Marker is a special version of Object that hides the previous versions. You can delete a Delete Marker, and the current version of an object will be the latest version. For a real delete, you must specify the version id.

MFA Delete is enabled in version configuration, and it requires MFA to delete an object version. When performing an API Call, you need to pass the Serial Number (MFA) + code.

See more content like this by accessing the Study Note Tag or AWS Category inside this blog or know my methodology of studying for AWS certification.

Leave a Reply

Your email address will not be published. Required fields are marked *