Amazon S3 now allows tagging on S3 Tables to help manage access permissions and track costs. Tags can simplify permission management and assist in organizing AWS expenses. This feature is available in all regions supporting S3 Tables.

The article recounts a costly mistake involving AWS NAT Gateways and data transfer fees due to a missing VPC Endpoint for S3. After a surprise $1,000 bill, the author explains how to implement VPC Gateway Endpoints to prevent similar charges in the future.

AWS is discontinuing its SSE-C encryption for S3, a feature that allowed users to manage their own encryption keys. While not widely adopted, it was exploited in a ransomware scheme, prompting the decision to remove it. The article outlines alternatives like KMS and client-side encryption.

Fog Security revealed methods to evade AWS Trusted Advisor's S3 security checks, allowing public access to S3 buckets without triggering alerts. Despite reporting these issues to AWS, initial fixes were incomplete, leading to continued inaccurate assessments of bucket security. Their communication regarding the problem's severity was also criticized as insufficient.

Amazon S3 now allows users to change the server-side encryption type of existing objects without moving data. You can use the UpdateObjectEncryption API to switch between encryption methods, such as from SSE-S3 to SSE-KMS, and apply these changes at scale with S3 Batch Operations. This is particularly useful for meeting compliance and security standards.

This article details Yelp's approach to handling S3 server access logs at scale. It discusses the challenges of logging, the benefits of object-level logging for debugging and security, and the architecture used to optimize log storage by converting them into a more efficient format.

This article discusses an interview with Mai-Lan Tomsen Bukovec, VP of Data and Analytics at AWS, focusing on the engineering behind Amazon S3. Key topics include S3's scale, strong consistency, durability measures, and the use of formal methods to ensure system correctness.

The article discusses how Amazon Web Services (AWS) S3 scales effectively by utilizing tens of millions of hard drives to manage vast amounts of data. It highlights the architecture and technology behind S3's storage system, emphasizing its reliability and performance in handling large-scale data storage requirements.

A critical vulnerability in AWS Lambda functions allows attackers to exploit OS command injection through S3 file uploads, potentially compromising AWS credentials and enabling further malicious actions such as phishing via AWS SES. The article highlights the importance of proper configuration and vulnerability scanning to prevent such attacks in event-driven architectures.

AWS announced significant price reductions for the Amazon S3 Express One Zone storage class, effective April 10, 2025, including up to 85% off GET request prices and 60% off data upload and retrieval charges. Designed for high-performance workloads, S3 Express One Zone offers faster data access and supports a wide range of applications, enhancing both performance and cost efficiency for users. Customers have already reported improved performance and reduced costs using this storage solution.

A scalable and cost-optimized backup system for S3 data warehouses has been implemented, utilizing AWS Lambda and ECS Fargate to handle incremental backups efficiently. The system reduces costs by copying only new or changed files, employs a safe deletion workflow for old data, and is designed to scale seamlessly from small to massive datasets. Key features include automated validation, parallel processing, and lifecycle-based retention strategies.