Menu
Amazon Simple Storage Service
Developer Guide (API Version 2006-03-01)

Document History

The following table describes the important changes since the last release of the Amazon Simple Storage Service Developer Guide.

Relevant Dates to this History:

  • Current product version: 2006-03-01

  • Last documentation update: November 17, 2017

Change Description Date
Support for ORC-formatted Amazon S3 inventory files

Amazon S3 now supports the Apache optimized row columnar (ORC) format in addition to comma-separated values (CSV) file format for inventory output files. Also, you can now query Amazon S3 inventory using standard SQL by using Amazon Athena, Amazon Redshift Spectrum, and other tools such as Presto, Apache Hive, and Apache Spark. For more information, see Amazon S3 Inventory.

In this release

Default encryption for S3 buckets

Amazon S3 default encryption provides a way to set the default encryption behavior for an S3 bucket. You can set default encryption on a bucket so that all objects are encrypted when they are stored in the bucket. The objects are encrypted using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS). For more information, see Amazon S3 Default Encryption for S3 Buckets.

November 06, 2017

Encryption status in Amazon S3 inventory

Amazon S3 now supports including encryption status in Amazon S3 inventory so you can see how your objects are encrypted at rest for compliance auditing or other purposes. You can also configure to encrypt S3 inventory with server-side encryption (SSE) or SSE-KMS so that all inventory files are encrypted accordingly. For more information, see Amazon S3 Inventory.

November 06, 2017

Cross-region replication (CRR) enhancements

Cross-region replication now supports the following:

November 06, 2017

EU (London) Region

Amazon S3 is now available in the EU (London) Region. For more information about Amazon S3 regions and endpoints, see Regions and Endpoints in the AWS General Reference.

December 13, 2016

Canada (Central) Region

Amazon S3 is now available in the Canada (Central) Region. For more information about Amazon S3 regions and endpoints, see Regions and Endpoints in the AWS General Reference.

December 8, 2016

Object tagging

Amazon S3 now supports object tagging. Object tagging enables you to categorize storage. Object key name prefixes also enable you to categorize storage, object tagging adds another dimension to it.

There are added benefits tagging offers. These include:

  • Object tags enable fine-grained access control of permissions (for example, you could grant an IAM user permissions to read-only objects with specific tags).

  • Fine-grained control in specifying lifecycle configuration. You can specify tags to select a subset of objects to which lifecycle rule applies.

  • If you have cross-region replication (CRR) configured, Amazon S3 can replicate the tags. You must grant necessary permission to the IAM role created for Amazon S3 to assume to replicate objects on your behalf.

  • You can also customize CloudWatch metrics and CloudTrail events to display information by specific tag filters.

For more information, see Object Tagging.

November 29, 2016

S3 lifecycle now support tag based filter

Amazon S3 now supports tag based filtering in lifecycle configuration. You can now specify lifecycle rule in which you can specify a key prefix, one or more object tags, or combination of both to select a subset of objects to which the lifecycle rule applies. For more information, see Object Lifecycle Management.

November 29, 2016

CloudWatch request metrics for buckets

Amazon S3 now supports CloudWatch metrics for requests made on buckets. When you enable these metrics for a bucket, the metrics report at 1 minute intervals. You can also configure which objects in a bucket will report these request metrics. For more information, see Monitoring Metrics with Amazon CloudWatch.

November 29, 2016

Amazon S3 Inventory

Amazon S3 now supports storage inventory. Amazon S3 inventory provides a flat-file output of your objects and their corresponding metadata on a daily or weekly basis for an S3 bucket or a shared prefix (that is, objects that have names that begin with a common string).

For more information, see Amazon S3 Inventory.

November 29, 2016

Amazon S3 Analytics – Storage Class Analysis

The new Amazon S3 analytics – storage class analysis feature observes data access patterns to help you determine when to transition less frequently accessed STANDARD storage to the STANDARD_IA (IA, for infrequent access) storage class. After storage class analysis observes the infrequent access patterns of a filtered set of data over a period of time, you can use the analysis results to help you improve your lifecycle policies. This feature also includes a detailed daily analysis of your storage usage at the specified bucket, prefix, or tag level that you can export to a S3 bucket.

