├── .github
    └── PULL_REQUEST_TEMPLATE.md
├── CONTRIBUTING.md
├── LICENSE
├── LICENSE-SAMPLECODE
├── LICENSE-SUMMARY
├── README.md
└── doc_source
    ├── AboutThisGuide.md
    ├── CopyingAnObject.md
    ├── CreatingABucket.md
    ├── DeletingAnObjectandBucket.md
    ├── GetStartedWithS3.md
    ├── ImplementingS3.md
    ├── OpeningAnObject.md
    ├── PuttingAnObjectInABucket.md
    ├── S3-gsg-AdvancedAmazonS3Features.md
    ├── S3-gsg-CommonUseScenarios.md
    ├── S3-gsg-DevelopmentResources.md
    ├── S3-gsg-ReferenceResources.md
    ├── SigningUpforS3.md
    ├── access-control-best-practices.md
    ├── index.md
    └── s3-gsg-ConsiderationsGoingForward.md


/.github/PULL_REQUEST_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | *Issue #, if available:*
2 | 
3 | *Description of changes:*
4 | 
5 | 
6 | By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
7 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Guidelines for contributing
 2 | 
 3 | Thank you for your interest in contributing to AWS documentation! We greatly value feedback and contributions from our community.
 4 | 
 5 | Please read through this document before you submit any pull requests or issues. It will help us work together more effectively.
 6 | 
 7 | ## What to expect when you contribute
 8 | 
 9 | When you submit a pull request, our team is notified and will respond as quickly as we can. We'll do our best to work with you to ensure that your pull request adheres to our style and standards. If we merge your pull request, we might make additional edits later for style or clarity.
10 | 
11 | The AWS documentation source files on GitHub aren't published directly to the official documentation website. If we merge your pull request, we'll publish your changes to the documentation website as soon as we can, but they won't appear immediately or automatically.
12 | 
13 | We look forward to receiving your pull requests for:
14 | 
15 | * New content you'd like to contribute (such as new code samples or tutorials)
16 | * Inaccuracies in the content
17 | * Information gaps in the content that need more detail to be complete
18 | * Typos or grammatical errors
19 | * Suggested rewrites that improve clarity and reduce confusion
20 | 
21 | **Note:** We all write differently, and you might not like how we've written or organized something currently. We want that feedback. But please be sure that your request for a rewrite is supported by the previous criteria. If it isn't, we might decline to merge it.
22 | 
23 | ## How to contribute
24 | 
25 | To contribute, send us a pull request. For small changes, such as fixing a typo or adding a link, you can use the [GitHub Edit Button](https://blog.github.com/2011-04-26-forking-with-the-edit-button/). For larger changes:
26 | 
27 | 1. [Fork the repository](https://help.github.com/articles/fork-a-repo/).
28 | 2. In your fork, make your change in a branch that's based on this repo's **master** branch.
29 | 3. Commit the change to your fork, using a clear and descriptive commit message.
30 | 4. [Create a pull request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/), answering any questions in the pull request form.
31 | 
32 | Before you send us a pull request, please be sure that:
33 | 
34 | 1. You're working from the latest source on the **master** branch.
35 | 2. You check [existing open](https://github.com/awsdocs/amazon-s3-getting-started-guide/pulls), and [recently closed](https://github.com/awsdocs/amazon-s3-getting-started-guide/pulls?q=is%3Apr+is%3Aclosed), pull requests to be sure that someone else hasn't already addressed the problem.
36 | 3. You [create an issue](https://github.com/awsdocs/amazon-s3-getting-started-guide/issues/new) before working on a contribution that will take a significant amount of your time.
37 | 
38 | For contributions that will take a significant amount of time, [open a new issue](https://github.com/awsdocs/amazon-s3-getting-started-guide/issues/new) to pitch your idea before you get started. Explain the problem and describe the content you want to see added to the documentation. Let us know if you'll write it yourself or if you'd like us to help. We'll discuss your proposal with you and let you know whether we're likely to accept it. We don't want you to spend a lot of time on a contribution that might be outside the scope of the documentation or that's already in the works.
39 | 
40 | ## Finding contributions to work on
41 | 
42 | If you'd like to contribute, but don't have a project in mind, look at the [open issues](https://github.com/awsdocs/amazon-s3-getting-started-guide/issues) in this repository for some ideas. Any issues with the [help wanted](https://github.com/awsdocs/amazon-s3-getting-started-guide/labels/help%20wanted) or [enhancement](https://github.com/awsdocs/amazon-s3-getting-started-guide/labels/enhancement) labels are a great place to start.
43 | 
44 | In addition to written content, we really appreciate new examples and code samples for our documentation, such as examples for different platforms or environments, and code samples in additional languages.
45 | 
46 | ## Code of conduct
47 | 
48 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). For more information, see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments.
49 | 
50 | ## Security issue notifications
51 | 
52 | If you discover a potential security issue, please notify AWS Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public issue on GitHub.
53 | 
54 | ## Licensing
55 | 
56 | See the [LICENSE](https://github.com/awsdocs/amazon-s3-getting-started-guide/blob/master/LICENSE) file for this project's licensing. We will ask you to confirm the licensing of your contribution. We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes.
57 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | Creative Commons Attribution-ShareAlike 4.0 International Public License
  2 | 
  3 | By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions.
  4 | 
  5 | Section 1 – Definitions.
  6 | 	
  7 |      a.	Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image.
  8 | 	
  9 |      b.	Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License.
 10 | 	
 11 |      c.	BY-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License.
 12 | 	
 13 |      d.	Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights.
 14 | 	
 15 |      e.	Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements.
 16 | 	
 17 |      f.	Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material.
 18 | 	
 19 |      g.	License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution and ShareAlike.
 20 | 	
 21 |      h.	Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License.
 22 | 	
 23 |      i.	Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license.
 24 | 	
 25 |      j.	Licensor means the individual(s) or entity(ies) granting rights under this Public License.
 26 | 	
 27 |      k.	Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them.
 28 | 	
 29 |      l.	Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world.
 30 | 	
 31 |      m.	You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning.
 32 | 
 33 | Section 2 – Scope.
 34 | 	
 35 |      a.	License grant.
 36 | 	
 37 |           1. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to:
 38 | 
 39 |                A. reproduce and Share the Licensed Material, in whole or in part; and	
 40 | 
 41 |                B. produce, reproduce, and Share Adapted Material.
 42 | 	
 43 |           2. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions.
 44 | 	
 45 |           3. Term. The term of this Public License is specified in Section 6(a).
 46 | 	
 47 |           4. Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material.
 48 | 	
 49 |           5. Downstream recipients.
 50 | 
 51 |                A. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License.
 52 | 	
 53 |                B. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply.
 54 | 	
 55 |                C. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material.
 56 | 	
 57 |           6. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i).
 58 | 	
 59 |      b.	Other rights.
 60 | 	
 61 |           1. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise.
 62 | 	
 63 |           2. Patent and trademark rights are not licensed under this Public License.
 64 | 	
 65 |           3. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties.
 66 | 
 67 | Section 3 – License Conditions.
 68 | 
 69 | Your exercise of the Licensed Rights is expressly made subject to the following conditions.
 70 | 	
 71 |      a.	Attribution.
 72 | 	
 73 |           1. If You Share the Licensed Material (including in modified form), You must:
 74 | 
 75 |                A. retain the following if it is supplied by the Licensor with the Licensed Material:
 76 | 
 77 |                     i.	identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated);
 78 | 
 79 |                     ii.	a copyright notice;
 80 | 
 81 |                     iii. a notice that refers to this Public License;
 82 | 
 83 |                     iv.	a notice that refers to the disclaimer of warranties;
 84 | 
 85 |                     v.	a URI or hyperlink to the Licensed Material to the extent reasonably practicable;
 86 | 
 87 |                B. indicate if You modified the Licensed Material and retain an indication of any previous modifications; and
 88 | 
 89 |                C. indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License.
 90 | 	
 91 |           2. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information.
 92 | 	
 93 |           3. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable.
 94 | 	
 95 |      b.	ShareAlike.In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply.
 96 | 	
 97 |           1. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-SA Compatible License.
 98 | 	
 99 |           2. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material.
100 | 	
101 |           3. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply.
102 | 
103 | Section 4 – Sui Generis Database Rights.
104 | 
105 | Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material:
106 | 	
107 |      a.	for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database;
108 | 	
109 |      b.	if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and
110 | 	
111 |      c.	You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database.
112 | For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights.
113 | 
114 | Section 5 – Disclaimer of Warranties and Limitation of Liability.
115 | 	
116 |      a.	Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You.
117 | 	
118 |      b.	To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You.
119 | 	
120 |      c.	The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability.
121 | 
122 | Section 6 – Term and Termination.
123 | 	
124 |      a.	This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically.
125 | 	
126 |      b.	Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates:
127 | 	
128 |           1. automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or
129 | 	
130 |           2. upon express reinstatement by the Licensor.
131 | 	
132 |      c.	For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License.
133 | 	
134 |      d.	For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License.
135 | 	
136 |      e.	Sections 1, 5, 6, 7, and 8 survive termination of this Public License.
137 | 
138 | Section 7 – Other Terms and Conditions.
139 | 	
140 |      a.	The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed.
141 | 	
142 |      b.	Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License.
143 | 
144 | Section 8 – Interpretation.
145 | 	
146 |      a.	For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License.
147 | 	
148 |      b.	To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions.
149 | 	
150 |      c.	No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor.
151 | 	
152 |      d.	Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority.
153 | 


