Welcome
Welcome to the Amazon Simple Storage Service API Reference. This guide explains the Amazon Simple Storage Service (Amazon S3) application programming interface (API).
Version
The current version of the Amazon S3 API is 2006-03-01.
Type
Amazon S3 supports the REST API.
Note
Support for SOAP over HTTP is deprecated, but it is still available over HTTPS. However, new Amazon S3 features will not be supported for SOAP. We recommend that you use either this REST API or the AWS SDKs at the following link:
This REST API reference includes:
S3 API Reference — which contains Actions (operations) and Data Types
Headers — Common Request Headers and Common Response Headers
Important
Read the following about authentication and access control before going to specific API topics.
Requests to Amazon S3 can be authenticated or anonymous. Authenticated access requires credentials that AWS can use to authenticate your requests.
API call recommendations
Making REST API calls directly from your code can be cumbersome. It requires you to write the necessary code to calculate a valid signature to authenticate your requests. We recommend the following alternatives instead:
-
Use the AWS SDKs
to send your requests. Also, see the Sample Code and Libraries
. If you use the SDKs, you don't need to write code to calculate a signature for request authentication because the SDK clients authenticate your requests by using access keys that you provide. Unless you have a good reason not to, you should always use the AWS SDKs.
-
Use the AWS CLI to make Amazon S3 API calls. For information about setting up the AWS CLI and example Amazon S3 commands see the following topics:
Set Up the AWS CLI in the Amazon Simple Storage Service User Guide.
Using Amazon S3 with the AWS Command Line Interface in the AWS Command Line Interface User Guide.
Making direct REST API calls
If you'd like to make your own REST API calls instead of using one of the above alternatives, there are some things to keep in mind.
To make direct REST API calls from your code, create a signature using valid credentials and include the signature in your request. For information about various authentication methods and signature calculations, see Authenticating Requests (AWS Signature Version 4).
The REST API uses standard HTTP headers and status codes, so standard browsers and toolkits work as expected. In some areas, we have added functionality to HTTP (for example, we added headers to support access control). In these cases, we have done our best to add the new functionality in a way that matches the style of standard HTTP usage. For more information about making requests, see Making requests in the Amazon Simple Storage Service User Guide. For additional details about developing using REST APIs, see Developing with Amazon S3 using the REST API in the Amazon Simple Storage Service User Guide.
Permissions
You can have valid credentials to authenticate your requests, but unless you have S3 permissions from the account owner or bucket owner you cannot create or access Amazon S3 resources. These permissions are typically granted through an AWS Identity and Access Management (IAM) policy, such as a bucket policy. For example, you must have permissions to create an S3 bucket or get an object in a bucket. For a complete list of S3 permissions, see Actions, resources, and condition keys for Amazon S3.
If you use the root user credentials of your AWS account, you have all the permissions. However, using root user credentials is not recommended. Instead, we recommend that you create AWS Identity and Access Management (IAM) roles in your account and manage user permissions. For more information, see Access Management in the Amazon Simple Storage Service User Guide.