Skip to main content

What is Amazon S3? Learn the Basics and Pricing

Tags:

When storing documents or images on AWS, S3 is usually the first option to consider. However, using S3 without understanding the basics can lead to security and cost issues later. This article explains the fundamentals of Amazon S3.

What is Amazon S3?

Amazon S3 is a storage service where you can store documents, images, videos, and other data. In S3, stored data is called an object, and the resource that holds objects is called a bucket. While S3 is essentially an object storage service, you need to be mindful of cost optimization and security to prevent unintended public exposure.

What is Amazon S3? - Amazon Simple Storage Service

Store data in the cloud and learn the core concepts of buckets and objects with the Amazon S3 web se...

docs.aws.amazon.com

Pricing

S3 uses a pay-as-you-go model — you only pay for what you use. The cost is primarily determined by how much data you store and which storage class you use. There are also charges for requests and data transfer, but you generally don't need to worry about those until you exceed 1 million requests.

S3 Pricing

aws.amazon.com

Storage Classes

There are several options, but the commonly used storage classes are listed below. The default is S3 Standard, so if you're using S3 for backups or infrequent access, consider switching to a lower-cost storage class.

Understanding and managing Amazon S3 storage classes - Amazon Simple Storage Service

Learn how to choose from a range of high durability storage classes for the objects that you store i...

docs.aws.amazon.com
Use CaseStorage ClassPrice (Tokyo Region)
Frequent accessS3 StandardUSD 0.025/GB
A few times a monthS3 Standard-IAUSD 0.0138/GB
Once a quarterS3 Glacier Instant RetrievalUSD 0.005/GB
Rarely accessedS3 Glacier Deep ArchiveUSD 0.002/GB

Security

S3 security incidents are common, and if your bucket is publicly accessible, confidential data can be leaked. Restrict access permissions so that only the users and services that need access can reach your bucket. If you have no plans to make data publicly available, always enable the Block Public Access setting.

Security best practices for Amazon S3 - Amazon Simple Storage Service

Learn about guidelines and best practices for addressing security issues in Amazon S3.

docs.aws.amazon.com

Blocking public access to your Amazon S3 storage - Amazon Simple Storage Service

Learn how to use block public access with Amazon S3.

docs.aws.amazon.com

Public access is granted to buckets and objects through access control lists (ACLs), access point policies, bucket policies, or a combination of these. To ensure that all public access to your Amazon S3 access points, buckets, and objects is blocked, we recommend that you enable all four settings to block public access for your account.

Using S3 with the AWS CLI

Let's try using S3 via the AWS CLI. The results of running each command are shown below.

Creating a Bucket

Bucket names must be globally unique across all AWS accounts, so use a distinctive name. The bucket will be created in the region specified by your AWS CLI profile.

❯ aws s3 mb s3://exrecord-test-bucket
make_bucket: exrecord-test-bucket

Verify that the bucket was created:

❯ aws s3 ls
2026-04-12 05:07:26 exrecord-test-bucket

Check the public access settings. If all values are true, the bucket is secure and inaccessible from the public:

❯ aws s3api get-public-access-block --bucket exrecord-test-bucket
{
    "PublicAccessBlockConfiguration": {
        "BlockPublicAcls": true,
        "IgnorePublicAcls": true,
        "BlockPublicPolicy": true,
        "RestrictPublicBuckets": true
    }
}

Uploading an Object

Upload a local file to your S3 bucket:

❯ aws s3 cp test.txt s3://exrecord-test-bucket
upload: ./test.txt to s3://exrecord-test-bucket/test.txt

List the objects in the bucket using the same command with the bucket specified:

❯ aws s3 ls s3://exrecord-test-bucket
2026-04-12 05:10:22          0 test.txt

Downloading an Object

Download a file from S3 to your local machine. Note that the argument order is reversed compared to the upload command:

❯ aws s3 cp s3://exrecord-test-bucket/test.txt .
download: s3://exrecord-test-bucket/test.txt to ./test.txt

Summary

This article covered what S3 is and its basic usage. Since S3 is used in nearly every AWS setup, keep the following points in mind:

  • Always verify your Block Public Access settings
  • Grant only the minimum necessary access permissions
  • Choose the appropriate storage class based on access frequency to optimize costs

By following these practices, you can operate S3 securely and cost-effectively.