For more information, see Amazon S3 Analytics – Storage Class Analysis in the Amazon Simple Storage Service Developer Guide.

November 29, 2016

New Expedited and Bulk data retrievals when restoring archived objects from Amazon Glacier

Amazon S3 now supports Expedited and Bulk data retrievals in addition to Standard retrievals when restoring objects archived to Amazon Glacier. For more information, see Restoring Archived Objects.

November 21, 2016

CloudTrail object logging

CloudTrail supports logging Amazon S3 object level API operations such as GetObject, PutObject, and DeleteObject. You can configure your event selectors to log object level API operations. For more information, see Logging Amazon S3 API Calls By Using AWS CloudTrail.

November 21, 2016

US East (Ohio) Region

Amazon S3 is now available in the US East (Ohio) Region. For more information about Amazon S3 regions and endpoints, see Regions and Endpoints in the AWS General Reference.

October 17, 2016

IPv6 support for Amazon S3 Transfer Acceleration

Amazon S3 now supports Internet Protocol version 6 (IPv6) for Amazon S3 Transfer Acceleration. You can connect to Amazon S3 over IPv6 by using the new dual-stack for Transfer Acceleration endpoint. For more information, see Getting Started with Amazon S3 Transfer Acceleration.

October 6, 2016

IPv6 support

Amazon S3 now supports Internet Protocol version 6 (IPv6). You can access Amazon S3 over IPv6 by using dual-stack endpoints. For more information, see Making Requests to Amazon S3 over IPv6.

August 11, 2016

Asia Pacific (Mumbai) Region

Amazon S3 is now available in the Asia Pacific (Mumbai) Region. For more information about Amazon S3 regions and endpoints, see Regions and Endpoints in the AWS General Reference.

June 27, 2016

Amazon S3 Transfer Acceleration

Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations.

For more information, see Amazon S3 Transfer Acceleration.

April 19, 2016

Lifecycle support to remove expired object delete markers

Lifecycle configuration Expiration action now allows you to direct Amazon S3 to remove expired object delete markers in a versioned bucket. For more information, see Elements to Describe Lifecycle Actions.

March 16, 2016

Bucket lifecycle configuration now supports action to abort incomplete multipart uploads

Bucket lifecycle configuration now supports the AbortIncompleteMultipartUpload action that you can use to direct Amazon S3 to abort multipart uploads that don't complete within a specified number of days after being initiated. When a multipart upload becomes eligible for an abort operation, Amazon S3 deletes any uploaded parts and aborts the multipart upload.

For conceptual information, see the following topics in the Amazon Simple Storage Service Developer Guide:

The following API operations have been updated to support the new action:

  • PUT Bucket lifecycle – The XML configuration now allows you to specify the AbortIncompleteMultipartUpload action in a lifecycle configuration rule.

  • List Parts and Initiate Multipart Upload – Both of these API operations now return two additional response headers (x-amz-abort-date, and x-amz-abort​-rule-id) if the bucket has a lifecycle rule that specifies the AbortIncompleteMultipartUpload action. These headers in the response indicate when the initiated multipart upload will become eligible for abort operation and which lifecycle rule is applicable.

March 16, 2016

Asia Pacific (Seoul) region

Amazon S3 is now available in the Asia Pacific (Seoul) region. For more information about Amazon S3 regions and endpoints, see Regions and Endpoints in the AWS General Reference.

January 6, 2016
New condition key and a Multipart Upload change

IAM policies now support an Amazon S3 s3:x-amz-storage-class condition key. For more information, see Specifying Conditions in a Policy.

You no longer need to be the initiator of a multipart upload to upload parts and complete the upload. For more information, see Multipart Upload API and Permissions.

December 14, 2015

Renamed the US Standard region Changed the region name string from "US Standard" to "US East (N. Virginia)." This is only a region name update, there is no change in the functionality.

