Amazon Simple Storage Service
Amazon Simple Storage Service
Amazon S3 is AWS object storage — massive, durable file storage with global access, the de facto standard for internet applications.
11 nines of durability — data essentially never lost
Egress traffic fees are a frequent hidden cost
Create an IAM user/role in the AWS Console or CLI to get an access key and secret. In almost all cases the AWS SDK handles SigV4 signing for you. Typical calls: S3.putObject, getObject, createPresignedUrl.
Uptime · 30-day window
GitHub activity
About this API
Amazon S3, launched in 2006, is one of the oldest and most stable AWS services. "Object storage" means data is read and written as whole objects — there is no partial-write API like a filesystem. Upload a 100 MB video and it is one object; to update you reupload the whole thing. This design is what lets S3 scale comfortably to exabytes.
The core concepts are buckets and objects. A bucket is a globally unique container in a specific region, and an object is a file inside it addressed by a key (like photos/2024/avatar.png). There are no real folders — the slash separator is a naming convention. A common pattern is pre-signed URLs, which let browsers or clients upload and download directly, bypassing your server to save bandwidth and cost.
Pricing is easy to underestimate. Storage itself is cheap per GB/month, but request counts (GET/PUT/LIST at roughly a few cents per thousand) and egress (~$0.09/GB) drive the bill. Common optimizations include fronting S3 with CloudFront or enabling Intelligent-Tiering to auto-shift cold data. Permissions deserve care: bucket policy, ACLs, and IAM stack. Default "block all public access" was only added in 2018 — older buckets can still be misconfigured into public exposure.
What you can build
- 1Host static website assets (HTML, JS, images)
- 2Store user uploads (photos, videos, attachments)
- 3Hold raw data for analytics data lakes
- 4Archive cold data into Glacier for long-term storage
- 5Act as an origin for CloudFront CDN distribution
Strengths & limitations
Strengths
- 11 nines of durability — data essentially never lost
- Deep AWS integration (Lambda, Athena, CloudFront)
- Pre-signed URLs make secure client-direct uploads easy
- Storage class tiers (Standard / IA / Glacier) enable cost optimization
Limitations
- Egress traffic fees are a frequent hidden cost
- Consistency is now strong (was eventual) — older docs can mislead
- Bucket policy + ACL + IAM is a three-layer permission model and is easy to misconfigure into public exposure
Example request
curl https://github.com/mermade/aws2openapi/<endpoint> \
-H "Authorization: Bearer $API_KEY"
# Some providers use X-Api-Key instead — verify in the docs.Getting started
Create an IAM user/role in the AWS Console or CLI to get an access key and secret. In almost all cases the AWS SDK handles SigV4 signing for you. Typical calls: S3.putObject, getObject, createPresignedUrl.
FAQ
How much is the S3 free tier?+
First 12 months: 5 GB Standard storage, 20,000 GETs, 2,000 PUTs per month. Beyond that, pay as you go.
How do I make an uploaded file publicly accessible?+
Combine a bucket policy or object ACL granting public read and disable block-public-access. For production, prefer CloudFront in front of a private bucket.
Strong consistency or eventual?+
Since 2020 all operations are strong read-after-write consistent. Older docs claiming eventual consistency are out of date.
How do I cut costs?+
Use lifecycle policies to move cold data to Standard-IA or Glacier, front S3 with CloudFront to cut egress, and clean up incomplete multipart uploads.
Technical details
- Auth type
- api_key
- Pricing
- paid
- Protocols
- REST
- SDKs
- python, javascript, typescript, java, go, ruby, php, csharp
- Response time
- 10 ms
- Last health check
- 5/12/2026, 7:36:34 AM
Endpoints
Parsed from the OpenAPI spec. Showing 12 of 93 non-deprecated endpoints.
//{Bucket}/{Bucket}/{Bucket}/{Bucket}/{Bucket}/{Key}/{Bucket}/{Key}/{Bucket}/{Key}/{Bucket}/{Key}/{Bucket}/{Key}#acl/{Bucket}/{Key}#acl/{Bucket}/{Key}#attributes&x-amz-object-attributes81 more endpoints not shown. See the OpenAPI spec for the full list.
More from Amazon Web Services
AWS IAM Access Analyzer API analyzes IAM resource policies for over-privileged access or external access — proactively surfaces security risks.
Amazon Chime SDK API embeds real-time audio/video calling and chat into apps (meetings, messaging, PSTN calls).
Amazon CloudFront is the AWS CDN and edge service — accelerates static and dynamic content delivery, a standard for web performance.
Amazon CloudSearch is AWS's managed search service (gradually superseded by OpenSearch Service).
CloudWatch Application Insights API auto-detects application problems — intelligently identifies anomalies (slow SQL queries, memory leaks), reducing manual alarm configuration.
AWS Cognito Identity Pools API issues temporary AWS credentials to frontend apps — identity federation, guest users, direct AWS resource access.
Amazon Cognito User Pools deliver managed user signup, login, password reset, and MFA for applications.
Amazon Connect Contact Lens API uses AI to analyze Amazon Connect calls in real time — sentiment, keywords, compliance detection, auto-summary.