AWS S3: You can check out but can never leave

AWS is announcing seven new S3 storage services on the 17th anniversary of its launch date. There are now more ways to get data in, but it is not reducing egress charges to get data out.

The S3 numbers are immense. The service now holds more than 280 trillion objects and averages over 100 million requests per second. AWS blogger Sébastien Stormacq says: “S3 performs over four billion checksum computations per second … Every day, you restore on average more than 1 petabyte from the S3 Glacier Flexible Retrieval and S3 Glacier Deep Archive storage classes … Every week, Amazon S3 Replication moves more than 100 petabytes of data … S3 is also at the core of hundreds of thousands of data lakes … Every day, Amazon S3 sends over 125 billion event notifications to serverless applications.”

He does not reveal the amount of money AWS makes from its egress charges, though. French cloud management platform supplier Holori has calculated egress charges for 50TB of data from various public clouds, with AWS the second worst:

AWS egress charges

Only Alibaba, with its $6,150 charge, is worse than AWS’s $4,300 cost. OVH and Scaleway have zero egress charges. Backblaze charges $0.01/GB to download data, meaning $10 to download 50TB, the same as Digital Ocean.

The seven new S3 services are:

  • Mountpoint for Amazon S3 (alpha release): an open source file client for Amazon S3 that translates local file storage API calls to REST API calls on objects in Amazon S3.
  • AWS Data Exchange for Amazon S3 enables users to find, subscribe to, and use third-party data files for analysis with AWS services without needing to create or manage copies to their account.
  • S3 Multi-Region Access Points now support replicated datasets that span multiple AWS accounts.
  • Aliases for S3 Object Lambda Access Points as CloudFront origin so you can now use an S3 Object Lambda Access Point alias as an origin for an Amazon CloudFront distribution to modify or dynamically transform an image depending on the user’s device;  desktop or smartphone.
  • Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for S3 now offer private DNS options that can help you more easily route Amazon S3 requests to the lowest-cost endpoint in your VPC.
  • Local Amazon S3 Replication on Outposts to automatically replicate your S3 objects to another Outpost or to another bucket on the same Outpost, and so meet data residency and data redundancy requirements.
  • Amazon OpenSearch Security Analytics enables a user’s Security Operations (SecOps) team to detect potential threats while having the tools to help with security investigations on historical data.