--------------------------------------------------------------------------------
/LICENSE-SAMPLECODE:
--------------------------------------------------------------------------------
 1 | Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 2 | 
 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this
 4 | software and associated documentation files (the "Software"), to deal in the Software
 5 | without restriction, including without limitation the rights to use, copy, modify,
 6 | merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
 7 | permit persons to whom the Software is furnished to do so.
 8 | 
 9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
10 | INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
11 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
12 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
13 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
14 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
15 | 


--------------------------------------------------------------------------------
/LICENSE-SUMMARY:
--------------------------------------------------------------------------------
1 | Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. 
2 | 
3 | The documentation is made available under the Creative Commons Attribution-ShareAlike 4.0 International License. See the LICENSE file.
4 | 
5 | The sample code within this documentation is made available under a modified MIT license. See the LICENSE-SAMPLECODE file.
6 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ## This guide has been archived
 2 | This guide has been archived. Please see https://github.com/awsdocs/amazon-s3-userguide which combines information from the three retired Amazon S3 guides: Amazon S3 Developer Guide, Console User Guide, and Getting Started Guide. 
 3 | 
 4 | ## Amazon S3 Getting Started Guide
 5 | 
 6 | The open source version of the Amazon S3 docs. You can submit feedback & requests for changes by submitting issues in this repo or by making proposed changes & submitting a pull request.
 7 | 
 8 | ## License Summary
 9 | 
10 | The documentation is made available under the Creative Commons Attribution-ShareAlike 4.0 International License. See the LICENSE file.
11 | 
12 | The sample code within this documentation is made available under a modified MIT license. See the LICENSE-SAMPLECODE file.
13 | 


--------------------------------------------------------------------------------
/doc_source/AboutThisGuide.md:
--------------------------------------------------------------------------------
1 | # About this guide<a name="AboutThisGuide"></a>
2 | 
3 | This is the *Amazon Simple Storage Service Getting Started Guide*\.
4 | 
5 | Amazon Simple Storage Service is frequently referred to within this guide as "Amazon S3\." All copyrights and legal protections still apply\.


--------------------------------------------------------------------------------
/doc_source/CopyingAnObject.md:
--------------------------------------------------------------------------------
 1 | # Copying an object to a folder<a name="CopyingAnObject"></a>
 2 | 
 3 | You've already added an object to a bucket and downloaded the object\. In this tutorial, you create a folder and copy your object to it\.
 4 | 
 5 | **To copy an object to a folder**
 6 | 
 7 | 1. In the **Buckets** list, choose your bucket name\.
 8 | 
 9 | 1. Choose **Create folder** and configure a new folder: 
10 | 
11 |    1. Enter a folder name \(for example, `favorite-pics`\)\.
12 | 
13 |    1. For the folder encryption setting, choose **None**\.
14 | 
15 |    1. Choose **Save**\.
16 | 
17 | 1. Navigate to the Amazon S3 bucket or folder that contains the objects that you want to copy\.
18 | 
19 | 1. Select the check box to the left of the names of the objects that you want to copy\.
20 | 
21 | 1. Choose **Actions** and choose **Copy** from the list of options that appears\.
22 | 
23 |    Alternatively, choose **Copy** from the options in the upper right\. 
24 | 
25 | 1. Choose the destination folder:
26 | 
27 |    1. Choose **Browse S3**\.
28 | 
29 |    1. Choose the option button to the left of the folder name\.
30 | 
31 |       To navigate into a folder and choose a subfolder as your destination, choose the folder name\.
32 | 
33 |    1. Choose **Choose destination**\.
34 | 
35 |    The path to your destination folder appears in the **Destination** box\. In **Destination**, you can alternately enter your destination path, for example, s3://*bucket\-name*/*folder\-name*/\.
36 | 
37 | 1. In the bottom right, choose **Copy**\.
38 | 
39 |    Amazon S3 moves your objects to the destination folder\.
40 | 
41 | To delete an object and a bucket in Amazon S3, see [Deleting objects and buckets](DeletingAnObjectandBucket.md)\.


