Amazon S3 REST API Introduction - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon S3 REST API Introduction

Welcome to the Amazon Simple Storage Service API Reference. This guide explains the Amazon Simple Storage Service (Amazon S3) application programming interface (API). It describes various API operations, related request and response structures, and error codes. The current version of the Amazon S3 API is 2006-03-01.

Amazon S3 supports the REST API.

Note

Support for SOAP over HTTP is deprecated, but it is still available over HTTPS. However, new Amazon S3 features will not be supported for SOAP. We recommend that you use either the REST API or the Amazon SDKs.

Read the following about authentication and access control before going to specific API topics.

Requests to Amazon S3 can be authenticated or anonymous. Authenticated access requires credentials that Amazon can use to authenticate your requests. When making REST API calls directly from your code, you create a signature using valid credentials and include the signature in your request. For information about various authentication methods and signature calculations, see Authenticating Requests (Amazon Signature Version 4).

Making REST API calls directly from your code can be cumbersome. It requires you to write the necessary code to calculate a valid signature to authenticate your requests. We recommend the following alternatives instead:

  • Use the Amazon SDKs to send your requests (see Sample Code and Libraries). With this option, you don't need to write code to calculate a signature for request authentication because the SDK clients authenticate your requests by using access keys that you provide. Unless you have a good reason not to, you should always use the Amazon SDKs.

  • Use the Amazon CLI to make Amazon S3 API calls. For information about setting up the Amazon CLI and example Amazon S3 commands see the following topics:

    Set Up the Amazon CLI in the Amazon Simple Storage Service User Guide.

    Using Amazon S3 with the Amazon Command Line Interface in the Amazon Command Line Interface User Guide.

If you'd like to make your own REST API calls instead of using one of the above alternatives, there are some things to keep in mind. The REST API uses standard HTTP headers and status codes, so standard browsers and toolkits work as expected. In some areas, we have added functionality to HTTP (for example, we added headers to support access control). In these cases, we have done our best to add the new functionality in a way that matches the style of standard HTTP usage. For more information about making requests, see Making requests in the Amazon Simple Storage Service User Guide. For additional details about developing using REST APIs, see Developing with Amazon S3 using the REST API in the Amazon Simple Storage Service User Guide.

You can have valid credentials to authenticate your requests, but unless you have permissions you cannot create or access Amazon S3 resources. For example, you must have permissions to create an S3 bucket or get an object from your bucket. If you use the root user credentials of your Amazon Web Services account, you have all the permissions. However, using root user credentials is not recommended. Instead, we recommend that you create IAM roles in your account and manage user permissions. For more information, see Managing Access Permissions to Your Amazon S3 Resources in the Amazon Simple Storage Service User Guide.