Deleting an object from an MFA delete-enabled bucket - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Deleting an object from an MFA delete-enabled bucket

If a bucket's versioning configuration is MFA delete enabled, the bucket owner must include the x-amz-mfa request header in requests to permanently delete an object version or change the versioning state of the bucket. Requests that include x-amz-mfa must use HTTPS.

The header's value is the concatenation of your authentication device's serial number, a space, and the authentication code displayed on it. If you don't include this request header, the request fails.

For more information about authentication devices, see Multi-factor Authentication.

Example — Deleting an object from an MFA delete-enabled bucket

The following example deletes my-image.jpg (with the specified version), which is in a bucket configured with MFA delete enabled.

Note the space between [SerialNumber] and [AuthenticationCode]. For more information, see DeleteObject in the Amazon Simple Storage Service API Reference.

DELETE /my-image.jpg?versionId=3HL4kqCxf3vjVBH40Nrjfkd HTTPS/1.1 Host: bucketName.s3.amazonaws.com x-amz-mfa: 20899872 301749 Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: AWS AKIAIOSFODNN7EXAMPLE:0RQf4/cRonhpaBX5sCYVf1bNRuU=

For more information about enabling MFA delete, see Configuring MFA delete.