December 11, 2015

New storage class

Amazon S3 now offers a new storage class, STANDARD_IA (IA, for infrequent access) for storing objects. This storage class is optimized for long-lived and less frequently accessed data. For more information, see Storage Classes.

Lifecycle configuration feature updates now allow you to transition objects to the STANDARD_IA storage class. For more information, see Object Lifecycle Management.

Previously, the cross-region replication feature used the storage class of the source object for object replicas. Now, when you configure cross-region replication you can specify a storage class for the object replica created in the destination bucket. For more information, see Cross-Region Replication (CRR).

September 16, 2015

AWS CloudTrail integration

New AWS CloudTrail integration allows you to record Amazon S3 API activity in your S3 bucket. You can use CloudTrail to track S3 bucket creations or deletions, access control modifications, or lifecycle policy changes. For more information, see Logging Amazon S3 API Calls By Using AWS CloudTrail.

September 1, 2015

Bucket limit increase

Amazon S3 now supports bucket limit increases. By default, customers can create up to 100 buckets in their AWS account. Customers who need additional buckets can increase that limit by submitting a service limit increase. For information about how to increase your bucket limit, go to AWS Service Limits in the AWS General Reference. For more information, see Creating a Bucket and Bucket Restrictions and Limitations.

August 4, 2015

Consistency model update

Amazon S3 now supports read-after-write consistency for new objects added to Amazon S3 in the US East (N. Virginia) region. Prior to this update, all regions except US East (N. Virginia) region supported read-after-write consistency for new objects uploaded to Amazon S3. With this enhancement, Amazon S3 now supports read-after-write consistency in all regions for new objects added to Amazon S3. Read-after-write consistency allows you to retrieve objects immediately after creation in Amazon S3. For more information, see Regions.

August 4, 2015

Event notifications

Amazon S3 event notifications have been updated to add notifications when objects are deleted and to add filtering on object names with prefix and suffix matching. For more information, see Configuring Amazon S3 Event Notifications.

July 28, 2015

Amazon CloudWatch integration

New Amazon CloudWatch integration allows you to monitor and set alarms on your Amazon S3 usage through CloudWatch metrics for Amazon S3. Supported metrics include total bytes for standard storage, total bytes for Reduced-Redundancy storage, and total number of objects for a given S3 bucket. For more information, see Monitoring Metrics with Amazon CloudWatch.

July 28, 2015

Support for deleting and emptying non-empty buckets

Amazon S3 now supports deleting and emptying non-empty buckets. For more information, see Deleting or Emptying a Bucket.

July 16, 2015

Bucket policies for Amazon VPC endpoints

Amazon S3 has added support for bucket policies for Amazon Virtual Private Cloud (Amazon VPC) endpoints. You can use S3 bucket policies to control access to buckets from specific Amazon VPC endpoints, or specific VPCs. VPC endpoints are easy to configure, are highly reliable, and provide a secure connection to Amazon S3 without requiring a gateway or a NAT instance. For more information, see Example Bucket Policies for VPC Endpoints for Amazon S3.

April 29, 2015

Event notifications

Amazon S3 event notifications have been updated to support the switch to resource-based permissions for AWS Lambda functions. For more information, see Configuring Amazon S3 Event Notifications.

April 9, 2015

Cross-region replication

Amazon S3 now supports cross-region replication. Cross-region replication is the automatic, asynchronous copying of objects across buckets in different AWS regions. For more information, see Cross-Region Replication (CRR).

March 24, 2015

Event notifications

Amazon S3 now supports new event types and destinations in a bucket notification configuration. Prior to this release, Amazon S3 supported only the s3:ReducedRedundancyLostObject event type and an Amazon SNS topic as the destination. For more information about the new event types, see Configuring Amazon S3 Event Notifications.

November 13, 2014

Server-side encryption with customer-provided encryption keys

Server-side encryption with AWS Key Management Service (AWS KMS)

Amazon S3 now supports server-side encryption using AWS Key Management Service. This feature allows you to manage the envelope key through AWS KMS, and Amazon S3 calls AWS KMS to access the envelope key within the permissions you set.

