What is Amazon S3? Learn the Basics and Pricing
When storing documents or images on AWS, S3 is usually the first option to consider. However, using S3 without understanding the basics can lead to security and cost issues later. This article explains the fundamentals of Amazon S3.
What is Amazon S3?
Amazon S3 is a storage service where you can store documents, images, videos, and other data. In S3, stored data is called an object, and the resource that holds objects is called a bucket. While S3 is essentially an object storage service, you need to be mindful of cost optimization and security to prevent unintended public exposure.
What is Amazon S3? - Amazon Simple Storage Service
Store data in the cloud and learn the core concepts of buckets and objects with the Amazon S3 web se...
Pricing
S3 uses a pay-as-you-go model — you only pay for what you use. The cost is primarily determined by how much data you store and which storage class you use. There are also charges for requests and data transfer, but you generally don't need to worry about those until you exceed 1 million requests.
S3 Pricing
Storage Classes
There are several options, but the commonly used storage classes are listed below. The default is S3 Standard, so if you're using S3 for backups or infrequent access, consider switching to a lower-cost storage class.
Understanding and managing Amazon S3 storage classes - Amazon Simple Storage Service
Learn how to choose from a range of high durability storage classes for the objects that you store i...
| Use Case | Storage Class | Price (Tokyo Region) |
|---|---|---|
| Frequent access | S3 Standard | USD 0.025/GB |
| A few times a month | S3 Standard-IA | USD 0.0138/GB |
| Once a quarter | S3 Glacier Instant Retrieval | USD 0.005/GB |
| Rarely accessed | S3 Glacier Deep Archive | USD 0.002/GB |
Security
S3 security incidents are common, and if your bucket is publicly accessible, confidential data can be leaked. Restrict access permissions so that only the users and services that need access can reach your bucket. If you have no plans to make data publicly available, always enable the Block Public Access setting.
Security best practices for Amazon S3 - Amazon Simple Storage Service
Learn about guidelines and best practices for addressing security issues in Amazon S3.
Blocking public access to your Amazon S3 storage - Amazon Simple Storage Service
Learn how to use block public access with Amazon S3.
Public access is granted to buckets and objects through access control lists (ACLs), access point policies, bucket policies, or a combination of these. To ensure that all public access to your Amazon S3 access points, buckets, and objects is blocked, we recommend that you enable all four settings to block public access for your account.
Using S3 with the AWS CLI
Let's try using S3 via the AWS CLI. The results of running each command are shown below.
Creating a Bucket
Bucket names must be globally unique across all AWS accounts, so use a distinctive name. The bucket will be created in the region specified by your AWS CLI profile.
❯ aws s3 mb s3://exrecord-test-bucket
make_bucket: exrecord-test-bucket
Verify that the bucket was created:
❯ aws s3 ls
2026-04-12 05:07:26 exrecord-test-bucket
Check the public access settings. If all values are true, the bucket is secure and inaccessible from the public:
❯ aws s3api get-public-access-block --bucket exrecord-test-bucket
{
"PublicAccessBlockConfiguration": {
"BlockPublicAcls": true,
"IgnorePublicAcls": true,
"BlockPublicPolicy": true,
"RestrictPublicBuckets": true
}
}
Uploading an Object
Upload a local file to your S3 bucket:
❯ aws s3 cp test.txt s3://exrecord-test-bucket
upload: ./test.txt to s3://exrecord-test-bucket/test.txt
List the objects in the bucket using the same command with the bucket specified:
❯ aws s3 ls s3://exrecord-test-bucket
2026-04-12 05:10:22 0 test.txt
Downloading an Object
Download a file from S3 to your local machine. Note that the argument order is reversed compared to the upload command:
❯ aws s3 cp s3://exrecord-test-bucket/test.txt .
download: s3://exrecord-test-bucket/test.txt to ./test.txt
Summary
This article covered what S3 is and its basic usage. Since S3 is used in nearly every AWS setup, keep the following points in mind:
- Always verify your Block Public Access settings
- Grant only the minimum necessary access permissions
- Choose the appropriate storage class based on access frequency to optimize costs
By following these practices, you can operate S3 securely and cost-effectively.