--------------------------------------------------------------------------------
/doc_source/CreatingABucket.md:
--------------------------------------------------------------------------------
 1 | # Creating a bucket<a name="CreatingABucket"></a>
 2 | 
 3 | Now that you've signed up for AWS you're ready to create a bucket using the AWS Management Console\. Every object in Amazon S3 is stored in a bucket\. Before you can store data in Amazon S3, you must create a bucket\. 
 4 | 
 5 | **Note**  
 6 | You are not charged for creating a bucket\. You are charged only for storing objects in the bucket and for transferring objects in and out of the bucket\. The charges that you incur through following the examples in this guide are minimal \(less than $1\)\. For more information about storage charges, see [Amazon S3 pricing](http://aws.amazon.com/s3/pricing/)\.
 7 | 
 8 | To create a bucket using the AWS Command Line Interface, see [create\-bucket](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/create-bucket.html) in the *AWS CLI Command Reference*\. 
 9 | 
10 | **To create a bucket**
11 | 
12 | 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console\.aws\.amazon\.com/s3/](https://console.aws.amazon.com/s3/)\.
13 | 
14 | 1. Choose **Create bucket**\.
15 | 
16 |    The **Create bucket** page opens\.
17 | 
18 | 1. In **Bucket name**, enter a DNS\-compliant name for your bucket\.
19 | 
20 |    The bucket name must:
21 |    + Be unique across all of Amazon S3\.
22 |    + Be between 3 and 63 characters long\.
23 |    + Not contain uppercase characters\.
24 |    + Start with a lowercase letter or number\.
25 | 
26 |    After you create the bucket, you can't change its name\. For information about naming buckets, see [Rules for Bucket Naming](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon Simple Storage Service Developer Guide*\.
27 | **Important**  
28 | Avoid including sensitive information, such as account numbers, in the bucket name\. The bucket name is visible in the URLs that point to the objects in the bucket\.
29 | 
30 | 1. In **Region**, choose the AWS Region where you want the bucket to reside\. 
31 | 
32 |    Choose a Region close to you to minimize latency and costs and address regulatory requirements\. Objects stored in a Region never leave that Region unless you explicitly transfer them to another Region\. For a list of Amazon S3 AWS Regions, see [AWS Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the *Amazon Web Services General Reference*\.
33 | 
34 | 1. In **Bucket settings for Block Public Access**, keep the values set to the defaults\. 
35 | 
36 |    By default Amazon S3 blocks all public access to your buckets\. We recommend that you leave all Block Public Access settings enabled\. For more information about blocking public access, see [Using Amazon S3 Block Public Access](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) in the *Amazon Simple Storage Service Developer Guide*\.
37 | 
38 | 1. Choose **Create bucket**\.
39 | 
40 | You've created a bucket in Amazon S3\. 
41 | 
42 | To add an object to your bucket, see [Uploading an object to a bucket](PuttingAnObjectInABucket.md)\.


--------------------------------------------------------------------------------
/doc_source/DeletingAnObjectandBucket.md:
--------------------------------------------------------------------------------
 1 | # Deleting objects and buckets<a name="DeletingAnObjectandBucket"></a>
 2 | 
 3 | When you no longer need an object or a bucket, we recommend that you delete them to prevent further charges\. If you completed this getting started walkthrough as a learning exercise and do not plan to use your bucket or objects, we recommend that you delete your bucket so that charges no longer accrue\. Before you delete your bucket, you must empty the bucket or delete the objects in the bucket\. After you delete your objects and bucket, they are no longer available\.
 4 | 
 5 | If you want to continue to use the same bucket name, we recommend that you delete the objects or empty the bucket but do not delete the bucket\. After you delete a bucket, the name becomes available to reuse\. However, another account might create a bucket with the same name before you have a chance to reuse it\. 
 6 | 
 7 | **Topics**
 8 | + [Emptying your bucket](#clean-up-empty-bucket)
 9 | + [Deleting an object](#clean-up-delete-objects)
10 | + [Deleting your bucket](#clean-up-delete-bucket)
11 | 
12 | ## Emptying your bucket<a name="clean-up-empty-bucket"></a>
13 | 
14 | If you plan to delete your bucket, you must first empty your bucket, which deletes all the objects in the bucket\. 
15 | 
16 | **To empty a bucket**
17 | 
18 | 
19 | 
20 | 1. In the **Buckets** list, select the bucket that you want to empty, and then choose **Empty**\.
21 | 
22 | 1. To confirm that you want to empty the bucket and delete all the objects in it, in **Empty bucket**, enter the name of the bucket\.
23 | **Important**  
24 | Emptying the bucket cannot be undone\. Objects added to the bucket while the empty bucket action is in progress will be deleted\.
25 | 
26 | 1. To empty the bucket and delete all the objects in it, and choose **Empty**\.
27 | 
28 |    An **Empty bucket: Status** page opens that you can use to review a summary of failed and successful object deletions\.
29 | 
30 | 1. To return to your bucket list, choose **Exit**\.
31 | 
32 | ## Deleting an object<a name="clean-up-delete-objects"></a>
33 | 
34 | If you want to choose which objects you delete without emptying all the objects from your bucket, you can delete an object\. 
35 | 
36 | 1. In the **Buckets** list, choose the name of the bucket that you want to delete an object from\.
37 | 
38 | 1. Select the check box to the left of the names of the objects that you want to delete\.
39 | 
40 | 1. Choose **Actions** and choose **Delete** from the list of options that appears\.
41 | 
42 |    Alternatively, choose **Delete** from the options in the upper right\. 
43 | 
44 | 1. Enter **delete** if asked to confirm that you want to delete these objects\.
45 | 
46 | 1. Choose **Delete objects** in the bottom right and Amazon S3 deletes the specified objects\.
47 | 
48 | ## Deleting your bucket<a name="clean-up-delete-bucket"></a>
49 | 
50 | After you empty your bucket or delete all the objects from your bucket, you can delete your bucket\.
51 | 
52 | 1. To delete a bucket, in the **Buckets** list, select the bucket\.
53 | 
54 | 1. Choose **Delete**\.
55 | 
56 | 1. To confirm deletion, in **Delete bucket**, enter the name of the bucket\.
57 | **Important**  
58 | Deleting a bucket cannot be undone\. Bucket names are unique\. If you delete your bucket, another AWS user can use the name\. If you want to continue to use the same bucket name, don't delete your bucket\. Instead, empty and keep the bucket\. 
59 | 
60 | 1. To delete your bucket, choose **Delete bucket**\.
61 | 
62 | For more information about using Amazon S3, see [Where do I go from here?](ImplementingS3.md)