For more information about server-side encryption with AWS KMS, see Protecting Data Using Server-Side Encryption with AWS Key Management Service.

November 12, 2014

EU (Frankfurt) region

Amazon S3 is now available in the EU (Frankfurt) region.

October 23, 2014
Server-side encryption with customer-provided encryption keys

Amazon S3 now supports server-side encryption using customer-provided encryption keys (SSE-C). Server-side encryption enables you to request Amazon S3 to encrypt your data at rest. When using SSE-C, Amazon S3 encrypts your objects with the custom encryption keys that you provide. Since Amazon S3 performs the encryption for you, you get the benefits of using your own encryption keys without the cost of writing or executing your own encryption code.

For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys).

June 12, 2014
Lifecycle support for versioning

Prior to this release, lifecycle configuration was supported only on nonversioned buckets. Now you can configure lifecycle on both nonversioned and versioning-enabled buckets. For more information, see Object Lifecycle Management.

May 20, 2014
Access control topics revised

Revised Amazon S3 access control documentation. For more information, see Managing Access Permissions to Your Amazon S3 Resources.

April 15, 2014
Server access logging topic revised

Revised server access logging documentation. For more information, see Server Access Logging.

November 26, 2013
.NET SDK samples updated to version 2.0

.NET SDK samples in this guide are now compliant to version 2.0.

November 26, 2013
SOAP Support Over HTTP Deprecated

SOAP support over HTTP is deprecated, but it is still available over HTTPS. New Amazon S3 features will not be supported for SOAP. We recommend that you use either the REST API or the AWS SDKs.

September 20, 2013
IAM policy variable support

The IAM access policy language now supports variables. When a policy is evaluated, any policy variables are replaced with values that are supplied by context-based information from the authenticated user’s session. You can use policy variables to define general purpose policies without explicitly listing all the components of the policy. For more information about policy variables, see IAM Policy Variables Overview in the IAM User Guide.

For examples of policy variables in Amazon S3, see User Policy Examples.

April 3, 2013
Console support for Requester Pays You can now configure your bucket for Requester Pays by using the Amazon S3 console. For more information, see Configure Requester Pays by Using the Amazon S3 Console. December 31, 2012
Root domain support for website hosting Amazon S3 now supports hosting static websites at the root domain. Visitors to your website can access your site from their browser without specifying "www" in the web address (e.g., "example.com"). Many customers already host static websites on Amazon S3 that are accessible from a "www" subdomain (e.g., "www.example.com"). Previously, to support root domain access, you needed to run your own web server to proxy root domain requests from browsers to your website on Amazon S3. Running a web server to proxy requests introduces additional costs, operational burden, and another potential point of failure. Now, you can take advantage of the high availability and durability of Amazon S3 for both "www" and root domain addresses. For more information, see Hosting a Static Website on Amazon S3. December 27, 2012
Console revision Amazon S3 console has been updated. The documentation topics that refer to the console have been revised accordingly. December 14, 2012
Support for Archiving Data to Amazon Glacier

Amazon S3 now supports a storage option that enables you to utilize Amazon Glacier's low-cost storage service for data archival. To archive objects, you define archival rules identifying objects and a timeline when you want Amazon S3 to archive these objects to Amazon Glacier. You can easily set the rules on a bucket using the Amazon S3 console or programmatically using the Amazon S3 API or AWS SDKs.

For more information, see Object Lifecycle Management.

November 13, 2012
Support for Website Page Redirects

For a bucket that is configured as a website, Amazon S3 now supports redirecting a request for an object to another object in the same bucket or to an external URL. For more information, see (Optional) Configuring a Webpage Redirect.

For information about hosting websites, see Hosting a Static Website on Amazon S3.

October 4, 2012
Support for Cross-Origin Resource Sharing (CORS)

Amazon S3 now supports Cross-Origin Resource Sharing (CORS). CORS defines a way in which client web applications that are loaded in one domain can interact with or access resources in a different domain. With CORS support in Amazon S3, you can build rich client-side web applications on top of Amazon S3 and selectively allow cross-domain access to your Amazon S3 resources. For more information, see Cross-Origin Resource Sharing (CORS).

