Object Versioning

Versioning enables you to keep multiple versions of an object in one bucket. You must explicitly enable versioning on your bucket. By default versioning is disabled. Regardless of whether you have enabled versioning on your bucket or not, each object has a version ID. If you have not enabled versioning on your bucket, then Amazon S3 sets the version ID value null. If you have enabled versioning on your bucket, Amazon S3 assigns a unique version ID value for the object.

Versioning enables you to keep multiple versions of an object in one bucket, for example, my-image.jpg (version 111111) and my-image.jpg (version 222222). You might enable versioning to recover from unintended overwrites and deletions or to archive objects so that you can retrieve previous versions of them.

When you enable versioning on a bucket, existing objects, if any, in the bucket are unchanged: the version IDs (null), contents, and permissions remain the same.

Enabling and suspending versioning is done at the bucket level. When you enable versioning for a bucket, all objects added to it will have a unique version ID. Unique version IDs are randomly generated, Unicode, UTF-8 encoded, URL-ready, opaque strings that are at most 1024 bytes long. An example version ID is 3/L4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo. Only Amazon S3 generates version IDs. They cannot be edited.

When you PUT an object in a version-enabled bucket, the old version is not overwritten. The following figure shows that when a new version of photo.gif is PUT into a bucket that already contains an object with the same name, the original object (ID = 111111) remains in the bucket, Amazon S3 generates a new version ID (121212), and adds the newer version to the bucket.

This functionality prevents you from accidentally overwriting or deleting objects and affords you the opportunity to retrieve a previous version of an object.

When you DELETE an object, all versions remain in the bucket and Amazon S3 inserts a delete marker, as shown in the following figure.

The delete marker becomes the latest version of the object. By default, GET requests retrieve the most recently stored version. Performing a simple GET Object request when the latest version is a delete marker returns a 404 Not Found error, as shown in the following figure.

You can, however, GET an older version of an object by specifying its version ID. In the following figure, we GET a specific object version, 111111. Amazon S3 returns that object version even though it's not the latest version.

You can permanently delete an object by specifying the version you want to delete. Only the owner of an Amazon S3 bucket can permanently delete a version. The following figure shows how DELETE versionId permanently deletes an object from a bucket and that Amazon S3 doesn't insert a delete marker.

You can add additional security by configuring a bucket to enable MFA (Multi-Factor Authentication) Delete. When you do, the bucket owner must include two forms of authentication in any request to delete a version or change the versioning state of the bucket. For more information, see MFA Delete.

For more information, see Using Versioning.