--------------------------------------------------------------------------------
/doc_source/GetStartedWithS3.md:
--------------------------------------------------------------------------------
 1 | # Getting started with Amazon Simple Storage Service<a name="GetStartedWithS3"></a>
 2 | 
 3 | Amazon Simple Storage Service \(Amazon S3\) is storage for the internet\. You can use Amazon S3 to store and retrieve any amount of data at any time, from anywhere on the web\. You can accomplish these tasks using the AWS Management Console, which is a simple and intuitive web interface\. 
 4 | 
 5 | Amazon S3 stores data as objects within buckets\. An object is a file and any optional metadata that describes the file\. To store a file in Amazon S3, you upload it to a bucket\. When you upload a file as an object, you can set permissions on the object and any metadata\. 
 6 | 
 7 | Buckets are containers for objects\. You can have one or more buckets\. You can control access for each bucket, deciding who can create, delete, and list objects in it\. You can also choose the geographical Region where Amazon S3 will store the bucket and its contents and view access logs for the bucket and its objects\.
 8 | 
 9 | This guide introduces you to Amazon S3 and explains how to use the AWS Management Console to complete the following tasks:
10 | + [Setting up Amazon S3](SigningUpforS3.md)
11 | + [Creating a bucket](CreatingABucket.md)
12 | + [Uploading an object to a bucket](PuttingAnObjectInABucket.md)
13 | + [Downloading an object](OpeningAnObject.md)
14 | + [Copying an object to a folder](CopyingAnObject.md)
15 | + [Deleting objects and buckets](DeletingAnObjectandBucket.md)
16 | 
17 | For information about Amazon S3 features, pricing, and frequently asked questions, see the [Amazon S3 product page](https://aws.amazon.com/s3/)\.


--------------------------------------------------------------------------------
/doc_source/ImplementingS3.md:
--------------------------------------------------------------------------------
 1 | # Where do I go from here?<a name="ImplementingS3"></a>
 2 | 
 3 | In the preceding examples, you learned how to perform some basic Amazon S3 tasks\. For more in\-depth information, see one of the following Amazon S3 guides:
 4 | + The [Amazon Simple Storage Service Console User Guide](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/) to learn more about using the Amazon S3 console\.
 5 | + The [Amazon Simple Storage Service Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/) to find detailed information about Amazon S3 features and code examples to support those features\.
 6 | + The [Amazon Simple Storage Service API Reference](https://docs.aws.amazon.com/AmazonS3/latest/API/) to find details about the Amazon S3 REST API\.
 7 | 
 8 | The following topics explain various ways in which you can gain a deeper understanding of Amazon S3 so that you can implement it in your applications\.
 9 | 
10 | **Topics**
11 | + [Common use scenarios](S3-gsg-CommonUseScenarios.md)
12 | + [Considerations going forward](s3-gsg-ConsiderationsGoingForward.md)
13 | + [Advanced Amazon S3 features](S3-gsg-AdvancedAmazonS3Features.md)
14 | + [Access control best practices](access-control-best-practices.md)
15 | + [Development resources](S3-gsg-DevelopmentResources.md)
16 | + [Reference resources](S3-gsg-ReferenceResources.md)


--------------------------------------------------------------------------------
/doc_source/OpeningAnObject.md:
--------------------------------------------------------------------------------
 1 | # Downloading an object<a name="OpeningAnObject"></a>
 2 | 
 3 | Now that you've uploaded an object to a bucket, you can view information about your object and download the object to your local computer\.
 4 | 
 5 | **To download an object from a bucket**
 6 | 
 7 | 1. In the **Buckets** list, choose the name of the bucket that you created\.
 8 | 
 9 | 1. In the **Objects** list, choose the name of the object that you uploaded\.
10 | 
11 |    The object overview opens\.
12 | 
13 | 1. On the **Details** tab, review information about your object\.
14 | 
15 | 1. To download the object to your computer, choose **Object actions** and choose **Download**\.
16 | 
17 | You've successfully downloaded your object\.
18 | 
19 | To copy and paste your object within Amazon S3, see [Copying an object to a folder](CopyingAnObject.md)\.


--------------------------------------------------------------------------------
/doc_source/PuttingAnObjectInABucket.md:
--------------------------------------------------------------------------------
 1 | # Uploading an object to a bucket<a name="PuttingAnObjectInABucket"></a>
 2 | 
 3 | Now that you've created a bucket, you're ready to upload an object to it\. An object can be any kind of file: a text file, a photo, a video, and so on\. 
 4 | 
 5 | 
 6 | 
 7 | **To upload an object to a bucket**
 8 | 
 9 | 1. In the **Buckets** list, choose the name of the bucket that you want to upload your object to\.
10 | 
11 | 1. On the **Objects** tab for your bucket, choose **Upload**\.
12 | 
13 | 1. Under **Files and folders**, choose **Add files**\.
14 | 
15 | 1. Choose a file to upload, and then choose **Open\.** 
16 | 
17 | 1. Choose **Upload**\. 
18 | 
19 | You've successfully uploaded an object to your bucket\. 
20 | 
21 | To view your object, see [Downloading an object](OpeningAnObject.md)\.


--------------------------------------------------------------------------------
/doc_source/S3-gsg-AdvancedAmazonS3Features.md:
--------------------------------------------------------------------------------
 1 | # Advanced Amazon S3 features<a name="S3-gsg-AdvancedAmazonS3Features"></a>
 2 | 
 3 | The examples in this guide show how to accomplish the basic tasks of creating a bucket, uploading and downloading data to and from it, and moving and deleting the data\. The following table summarizes some of the most common advanced functionality offered by Amazon S3\. Note that some advanced functionality is not available in the AWS Management Console and requires that you use the Amazon S3 API\. All advanced functionality and how to use it is described in the [Amazon Simple Storage Service Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/)\.
 4 | 
 5 | 
 6 | | Link | Functionality | 
 7 | | --- | --- | 
 8 | | [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) | Learn how to configure a bucket so that a customer pays for the downloads they make\.  | 
 9 | | [Using BitTorrent With Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3TorrentPublish.html)  | Use BitTorrent, which is an open, peer\-to\-peer protocol for distributing files\.  | 
10 | | [Versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html) | Learn about Amazon S3 versioning capabilities\. | 
11 | | [Hosting Static Websites](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) | Learn how to host a static website on Amazon S3\. | 
12 | | [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) | Learn how to manage the lifecycle of objects in your bucket\. Lifecycle management includes expiring objects and archiving objects \(transitioning objects to the S3 S3 Glacier storage class\)\. | 


--------------------------------------------------------------------------------
/doc_source/S3-gsg-CommonUseScenarios.md:
--------------------------------------------------------------------------------
1 | # Common use scenarios<a name="S3-gsg-CommonUseScenarios"></a>
2 | 
3 | The AWS Solutions site lists many of the ways you can use Amazon S3\. The following list summarizes some of those ways\.
4 | + **Backup and storage** – Provide data backup and storage services for others\.
5 | + **Application hosting** – Provide services that deploy, install, and manage web applications\.
6 | + **Media hosting** – Build a redundant, scalable, and highly available infrastructure that hosts video, photo, or music uploads and downloads\.
7 | + **Software delivery** – Host your software applications that customers can download\.
8 | 
9 | For more information, see [AWS Solutions](https://aws.amazon.com/solutions/)\. 