August 31, 2012
Support for Cost Allocation Tags

Amazon S3 now supports cost allocation tagging, which allows you to label S3 buckets so you can more easily track their cost against projects or other criteria. For more information about using tagging for buckets, see Using Cost Allocation Tags for S3 Buckets.

August 21, 2012
Support for MFA-protected API access in bucket policies

Amazon S3 now supports MFA-protected API access, a feature that can enforce AWS Multi-Factor Authentication for an extra level of security when accessing your Amazon S3 resources. It is a security feature that requires users to prove physical possession of an MFA device by providing a valid MFA code. For more information, go to AWS Multi-Factor Authentication. You can now require MFA authentication for any requests to access your Amazon S3 resources.

To enforce MFA authentication, Amazon S3 now supports the aws:MultiFactorAuthAge key in a bucket policy. For an example bucket policy, see Adding a Bucket Policy to Require MFA.

July 10, 2012
Object Expiration support You can use Object Expiration to schedule automatic removal of data after a configured time period. You set object expiration by adding lifecycle configuration to a bucket. 27 December 2011
New region supported Amazon S3 now supports the South America (São Paulo) region. For more information, see Accessing a Bucket. December 14, 2011
Multi-Object Delete Amazon S3 now supports Multi-Object Delete API that enables you to delete multiple objects in a single request. With this feature, you can remove large numbers of objects from Amazon S3 more quickly than using multiple individual DELETE requests. For more information, see Deleting Objects. December 7, 2011
New region supported Amazon S3 now supports the US West (Oregon) region. For more information, see Buckets and Regions. November 8, 2011
Documentation Update Documentation bug fixes. November 8, 2011

Documentation Update

In addition to documentation bug fixes, this release includes the following enhancements:

October 17, 2011

Server-side encryption support

Amazon S3 now supports server-side encryption. It enables you to request Amazon S3 to encrypt your data at rest, that is, encrypt your object data when Amazon S3 writes your data to disks in its data centers. In addition to REST API updates, the AWS SDK for Java and .NET provide necessary functionality to request server-side encryption. You can also request server-side encryption when uploading objects using AWS Management Console. To learn more about data encryption, go to Using Data Encryption.

October 4, 2011

Documentation Update

In addition to documentation bug fixes, this release includes the following enhancements:

September 22, 2011

Support for sending requests using temporary security credentials

In addition to using your AWS account and IAM user security credentials to send authenticated requests to Amazon S3, you can now send requests using temporary security credentials you obtain from AWS Identity and Access Management (IAM). You can use the AWS Security Token Service API or the AWS SDK wrapper libraries to request these temporary credentials from IAM. You can request these temporary security credentials for your own use or hand them out to federated users and applications. This feature enables you to manage your users outside AWS and provide them with temporary security credentials to access your AWS resources.

For more information, see Making Requests.

For more information about IAM support for temporary security credentials, see Temporary Security Credentials in the IAM User Guide.

August 3, 2011

Multipart Upload API extended to enable copying objects up to 5 TB

Prior to this release, Amazon S3 API supported copying objects of up to 5 GB in size. To enable copying objects larger than 5 GB, Amazon S3 now extends the multipart upload API with a new operation, Upload Part (Copy). You can use this multipart upload operation to copy objects up to 5 TB in size. For more information, see Copying Objects.

For conceptual information about multipart upload API, see Uploading Objects Using Multipart Upload API.

June 21, 2011

SOAP API calls over HTTP disabled

To increase security, SOAP API calls over HTTP are disabled. Authenticated and anonymous SOAP requests must be sent to Amazon S3 using SSL.

June 6, 2011

IAM enables cross-account delegation

Previously, to access an Amazon S3 resource, an IAM user needed permissions from both the parent AWS account and the Amazon S3 resource owner. With cross-account access, the IAM user now only needs permission from the owner account. That is, If a resource owner grants access to an AWS account, the AWS account can now grant its IAM users access to these resources.

For more information, see Creating a Role to Delegate Permissions to an IAM User in the IAM User Guide.

