AWS

What is AWS S3?

2026-03-19

aws s3 cloud storage amazon web services

What is AWS S3?

If you've spent any time in the AWS ecosystem, you've seen S3 referenced everywhere. It's one of those services that touches almost everything — from hosting static websites to storing application logs to serving as the backbone of data lakes. So what exactly is it, and why does it matter?

S3 stands for Simple Storage Service. At its core, it's object storage. That means instead of dealing with file systems, directories, and block-level access like you would on a traditional server, you're working with objects stored in buckets. Each object is a file plus its associated metadata, and each bucket is a container that holds those objects.

That's it. Buckets hold objects. Objects are your files. Simple.

Buckets and Objects

A bucket is a top-level container in S3. When you create one, you give it a globally unique name and assign it to a specific AWS region. That region determines where your data physically lives, which matters for latency and compliance.

Inside a bucket, you store objects. An object consists of three things:

  • Key — the name you assign to the object (essentially its path)
  • Value — the data itself (the file content, up to 5 TB per object)
  • Metadata — system and user-defined key-value pairs attached to the object

Even though S3 doesn't have a real folder hierarchy, you can simulate one using prefixes in your keys. A key like images/2026/photo.jpg looks like a folder structure, and the AWS console will render it that way, but under the hood it's just a flat namespace.

What People Actually Use S3 For

S3 is one of those services with a remarkably wide set of use cases. Here are the ones I see most often:

Static website hosting. You can serve an entire website directly from an S3 bucket — HTML, CSS, JavaScript, images, all of it. If you want to dig into that, I wrote about it in detail in S3 Static Website Hosting - Unleash the Power.

Application storage. User uploads, generated reports, media files — S3 is the default landing zone for anything your application needs to persist. Pair it with Lambda functions and you can trigger processing pipelines automatically when new files land in a bucket.

Backups and archival. With multiple storage classes (more on that below), S3 is well suited for both frequently accessed data and long-term archives you rarely touch.

Data lakes. If you're doing any kind of analytics work, S3 is the standard foundation. Tools like Athena, Redshift Spectrum, and EMR all read directly from S3.

Log storage. CloudTrail logs, access logs, application logs — they all end up in S3 more often than not.

Storage Classes and Pricing

One of the things that makes S3 cost-effective is its tiered storage model. Not all data is accessed the same way, so AWS gives you options:

  • S3 Standard — for frequently accessed data. High availability, low latency.
  • S3 Infrequent Access (IA) — lower storage cost, but you pay a retrieval fee. Good for data you need but don't access daily.
  • S3 Glacier / Glacier Deep Archive — for archival. Very low storage cost, but retrieval can take minutes to hours.
  • S3 Intelligent-Tiering — automatically moves objects between tiers based on access patterns. Useful when you're not sure how often data will be accessed.

The pricing model itself is straightforward. You pay for:

  1. Storage — per GB per month, rate depends on storage class
  2. Requests — PUT, GET, LIST, etc. are billed per request
  3. Data transfer — data going out of S3 to the internet incurs a fee; data coming in is free

For most small to mid-size workloads, the cost is negligible. I've run static sites on S3 for pennies a month. The key is choosing the right storage class and being mindful of request volume if you're operating at scale.

Security Basics

S3 buckets are private by default. That's a change from the early days when misconfigured public buckets made the news regularly. Today, AWS makes you explicitly enable public access, and there are multiple layers of guardrails to prevent accidental exposure.

You control access through bucket policies, IAM roles and policies, and access control lists. For most use cases, IAM policies combined with bucket policies give you everything you need.

Where S3 Fits in the Bigger Picture

S3 is foundational. It connects to nearly every other AWS service. If you're just getting started with AWS, understanding S3 alongside EC2 and IAM gives you a solid base to build from.

In upcoming posts, I'll be covering how to set up S3 lifecycle policies to automate cost management, and how to use S3 event notifications to build event-driven architectures with Lambda. Stay tuned.

If you have questions about getting started with S3 or want to share how you're using it, drop a comment below or reach out directly.

-- Nat

// enjoyed this post?

Get the Book More Posts