--------------------------------------------------------------------------------
/doc_source/S3-gsg-DevelopmentResources.md:
--------------------------------------------------------------------------------
 1 | # Development resources<a name="S3-gsg-DevelopmentResources"></a>
 2 | 
 3 | To help you build applications using the language of your choice, we provide the following resources:
 4 | + **Sample Code and Libraries** – The AWS Developer Center has sample code and libraries written especially for Amazon S3\.
 5 | 
 6 |   You can use these code samples as a means of understanding how to implement the Amazon S3 API\. For more information, see the [AWS Developer Center](https://aws.amazon.com/code/Amazon-S3)\. 
 7 | + **Tutorials** – Our Resource Center offers more Amazon S3 tutorials\.
 8 | 
 9 |   These tutorials provide a hands\-on approach for learning Amazon S3 functionality\. For more information, see [Articles & Tutorials](https://aws.amazon.com/articles/Amazon-S3)\.
10 | + **Customer Forum** – We recommend that you review the Amazon S3 forum to get an idea of what other users are doing and to benefit from the questions they ask\.
11 | 
12 |   The forum can help you understand what you can and can't do with Amazon S3\. The forum also serves as a place for you to ask questions that other users or AWS representatives might answer\. You can use the forum to report issues with the service or the API\. For more information, see [Discussion Forums](https://forums.aws.amazon.com/)\.


--------------------------------------------------------------------------------
/doc_source/S3-gsg-ReferenceResources.md:
--------------------------------------------------------------------------------
 1 | # Reference resources<a name="S3-gsg-ReferenceResources"></a>
 2 | 
 3 | The following list shows additional resources that you can use to further your understanding of Amazon S3\.
 4 | + The [Amazon Simple Storage Service Console User Guide](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/) describes all of the AWS Management Console functions related to Amazon S3\.
 5 | + The [Amazon Simple Storage Service Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/) provides a detailed discussion of the service\. 
 6 | 
 7 |   It includes an architectural overview, detailed concept descriptions, and procedures for using the API\. 
 8 | + The [Amazon Simple Storage Service API Reference](https://docs.aws.amazon.com/AmazonS3/latest/API/) provides a detailed discussion of the actions and parameters in Amazon S3\.
 9 | + The Service Health Dashboard shows you the status of the Amazon S3 web service\.
10 | 
11 |   The dashboard shows you whether Amazon S3 \(and all other AWS products\) are functioning properly\. For more information, see the [Service Health Dashboard](http://status.aws.amazon.com/)\.


--------------------------------------------------------------------------------
/doc_source/SigningUpforS3.md:
--------------------------------------------------------------------------------
 1 | # Setting up Amazon S3<a name="SigningUpforS3"></a>
 2 | 
 3 | When you sign up for AWS, your AWS account is automatically signed up for all services in AWS, including Amazon S3\. You are charged only for the services that you use\.
 4 | 
 5 | With Amazon S3, you pay only for what you use\. For more information about Amazon S3 features and pricing, see [Amazon S3](http://aws.amazon.com/s3)\. If you are a new Amazon S3 customer, you can get started with Amazon S3 for free\. For more information, see [AWS Free Tier](http://aws.amazon.com/free)\.
 6 | 
 7 | To get started with Amazon S3, follow these steps:
 8 | 
 9 | **Topics**
10 | + [Sign up for AWS](#sign-up-for-aws-gsg)
11 | + [Create an IAM user](#create-an-iam-user-gsg)
12 | + [Sign in as an IAM user](#signing-in-iam-user-gsg)
13 | 
14 | ## Sign up for AWS<a name="sign-up-for-aws-gsg"></a>
15 | 
16 | If you do not have an AWS account, complete the following steps to create one\.
17 | 
18 | **To sign up for an AWS account**
19 | 
20 | 1. Open [https://portal\.aws\.amazon\.com/billing/signup](https://portal.aws.amazon.com/billing/signup)\.
21 | 
22 | 1. Follow the online instructions\.
23 | 
24 |    Part of the sign\-up procedure involves receiving a phone call and entering a verification code on the phone keypad\.
25 | 
26 | AWS sends you a confirmation email after the sign\-up process is complete\. At any time, you can view your current account activity and manage your account by going to [https://aws\.amazon\.com/](https://aws.amazon.com/) and choosing **My Account**\.
27 | 
28 | ## Create an IAM user<a name="create-an-iam-user-gsg"></a>
29 | 
30 | When you first create an Amazon Web Services \(AWS\) account, you begin with a single sign\-in identity\. That identity has complete access to all AWS services and resources in the account\. This identity is called the AWS account *root user*\. When you sign in, enter the email address and password that you used to create the account\.
31 | 
32 | **Important**  
33 | We strongly recommend that you do not use the root user for your everyday tasks, even the administrative ones\. Instead, adhere to the [best practice of using the root user only to create your first IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users)\. Then securely lock away the root user credentials and use them to perform only a few account and service management tasks\. To view the tasks that require you to sign in as the root user, see [AWS Tasks That Require Root User](https://docs.aws.amazon.com/general/latest/gr/aws_tasks-that-require-root.html)\.
34 | 
35 | If you signed up for AWS but have not created an IAM user for yourself, follow these steps\.
36 | 
37 | **To create an administrator user for yourself and add the user to an administrators group \(console\)**
38 | 
39 | 1. Sign in to the [IAM console](https://console.aws.amazon.com/iam/) as the account owner by choosing **Root user** and entering your AWS account email address\. On the next page, enter your password\.
40 | **Note**  
41 | We strongly recommend that you adhere to the best practice of using the **Administrator** IAM user below and securely lock away the root user credentials\. Sign in as the root user only to perform a few [account and service management tasks](https://docs.aws.amazon.com/general/latest/gr/aws_tasks-that-require-root.html)\.
42 | 
43 | 1. In the navigation pane, choose **Users** and then choose **Add user**\.
44 | 
45 | 1. For **User name**, enter **Administrator**\.
46 | 
47 | 1. Select the check box next to **AWS Management Console access**\. Then select **Custom password**, and then enter your new password in the text box\.
48 | 
49 | 1. \(Optional\) By default, AWS requires the new user to create a new password when first signing in\. You can clear the check box next to **User must create a new password at next sign\-in** to allow the new user to reset their password after they sign in\.
50 | 
51 | 1. Choose **Next: Permissions**\.
52 | 
53 | 1. Under **Set permissions**, choose **Add user to group**\.
54 | 
55 | 1. Choose **Create group**\.
56 | 
57 | 1. In the **Create group** dialog box, for **Group name** enter **Administrators**\.
58 | 
59 | 1. Choose **Filter policies**, and then select **AWS managed \-job function** to filter the table contents\.
60 | 
61 | 1. In the policy list, select the check box for **AdministratorAccess**\. Then choose **Create group**\.
62 | **Note**  
63 | You must activate IAM user and role access to Billing before you can use the `AdministratorAccess` permissions to access the AWS Billing and Cost Management console\. To do this, follow the instructions in [step 1 of the tutorial about delegating access to the billing console](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_billing.html)\.
64 | 
65 | 1. Back in the list of groups, select the check box for your new group\. Choose **Refresh** if necessary to see the group in the list\.
66 | 
67 | 1. Choose **Next: Tags**\.
68 | 
69 | 1. \(Optional\) Add metadata to the user by attaching tags as key\-value pairs\. For more information about using tags in IAM, see [Tagging IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*\.
70 | 
71 | 1. Choose **Next: Review** to see the list of group memberships to be added to the new user\. When you are ready to proceed, choose **Create user**\.
72 | 
73 | You can use this same process to create more groups and users and to give your users access to your AWS account resources\. To learn about using policies that restrict user permissions to specific AWS resources, see [Access management](https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) and [Example policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html)\.
74 | 
75 | ## Sign in as an IAM user<a name="signing-in-iam-user-gsg"></a>
76 | 
77 | After you create an IAM user, you can sign in to AWS with your IAM user name and password\.
78 | 
79 | Before you sign in as an IAM user, you can verify the sign\-in link for IAM users in the IAM console\. On the IAM Dashboard, under **IAM users sign\-in link**, you can see the sign\-in link for your AWS account\. The URL for your sign\-in link contains your AWS account ID without dashes \(‐\)\. 
80 | 
81 | If you don't want the URL for your sign\-in link to contain your AWS account ID, you can create an account alias\. For more information, see [Creating, Deleting, and Listing an AWS Account Alias](https://docs.aws.amazon.com/IAM/latest/UserGuide/console_account-alias.html#CreateAccountAlias) in the *IAM User Guide*\.
82 | 
83 | **To sign in as an AWS user**
84 | 
85 | 1. Sign out of the AWS Management Console\.
86 | 
87 | 1. Enter your sign\-in link\.
88 | 
89 |    Your sign\-in link includes your AWS account ID \(without dashes\) or your AWS account alias:
90 | 
91 |    ```
92 |    https://aws_account_id_or_alias.signin.aws.amazon.com/console
93 |    ```
94 | 
95 | 1. Enter the IAM user name and password that you just created\. 
96 | 
97 |    When you're signed in, the navigation bar displays "*your\_user\_name* @ *your\_aws\_account\_id*"\. 