For more information on specifying principals in a bucket policy, see Specifying a Principal in a Policy.

June 6, 2011

New link

This service's endpoint information is now located in the AWS General Reference. For more information, go to Regions and Endpoints in AWS General Reference.

March 1, 2011

Support for hosting static websites in Amazon S3

Amazon S3 introduces enhanced support for hosting static websites. This includes support for index documents and custom error documents. When using these features, requests to the root of your bucket or a subfolder (e.g., http://mywebsite.com/subfolder) returns your index document instead of the list of objects in your bucket. If an error is encountered, Amazon S3 returns your custom error message instead of an Amazon S3 error message. For more information, see Hosting a Static Website on Amazon S3.

February 17, 2011

Response Header API Support

The GET Object REST API now allows you to change the response headers of the REST GET Object request for each request. That is, you can alter object metadata in the response, without altering the object itself. For more information, see Getting Objects.

January 14, 2011

Large object support

Amazon S3 has increased the maximum size of an object you can store in an S3 bucket from 5 GB to 5 TB. If you are using the REST API you can upload objects of up to 5 GB size in a single PUT operation. For larger objects, you must use the Multipart Upload REST API to upload objects in parts. For more information, see Uploading Objects Using Multipart Upload API.

December 9, 2010

Multipart upload

Multipart upload enables faster, more flexible uploads into Amazon S3. It allows you to upload a single object as a set of parts. For more information, see Uploading Objects Using Multipart Upload API.

November 10, 2010

Canonical ID support in bucket policies

You can now specify canonical IDs in bucket policies. For more information, see Access Policy Language Overview

September 17, 2010

Amazon S3 works with IAM

This service now integrates with AWS Identity and Access Management (IAM). For more information, go to AWS Services That Work with IAM in the IAM User Guide.

September 2, 2010

Notifications The Amazon S3 notifications feature enables you to configure a bucket so that Amazon S3 publishes a message to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects a key event on a bucket. For more information, see Setting Up Notification of Bucket Events. July 14, 2010
Bucket policies Bucket policies is an access management system you use to set access permissions across buckets, objects, and sets of objects. This functionality supplements and in many cases replaces access control lists. For more information, see Using Bucket Policies and User Policies. July 6, 2010
Path-style syntax available in all regions Amazon S3 now supports the path-style syntax for any bucket in the US Classic Region, or if the bucket is in the same region as the endpoint of the request. For more information, see Virtual Hosting. June 9, 2010
New endpoint for EU (Ireland) Amazon S3 now provides an endpoint for EU (Ireland): http://s3-eu-west-1.amazonaws.com. June 9, 2010
Console You can now use Amazon S3 through the AWS Management Console. You can read about all of the Amazon S3 functionality in the console in the Amazon Simple Storage Service Console User Guide. June 9, 2010
Reduced Redundancy Amazon S3 now enables you to reduce your storage costs by storing objects in Amazon S3 with reduced redundancy. For more information, see Reduced Redundancy Storage. May 12, 2010
New region supported Amazon S3 now supports the Asia Pacific (Singapore) region. For more information, see Buckets and Regions. April 28, 2010
Object Versioning This release introduces object versioning. All objects now can have a key and a version. If you enable versioning for a bucket, Amazon S3 gives all objects added to a bucket a unique version ID. This feature enables you to recover from unintended overwrites and deletions. For more information, see Versioning and Using Versioning. February 8, 2010
New region supported Amazon S3 now supports the US West (N. California) region. The new endpoint for requests to this Region is s3-us-west-1.amazonaws.com. For more information, see Buckets and Regions. December 2, 2009
AWS SDK for .NET AWS now provides libraries, sample code, tutorials, and other resources for software developers who prefer to build applications using .NET language-specific API operations instead of REST or SOAP. These libraries provide basic functions (not included in the REST or SOAP APIs), such as request authentication, request retries, and error handling so that it's easier to get started. For more information about language-specific libraries and resources, see Using the AWS SDKs, CLI, and Explorers. November 11, 2009