BeginnerAWSUpdated 2026-05-01

AWS S3 Complete Guide

What You Will Learn

Amazon S3 is object storage used for files, backups, static assets, logs, data lakes, and static websites. This guide explains buckets, objects, access, storage classes, lifecycle rules, and best practices.

Prerequisites

  • AWS account
  • Basic cloud storage understanding
  • IAM basics

Concept Overview

S3 stores data as objects inside buckets. Each object has a key, value, metadata, and permissions. S3 is highly durable and designed for many storage patterns.

Step-by-Step Explanation

  1. Create a bucket with a globally unique name.
  2. Choose the AWS Region.
  3. Keep public access blocked unless you have a specific public use case.
  4. Upload objects using the console, CLI, SDK, or application.
  5. Use bucket policies and IAM permissions carefully.
  6. Choose storage classes based on access frequency.
  7. Add lifecycle rules to transition or expire old data.
  8. Enable versioning where accidental overwrite or delete protection matters.
  9. Use CloudFront for public static assets.

Code Example

BASH
aws s3 mb s3://my-private-app-assets --region ap-south-1
aws s3api put-bucket-versioning \
  --bucket my-private-app-assets \
  --versioning-configuration Status=Enabled
aws s3 sync ./dist s3://my-private-app-assets/react-app/ --delete

Real-World Use Cases

  • Static website hosting
  • React app build hosting
  • User-uploaded files
  • Application logs
  • Backups
  • Data lake storage

Best Practices

  • Keep buckets private by default.
  • Use IAM roles instead of long-lived access keys.
  • Enable encryption.
  • Use lifecycle policies for cost control.
  • Put CloudFront in front of public assets.
  • Enable versioning for important data.
  • Monitor access with CloudTrail and S3 server access logs where needed.

Common Mistakes

  • Making buckets public accidentally
  • Storing secrets in public objects
  • Not setting lifecycle rules
  • Using one bucket for unrelated environments
  • Giving broad s3:* permissions

Interview Questions

  • What is the difference between a bucket and an object?
  • How does S3 versioning help?
  • What are S3 storage classes?
  • Why use CloudFront with S3?
  • How do bucket policies differ from IAM policies?

Summary

S3 is simple to start but powerful in production. The safest default is private storage, least-privilege IAM, encryption, lifecycle rules, and CloudFront for public delivery.