--------------------------------------------------------------------------------
/doc_source/access-control-best-practices.md:
--------------------------------------------------------------------------------
  1 | # Access control best practices<a name="access-control-best-practices"></a>
  2 | 
  3 | Amazon S3 provides a variety of security features and tools\. The following scenarios should serve as a guide to what tools and settings you might want to use when performing certain tasks or operating in specific environments\. Proper application of these tools can help maintain the integrity of your data and help ensure that your resources are accessible to the intended users\. 
  4 | 
  5 | **Topics**
  6 | + [Creating a new bucket](#access-control-best-practices-new-bucket)
  7 | + [Storing and sharing data](#access-control-best-practices-store-share)
  8 | + [Sharing resources](#access-control-best-practices-groups)
  9 | + [Protecting data](#access-control-best-practices-groups)
 10 | 
 11 | ## Creating a new bucket<a name="access-control-best-practices-new-bucket"></a>
 12 | 
 13 | When creating a new bucket, you should apply the following tools and settings to help ensure that your Amazon S3 resources are protected\.  
 14 | 
 15 | **Block Public Access**  
 16 | S3 Block Public Access provides four settings to help you avoid inadvertently exposing your S3 resources\. You can apply these settings in any combination to individual access points, buckets, or entire AWS accounts\. If you apply a setting to an account, it applies to all buckets and access points that are owned by that account\. By default, the **Block all public access** setting is applied to new buckets created in the Amazon S3 console\. 
 17 | 
 18 | For more information, see [ The meaning of "public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon Simple Storage Service Developer Guide*\.
 19 | 
 20 | If the S3 Block Public Access settings are too restrictive, you can use AWS Identity and Access Management \(IAM\) identities to grant access to specific users rather than disabling all Block Public Access settings\. Using Block Public Access with IAM identities helps ensure that any operation that is blocked by a Block Public Access setting is rejected unless the requesting user has been given specific permission\. 
 21 | 
 22 | For more information, see [ Block public access settings](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-options) in the *Amazon Simple Storage Service Developer Guide*\.
 23 | 
 24 | **Grant access with IAM identities**  
 25 | When setting up accounts for new team members who require S3 access, use IAM users and roles to ensure least privileges\. You can also implement a form of IAM multi\-factor authentication \(MFA\) to support a strong identity foundation\. Using IAM identities, you can grant unique permissions to users and specify what resources they can access and what actions they can take\. IAM identities provide increased capabilities, including the ability to require users to enter login credentials before accessing shared resources and apply permission hierarchies to different objects within a single bucket\. 
 26 | 
 27 | For more information, see [ Example 1: Bucket owner granting its users bucket permissions](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example1.html) in the *Amazon Simple Storage Service Developer Guide*\.
 28 | 
 29 | **Bucket policies**  
 30 | With bucket policies, you can personalize bucket access to help ensure that only those users you have approved can access resources and perform actions within them\. In addition to bucket policies, you should use bucket\-level Block Public Access settings to further limit public access to your data\. 
 31 | 
 32 | For more information, see [ Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon Simple Storage Service Developer Guide*\.
 33 | 
 34 | When creating policies, avoid the use of wildcards in the `Principal` element because it effectively allows anyone to access your Amazon S3 resources\. It's better to explicitly list users or groups that are allowed to access the bucket\. Rather than including a wildcard for their actions, grant them specific permissions when applicable\. 
 35 | 
 36 | To further maintain the practice of least privileges, Deny statements in the `Effect` element should be as broad as possible and Allow statements should be as narrow as possible\. Deny effects paired with the "`s3:*`" action are another good way to implement opt\-in best practices for the users included in policy condition statements\.
 37 | 
 38 | For more information about specifying conditions for when a policy is in effect, see [ Amazon S3 Condition Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) in the *Amazon Simple Storage Service Developer Guide*\.
 39 | 
 40 | **Buckets in a VPC setting**  
 41 | When adding users in a corporate setting, you can use a virtual private cloud \(VPC\) endpoint to allow any users in your virtual network to access your Amazon S3 resources\. VPC endpoints enable developers to provide specific access and permissions to groups of users based on the network the user is connected to\. Rather than adding each user to an IAM role or group, you can use VPC endpoints to deny bucket access if the request doesn’t originate from the specified endpoint\.
 42 | 
 43 | For more information, see [ Example Bucket Policies for VPC Endpoints for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies-vpc-endpoint.html) in the *Amazon Simple Storage Service Developer Guide*\.
 44 | 
 45 | ## Storing and sharing data<a name="access-control-best-practices-store-share"></a>
 46 | 
 47 | Use the following tools and best practices to store and share your Amazon S3 data\.
 48 | 
 49 | **Versioning and Object Lock for data integrity**  
 50 | If you use the Amazon S3 console to manage buckets and objects, you should implement S3 Versioning and S3 Object Lock\. These features help prevent accidental changes to critical data and enable you to roll back unintended actions\. This capability is particularly useful when there are multiple users with full write and execute permissions accessing the Amazon S3 console\. 
 51 | 
 52 | For information about S3 Versioning, see [ Using versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html) in the *Amazon Simple Storage Service Developer Guide*\. For information about Object Lock, see [ Locking objects using S3 Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) in the *Amazon Simple Storage Service Developer Guide*\.
 53 | 
 54 | **Object lifecycle management for cost efficiency**  
 55 | To manage your objects so that they are stored cost effectively throughout their lifecycle, you can pair lifecycle policies with object versioning\. Lifecycle policies define actions that you want S3 to take during an object's lifetime\. For example, you can create a lifecycle policy that will transition objects to another storage class, archive them, or delete them after a specified period of time\. You can define a lifecycle policy for all objects or a subset of objects in the bucket by using a shared prefix or tag\.
 56 | 
 57 | For more information, see [ Object lifecycle management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon Simple Storage Service Developer Guide*\.
 58 | 
 59 | **Cross\-Region Replication for multiple office locations**  
 60 | When creating buckets that are accessed by different office locations, you should consider implementing S3 Cross\-Region Replication\. Cross\-Region Replication helps ensure that all users have access to the resources they need and increases operational efficiency\. Cross\-Region Replication offers increased availability by copying objects across S3 buckets in different AWS Regions\. However, the use of this tool increases storage costs\. 
 61 | 
 62 | For more information, see [ Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon Simple Storage Service Developer Guide*\.
 63 | 
 64 | **Permissions for secure static website hosting**  
 65 | When configuring a bucket to be used as a publicly accessed static website, you need to disable all Block Public Access settings\. It is important to only provide `s3:GetObject` actions and not `ListObject` or `PutObject` permissions when writing the bucket policy for your static website\. This helps ensure that users cannot view all the objects in your bucket or add their own content\.
 66 | 
 67 | For more information, see [ Setting permissions for website access](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html) in the *Amazon Simple Storage Service Developer Guide*\.
 68 | 
 69 | Amazon CloudFront provides the capabilities required to set up a secure static website\. Amazon S3 static websites only support HTTP endpoints\. CloudFront uses the durable storage of Amazon S3 while providing additional security headers like HTTPS\. HTTPS adds security by encrypting a normal HTTP request and protecting against common cyber attacks\.
 70 | 
 71 | For more information, see [Getting started with a secure static website](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/getting-started-secure-static-website-cloudformation-template.html) in the *Amazon CloudFront Developer Guide*\.
 72 | 
 73 | ## Sharing resources<a name="access-control-best-practices-groups"></a>
 74 | 
 75 | There are several different ways that you can share resources with a specific group of users\. You can use the following tools to share a set of documents or other resources to a single group of users, department, or office\. Although they can all be used to accomplish the same goal, some tools might pair better than others with your existing settings\. 
 76 | 
 77 | **User policies**  
 78 | You can share resources with a limited group of people using IAM groups and user policies\. When creating a new IAM user, you are prompted to create and add them to a group\. However, you can create and add users to groups at any point\. If the individuals you intend to share these resources with are already set up within IAM, you can add them to a common group and share the bucket with their group within the user policy\. You can also use IAM user policies to share individual objects within a bucket\.
 79 | 
 80 | For more information, see [ Allowing an IAM User Access to One of Your Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-policies-s3.html#iam-policy-ex0) in the *Amazon Simple Storage Service Developer Guide*\.
 81 | 
 82 | 
 83 | 
 84 | **Access control lists**  
 85 | As a general rule, we recommend that you use S3 bucket policies or IAM policies for access control\. Amazon S3 access control lists \(ACLs\) are a legacy access control mechanism that predates IAM\. If you already use S3 ACLs and you find them sufficient, there is no need to change\. However, certain access control scenarios require the use of ACLs\. For example, when a bucket owner wants to grant permission to objects, but not all objects are owned by the bucket owner, the object owner must first grant permission to the bucket owner\. This is done using an object ACL\.
 86 | 
 87 | For more information, see [ Example 3: Bucket owner granting its users permissions to objects it does not own](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example3.html) in the *Amazon Simple Storage Service Developer Guide*\.
 88 | 
 89 | **Prefixes**  
 90 | When trying to share specific resources from a bucket, you can replicate folder\-level permissions using prefixes\. The Amazon S3 console supports the folder concept as a means of grouping objects by using a shared name prefix for objects\. You can then specify a prefix within the conditions of an IAM user's policy to grant them explicit permission to access the resources associated with that prefix\. 
 91 | 
 92 | For more information, see [Using folders](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-folders.html) in the *Amazon Simple Storage Service Console User Guide*\.
 93 | 
 94 | **Tagging**  
 95 | If you use object tagging to categorize storage, you can share objects that have been tagged with a specific value with specified users\. Resource tagging allows you to control access to objects based on the tags associated with the resource that a user is trying to access\. To do this, use the `ResourceTag/key-name` condition within an IAM user policy to allow access to the tagged resources\. 
 96 | 
 97 | For more information, see [Controlling access to AWS resources using resource tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the *IAM User Guide*\.
 98 | 
 99 | ## Protecting data<a name="access-control-best-practices-groups"></a>
100 | 
101 | Use the following tools to help protect data in transit and at rest, both of which are crucial in maintaining the integrity and accessibility of your data\.
102 | 
103 | **Object encryption**  
104 | Amazon S3 offers several object encryption options that protect data in transit and at rest\. Server\-side encryption encrypts your object before saving it on disks in its data centers and then decrypts it when you download the objects\. As long as you authenticate your request and you have access permissions, there is no difference in the way you access encrypted or unencrypted objects\. When setting up server\-side encryption, you have three mutually exclusive options: 
105 | + Amazon S3 managed keys \(SSE\-S3\)
106 | + Customer master keys \(CMK\) stored in AWS Key Management Service \(SSE\-KMS\)
107 | + Customer\-provided keys \(SSE\-C\)
108 | 
109 | For more information, see [ Protecting data using server\-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) in the *Amazon Simple Storage Service Developer Guide*\.
110 | 
111 | Client\-side encryption is the act of encrypting data before sending it to Amazon S3\. For more information, see [ Protecting data using client\-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) in the *Amazon Simple Storage Service Developer Guide*\.
112 | 
113 | **Signing methods**  
114 | Signature Version 4 is the process of adding authentication information to AWS requests sent by HTTP\. For security, most requests to AWS must be signed with an access key, which consists of an access key ID and secret access key\. These two keys are commonly referred to as your security credentials\.
115 | 
116 | For more information, see [Authenticating Requests \(AWS Signature Version 4\)](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) and [Signature Version 4 signing process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)\.
117 | 
118 | **Logging and monitoring**  
119 | Monitoring is an important part of maintaining the reliability, availability, and performance of your Amazon S3 solutions so that you can more easily debug a multi\-point failure if one occurs\. Logging can provide insight into any errors users are receiving, and when and what requests are made\. AWS provides several tools for monitoring your Amazon S3 resources: 
120 | + Amazon CloudWatch
121 | + AWS CloudTrail
122 | + Amazon S3 Access Logs
123 | + AWS Trusted Advisor
124 | 
125 | For more information, see [ Logging and monitoring in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-incident-response.html) in the *Amazon Simple Storage Service Developer Guide*\.
126 | 
127 | Amazon S3 is integrated with AWS CloudTrail, a service that provides a record of actions taken by a user, a role, or an AWS service in Amazon S3\. This feature can be paired with Amazon GuardDuty, which monitors threats against your Amazon S3 resources by analyzing CloudTrail management events and CloudTrail S3 data events\. These data sources monitor different kinds of activity\. For example, S3 related CloudTrail management events include operations that list or configure S3 projects\. GuardDuty analyzes S3 data events from all of your S3 buckets and monitors them for malicious and suspicious activity\.
128 | 
129 | For more information, see [Amazon S3 protection in Amazon GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html) in the *Amazon GuardDuty User Guide*\.


