Getting started with S3 Express One Zone
The following section describes how to get started using the Amazon S3 Express One Zone storage class and directory buckets. For more information, see What is S3 Express One Zone?.
Topics
Set up Amazon Identity and Access Management (IAM) with S3 Express One Zone
Amazon Identity and Access Management (IAM) is an Amazon Web Service that helps administrators securely control access to Amazon resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use Amazon S3 resources in S3 Express One Zone. You can use IAM for no additional charge.
By default, users don't have permissions for directory buckets and S3 Express One Zone operations. To grant access permissions for directory buckets and S3 Express One Zone operations, you can use IAM to create users or roles and attach permissions to those identities.
To get started with IAM, see Amazon Identity and Access Management (IAM) for S3 Express One Zone and IAM identity-based policies for S3 Express One Zone.
Configure gateway VPC endpoints
To access S3 Express One Zone, you use Regional and Zonal endpoints that are different from standard Amazon S3 endpoints. Depending on the Amazon S3 API operation that you use, either a Zonal or Regional endpoint is required. For a complete list of supported API operations by endpoint type, see API operations supported by S3 Express One Zone. You must access both Zonal and Regional endpoints through a gateway virtual private cloud (VPC) endpoint. To configure gateway endpoints, see Networking for S3 Express One Zone.
Work with S3 Express One Zone by using the S3 console, Amazon CLI, and Amazon SDKs
You can work with the S3 Express One Zone storage class and directory buckets by using the Amazon SDKs, Amazon S3 console, Amazon Command Line Interface (Amazon CLI), and Amazon S3 REST API.
S3 Console
To get started using the S3 console, follow these steps:
Amazon SDKs
S3 Express One Zone supports the following Amazon SDKs:
-
Amazon SDK for C++
-
Amazon SDK for Go v2
-
Amazon SDK for Java 2.x
-
Amazon SDK for JavaScript v3
-
Amazon SDK for .NET
-
Amazon SDK for PHP
-
Amazon SDK for Python (Boto3)
-
Amazon SDK for Ruby
-
Amazon SDK for Kotlin
-
Amazon SDK for Rust
When you're working with S3 Express One Zone, we recommend using the latest version of the Amazon SDKs. The supported Amazon SDKs for S3 Express One Zone handle session establishment, refreshment, and termination on your behalf. This means that you can immediately start using API operations after you download and install the Amazon SDKs and configure the necessary IAM permissions. For more information, see Amazon Identity and Access Management (IAM) for S3 Express One Zone.
For information about the Amazon SDKs, including how to download and install them,
see Tools to Build on
Amazon
For Amazon SDK examples, see the following:
Amazon Command Line Interface (Amazon CLI)
You can use the Amazon Command Line Interface (Amazon CLI) to create directory buckets and use supported Regional and Zonal endpoint API operations for S3 Express One Zone.
To get started with the Amazon CLI, see Get started with the Amazon CLI in the Amazon CLI Command Reference.
Note
To use directory buckets with the high-level aws s3 commands, update your Amazon CLI to the latest version. For more information about how to install and configure the Amazon CLI,
see Install or update the latest version of the Amazon CLI in the Amazon CLI Command Reference.
For Amazon CLI examples, see the following: