Skip to main content

AWS S3

"Object storage: files as key-value blobs; highly durable and scalable"

What is S3?

Amazon S3 (Simple Storage Service) is object storage for files (objects). You store and retrieve objects by key (path-like name); no file system hierarchy—just buckets and keys.

Memory hook

"Bucket = container (global name); object = key + body + metadata; versioning = keep history"

Core concepts

  • Bucket — top-level container; name is globally unique; region-specific
  • Object — file: key (name), body (bytes), metadata, optional version ID
  • Key — object identifier (e.g. images/photo.jpg)
  • Versioning — keep multiple versions of same key (delete = new version, not permanent delete)

Storage classes (cost vs access)

ClassUse caseCostAccess
S3 StandardFrequent accessHigherLow latency
S3 IA (Infrequent Access)Less frequentLowerLow latency
S3 GlacierArchiveLowestRetrieval delay (minutes–hours)

Common operations

  • Upload — PUT object (single or multipart for large files)
  • Download — GET object
  • List — list objects by prefix (folder-like)
  • Delete — remove object (or add delete marker if versioning on)
  • Presigned URL — temporary URL for upload/download (no AWS credentials for client)

Typical use cases

  • Static website — host HTML/JS/CSS; optional CloudFront in front
  • Backup / archive — versioning + lifecycle to Glacier
  • App assets — images, documents; often behind CloudFront
  • Data lake — raw data for analytics (Athena, etc.)

Security and access

  • Bucket policy — who can access bucket/objects (IAM, public read, etc.)
  • ACL — legacy object-level permissions
  • Block public access — bucket-level setting to block accidental public access
  • IAM — control who can call S3 API (CreateBucket, GetObject, etc.)

Interview one-liner

"S3 is object storage: buckets hold objects identified by keys. Use storage classes (Standard, IA, Glacier) for cost vs access. Versioning keeps history; presigned URLs allow temporary access; use with CloudFront for static assets."

Cheat sheet

Bucket = container; object = key + body
Key = path-like name (e.g. folder/file.jpg)
Standard / IA / Glacier = cost vs access
Versioning = keep object history
Presigned URL = temp access without credentials
Static site + CloudFront = common pattern