--------------------------------------------------------------------------------
/doc_source/index.md:
--------------------------------------------------------------------------------
 1 | # Amazon Simple Storage Service Getting Started Guide
 2 | 
 3 | -----
 4 | *****Copyright &copy; 2020 Amazon Web Services, Inc. and/or its affiliates. All rights reserved.*****
 5 | 
 6 | -----
 7 | Amazon's trademarks and trade dress may not be used in 
 8 |      connection with any product or service that is not Amazon's, 
 9 |      in any manner that is likely to cause confusion among customers, 
10 |      or in any manner that disparages or discredits Amazon. All other 
11 |      trademarks not owned by Amazon are the property of their respective
12 |      owners, who may or may not be affiliated with, connected to, or 
13 |      sponsored by Amazon.
14 | 
15 | -----
16 | ## Contents
17 | + [Getting started with Amazon Simple Storage Service](GetStartedWithS3.md)
18 | + [Setting up Amazon S3](SigningUpforS3.md)
19 | + [Creating a bucket](CreatingABucket.md)
20 | + [Uploading an object to a bucket](PuttingAnObjectInABucket.md)
21 | + [Downloading an object](OpeningAnObject.md)
22 | + [Copying an object to a folder](CopyingAnObject.md)
23 | + [Deleting objects and buckets](DeletingAnObjectandBucket.md)
24 | + [Where do I go from here?](ImplementingS3.md)
25 |    + [Common use scenarios](S3-gsg-CommonUseScenarios.md)
26 |    + [Considerations going forward](s3-gsg-ConsiderationsGoingForward.md)
27 |    + [Advanced Amazon S3 features](S3-gsg-AdvancedAmazonS3Features.md)
28 |    + [Access control best practices](access-control-best-practices.md)
29 |    + [Development resources](S3-gsg-DevelopmentResources.md)
30 |    + [Reference resources](S3-gsg-ReferenceResources.md)
31 | + [About this guide](AboutThisGuide.md)


