Amazon Simple Storage Service
Developer Guide (API Version 2006-03-01)

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Replication

Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can copy objects between different AWS Regions or within the same Region.

To enable object replication, you use a bucket-level configuration. You add the replication configuration to your source bucket. The minimum configuration must provide the following:

  • The destination bucket where you want Amazon S3 to replicate objects

  • An AWS Identity and Access Management (IAM) role that Amazon S3 can assume to replicate objects on your behalf

Additional configuration options are available. For more information, see Additional Replication Configurations.

Types of Object Replication

You can replicate objects between different AWS Regions or within the same AWS Region.

  • Cross-Region replication (CRR) is used to copy objects across Amazon S3 buckets in different AWS Regions.

  • Same-Region replication (SRR) is used to copy objects across Amazon S3 buckets in the same AWS Region.

When to Use Replication

Replication can help you do the following:

  • Replicate objects while retaining metadata—Replicating objects via AWS Lambda functions can be useful. However, they don't retain object metadata such as the original object creation time and version IDs. Replication offers a simpler and more automated way to replicate objects that retains this metadata.

     

  • Replicate objects into different storage classes—You can use replication to directly put objects into Glacier, DEEP ARCHIVE, or another storage class in the destination bucket. You can also replicate your data to the same storage class and use lifecycle policies on the destination bucket to move your objects to a colder storage class as it ages.

     

  • Maintain object copies under different ownership—Regardless of who owns the source object, you can tell Amazon S3 to change replica ownership to the AWS account that owns the destination bucket. This is referred to as the owner override option. You can use this option to restrict access to object replicas.

When to Use CRR

Cross-Region replication can help you do the following:

  • Meet compliance requirements—Although Amazon S3 stores your data across multiple geographically distant Availability Zones by default, compliance requirements might dictate that you store data at even greater distances. Cross-Region replication allows you to replicate data between distant AWS Regions to satisfy these requirements.

     

  • Minimize latency—If your customers are in two geographic locations, you can minimize latency in accessing objects by maintaining object copies in AWS Regions that are geographically closer to your users.

     

  • Increase operational efficiency—If you have compute clusters in two different AWS Regions that analyze the same set of objects, you might choose to maintain object copies in those Regions.

When to Use SRR

Same-Region replication can help you do the following:

  • Aggregate logs into a single bucket—If you
 store logs in multiple buckets or across multiple accounts, you can easily replicate logs
 into a single, in-Region bucket. This allows for simpler processing of logs by a single
 account.

     

  • Configure live replication between developer and test
 accounts—If you or your customers have developer and test accounts 
that use the same data, you can replicate objects between multiple accounts, while maintaining
 object metadata, by implementing SRR rules.

     

  • Abide by data sovereignty laws—Often customers are 
required to store data in separate AWS accounts while being barred from letting 
the data leave a certain Region. Same-Region replication can help you back up
 critical data when compliance regulations don't allow the data to leave your
 country.

Requirements for Replication

Replication requires the following:

  • The source bucket owner must have the source and destination AWS Regions enabled for their account. The destination bucket owner must have the destination Region enabled for their account. For more information about enabling or disabling an AWS Region, see AWS Regions and Endpoints in the AWS General Reference.

  • Both source and destination buckets must have versioning enabled.

  • Amazon S3 must have permissions to replicate objects from the source bucket to the destination bucket on your behalf.

  • If the owner of the source bucket doesn't own the object in the bucket, the object owner must grant the bucket owner READ and READ_ACP permissions with the object access control list (ACL). For more information, see Managing Access with ACLs.

  • If the source bucket has Amazon S3 object lock enabled, the destination bucket must also have object lock enabled. For more information, see Locking Objects Using Amazon S3 Object Lock.

    To enable replication on a bucket that has object lock enabled, contact AWS Support.

For more information, see Overview of Setting Up Replication.

If you are setting the replication configuration in a cross-account scenario, where source and destination buckets are owned by different AWS accounts, the following additional requirement applies: