Creating a Bucket

You can create a bucket to store your objects. The storage is not time-restricted and is available at any time.

You can set permissions for other users to access your buckets and your objects, or make them public using an Access Control List (ACL). For more information, see Access Control List (ACL) Reference.

Ensure not to set public read permissions for your sensitive data.

You can enable the versioning of the bucket. You can then retrieve and download any version of an object. For more information, see About OOS > Objects and Enabling or Disabling Bucket Versioning.

Creating a Bucket Using AWS CLI

To create a bucket, use the create-bucket command following this syntax:

Request sample
$ aws s3api create-bucket \
    --profile YOUR_PROFILE \
    --bucket BUCKET \
    --acl private \
    --grant-full-control "id=USER_ID, id=USER_ID" \
    --grant-read "id=USER_ID, id=USER_ID" \
    --grant-read-acp "id=USER_ID, id=USER_ID" \
    --grant-write "id=USER_ID, id=USER_ID" \
    --grant-write-acp "id=USER_ID, id=USER_ID" \

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • bucket: The name you want to give to your bucket, according to the corresponding naming rules. For more information, see About OOS.

    • When specifying new permissions, all the previous permissions are replaced. Therefore, you need to specify both the existing permissions that you want to keep (including for yourself) and the new permissions that you want to give in a single command.

    • If you are the owner of the bucket, you can lose your own permissions but not the ability to manage the ACL itself.

    For more information about existing permissions, see Getting Information About a Bucket ACL and Getting Information About an Object ACL.

  • (optional) acl: The permissions for your bucket (private | public-read | public-read-write | authenticated-read).

  • (optional) grant-full-control: One or more IDs of users to whom you grant the full-control permission.

  • (optional) grant-read: One or more IDs of users to whom you grant the read permission.

  • (optional) grant-read-acp: One or more IDs of users to whom you grant the read-acp permission.

  • (optional) grant-write: One or more IDs of users to whom you grant the write permission.

  • (optional) grant-write-acp: One or more IDs of users to whom you grant the write-acp permission.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The bucket is created.

  • You can also perform this action using an s3 command following this syntax:

    $ aws s3 mb --profile YOUR_PROFILE s3://YOUR_BUCKET --endpoint
  • You can also manage your object storage resources using s3cmd commands. For more information, see s3cmd.

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.