MFA Delete

  • You can optionally add another layer of security by configuring a bucket to enable MFA Delete, which requires additional authentication for either of the following operations:

    • Change the versioning state of your bucket.

    • Permanently delete an object version.

  • MFA Delete requires two forms of authentication together:

    • Your security credentials.

    • The concatenation of a valid serial number, a space, and the six-digit code displayed on an approved authentication device.

  • MFA Delete thus provides added security in the event, for example, your security credentials are compromised.

  • Only the bucket owner can enable and disable MFA Delete.

Last updated