AWS S3 Versioning

  • You can use the S3 Versioning feature to preserve, retrieve, and restore every version of every object stored in your buckets.
  • Versioning-enabled buckets can help you recover objects from accidental deletion or overwrite.
  • After versioning is enabled for a bucket, if Amazon S3 receives multiple write requests for the same object simultaneously, it stores all of those objects.
  • For example, if you delete an object in the S3 versioned enabled bucket, Amazon S3 inserts a delete marker instead of removing the object permanently.
  • The delete marker becomes the current object version.

Buckets can be in one of three states:

  • Versioning-enabled
  • Versioning-suspended

How S3 Versioning works

  • For example, if you delete an object, instead of removing it permanently, Amazon S3 inserts a delete marker, which becomes the current object version. You can then restore the previous version.

Version ID

  • For example, in one bucket you can have two objects with the same key but different version IDs, such as photo.gif (version 111111) and photo.gif (version 121212).
  • If you don’t enable S3 Versioning, Amazon S3 sets the value of the version ID to null. If you enable S3 Versioning, Amazon S3 assigns a version ID value for the object.

Versioning workflows

  • The following figure shows that when a new version photo.gif is PUT into a bucket that already contains an object with the same name, the original object (ID = 111111) remains in the bucket, Amazon S3 generates a new version ID (121212) and adds the newer version to the bucket.

Deleting Object

  • Performing a simple GET Object request, when the current version is a delete marker, returns a 404 Not Found error, as shown in the above diagram.

Permanently Delete

  • Only the owner of an Amazon S3 bucket can permanently delete a version. The following figure shows how DELETE versionId permanently deletes an object from a bucket and that Amazon S3 doesn't insert a delete marker.
  • You can add more security by configuring a bucket to enable MFA (multi-factor authentication) delete.
  • When you do, the bucket owner must include two forms of authentication in any request to delete a version or change the versioning state of the bucket.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store