--------------------------------------------------------------------------------
/doc_source/s3-gsg-ConsiderationsGoingForward.md:
--------------------------------------------------------------------------------
 1 | # Considerations going forward<a name="s3-gsg-ConsiderationsGoingForward"></a>
 2 | 
 3 | This section introduces you to topics you should consider before launching your own Amazon S3 product\.
 4 | 
 5 | **Topics**
 6 | + [AWS account and security credentials](#iam-about-shared)
 7 | + [Security](#s3-gsg-Security)
 8 | + [AWS integration](#s3-gsg-AWSIntegration)
 9 | + [Pricing](#s3-gsg-Pricing)
10 | 
11 | ## AWS account and security credentials<a name="iam-about-shared"></a>
12 | 
13 | When you signed up for the service, you created an AWS account using an email address and password\. Those are your AWS account root user credentials\. As a best practice, you should not use your root user credentials to access AWS\. Nor should you give your credentials to anyone else\. Instead, create individual users for those who need access to your AWS account\. First, create an AWS Identity and Access Management \(IAM\) administrator user for yourself and use it for your daily work\. For details, see [Creating your first IAM admin user and group](https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started_create-admin-group.html) in the *IAM User Guide*\. Then create additional IAM users for other people\. For details, see [Creating your first IAM delegated user and group](https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started_create-delegated-user.html) in the *IAM User Guide*\.
14 | 
15 | If you're an account owner or administrator and want to know more about IAM, see the product description at [https://aws\.amazon\.com/iam](https://aws.amazon.com/iam) or the technical documentation in the [IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html)\.
16 | 
17 | ## Security<a name="s3-gsg-Security"></a>
18 | 
19 | Amazon S3 provides authentication mechanisms to secure data stored in Amazon S3 against unauthorized access\. Unless you specify otherwise, only the AWS account owner can access data uploaded to Amazon S3\. For more information about how to manage access to buckets and objects, go to [Identity and Access Management in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) in the *Amazon Simple Storage Service Developer Guide*\. 
20 | 
21 | You can also encrypt your data before uploading it to Amazon S3\.
22 | 
23 | ## AWS integration<a name="s3-gsg-AWSIntegration"></a>
24 | 
25 | You can use Amazon S3 alone or in concert with one or more other Amazon products\. The following are the most common products used with Amazon S3:
26 | + [Amazon EC2](https://aws.amazon.com/ec2/)
27 | + [Amazon EMR](https://aws.amazon.com/elasticmapreduce/)
28 | + [Amazon SQS](https://aws.amazon.com/sqs/)
29 | + [Amazon CloudFront ](https://aws.amazon.com/cloudfront/)
30 | 
31 | ## Pricing<a name="s3-gsg-Pricing"></a>
32 | 
33 | Learn the pricing structure for storing and transferring data on Amazon S3\. For more information, see [Amazon S3 pricing](https://aws.amazon.com/s3/pricing/)\.


--------------------------------------------------------------------------------