Amazon S3 now supports conditional writes that can check for the existence of an object before creating it. This helps developers more easily prevent applications from overwriting any existing objects when uploading data. Conditional writes can be used to simplify how distributed applications with multiple clients concurrently update data in parallel across shared datasets. Developers no longer need to build any client-side consensus mechanisms to coordinate updates or use additional API requests to check for the presence of an object before uploading data. The feature is available at no additional charge in all AWS regions.

Amazon S3 can be used as a strongly consistent event store with the help of the new conditional writes feature. Conditional writes enable optimistic concurrency, which is necessary for managing data updates in distributed systems. This article provides a step-by-step guide on how to implement this strategy. It also goes over structured naming conventions and conflict resolution.

Amazon S3 has some aspects that can lead to security vulnerabilities. This article goes through some of these, such as the ability to perform certain actions without authentication, alternative ways to retrieve object keys, incomplete multipart uploads that can be deleted but not downloaded, and the potential for accidental public exposure of buckets through misconfigurations.

S3, Amazon's object storage service, is missing features like compare-and-swap (CAS), multi-region buckets, and object appends. S3 Express One Zone, S3's faster alternative, lacks many standard S3 features and has high storage costs. As S3 continues to not have these modern features, developers will have to either build workarounds or move on to an S3 alternative.

While S3 is undoubtedly a feat of engineering, its feature set is falling behind its competitors. S3 doesn't have a compare-and-swap operation, something every other competitor has, and it also lacks multi-region buckets and object appends. Engineers wanting any of these features have to either abandon S3 or build around these gaps.

Supabase Storage now supports the S3 protocol with a new API and newly supported multipart uploads with the S3 protocol.

Misconfigured AWS S3 buckets can be hacked through various means, such as examining HTTP responses, using search engines, and bruteforcing common keywords. Developers can test for misconfigurations by testing for list, read, write, and download permissions, examining Access Control Lists (ACLs), and checking for missing file type restrictions and S3 versioning. Knowing how to do this is important to actually secure your S3 buckets properly against unknown attackers.

Elastic Block Store (EBS) at AWS has evolved from simple shared drives to a massive, distributed SSD system delivering over 140 trillion operations daily. This post shares key lessons learned over the years, emphasizing the importance of incremental improvements, comprehensive instrumentation, and the power of constraints to drive innovation. It also discusses how a team tackled performance challenges by addressing the entire system stack, from the hypervisor to the network, and ultimately by building their own SSDs optimized for EBS.

Starting today, AWS is waiving Data Transfer Out fees for customers wishing to migrate their data to another cloud provider or on-premises.

One major bottleneck in the boot time of Amazon EC2 instances is the initial loading of data blocks from S3 to the EBS root volume, which can be sped up by pre-warming the volume by booting and stopping the instance once. Another optimization in the boot process is using cheaper instance types for warming and resizing the instance before starting. These optimizations helped this author reduce boot times from 40 seconds to 5 seconds.

This developer's Google Cloud Storage bill skyrocketed due to someone downloading thousands of images per second from his public bucket. To prevent future abuse, he implemented a solution that generates temporary, signed URLs for images that expire after a set period, and then redirected users through a Rails application. He also added rate limiting to the API and website.