TalksAWS re:Invent 2025 - What's new with Amazon S3 (STG206)

AWS re:Invent 2025 - What's new with Amazon S3 (STG206)

AWS re:Invent 2025 - What's New with Amazon S3 (STG206)

Security Enhancements

  • Tag-Based Access Controls: Simplifies access management by allowing permissions to be controlled using resource tags, instead of complex policies across multiple buckets.
    • Provides a simple policy format to grant access based on tags.
    • Introduces new APIs to manage tags more efficiently (untag, tag, list tags).
    • Works across all S3 resource types (buckets, directories, access points, tables, vectors).
  • Organization-Level Controls:
    • Block public access and 403 context can now be applied at the organization level.
    • Ensures consistent security practices across an entire AWS organization.
  • Encryption Updates:
    • Added support for Post-Quantum TLS (PQTLS) encryption for data in-transit.
    • Deprecated the SSEC encryption type, which will be off by default for new buckets in 2026.
    • Focused on updating defaults to security best practices (e.g. ACLs off by default).

Durability and Reliability

  • 11 9's Durability: S3 achieves this through end-to-end integrity checks, redundant storage, and regular durability audits.
  • Data Integrity Checks: New batch operations feature allows efficient checksum validation of data at rest, without impacting storage tiers or requiring Glacier restores.

S3 Express

  • High-performance storage option for low-latency, high-throughput use cases.
  • Updates include:
    • 85% price reduction
    • Increased TPS limits (2M reads, 200K writes)
    • Added object rename API
    • Introduced access point support for granular permissions

S3 Objects and API

  • Conditional Writes: Added new APIs for conditional put, copy, and delete operations to prevent accidental overwrites.
  • Increased Object Size Limit: Raised the maximum object size from 5TB to 50TB.
  • Batch Operations Enhancements:
    • Added "no manifest" option to process all objects in a bucket/prefix.
    • Automated IAM role creation.
    • Increased scale to 20 billion objects per job.
    • 10x performance improvement.

S3 Tables (Apache Iceberg)

  • Over 400,000 tables created since launch.
  • Key updates:
    • Iceberg REST catalog endpoint for direct API access.
    • Increased table limit to 10,000 per bucket.
    • Added sort compaction and 90% price reduction.
    • Enabled schema definition on table creation.
  • Tables as AWS Resources:
    • Enables features like table-level CloudWatch/CloudTrail, cost management, and KMS keys.
  • Table Replication:
    • Provides read-only replicas of Iceberg tables, with metadata rewriting for consistent query results.
  • Intelligent Tiering for Tables:
    • Automatically tiers data based on access patterns, reducing storage costs by up to 80%.
    • Compaction only occurs in the frequent access tier to preserve cost savings.
  • SageMaker Unified Studio Integration:
    • Enables one-click access to S3 tables from the SageMaker console, with SQL editors and notebooks.

S3 Metadata

  • Journal Table: Records all object-level changes (puts, deletes, metadata updates) in an Iceberg table.
  • Live Inventory Table: Provides a point-in-time view of all objects in a bucket, updated periodically.
  • Enables SQL-based exploration and analysis of bucket contents and change history.

S3 Vectors

  • Provides a native vector store in S3 for AI/ML use cases.
    • Stores vector embeddings generated by large language models.
    • Enables efficient semantic search and similarity-based retrieval.
  • Key features:
    • Up to 90% cost reduction compared to custom vector stores.
    • 100ms latency range, scales elastically with no provisioning.
    • Supports up to 2 billion vectors per index, 10,000 indexes per bucket.
  • Integration with other AWS services:
    • Amazon OpenSearch for hybrid search.
    • Amazon Bedrock for knowledge base creation and retrieval.

Key Takeaways

  • S3 continues to evolve with a focus on security, durability, performance, and AI/ML workloads.
  • New features like tag-based access controls, table replication, and S3 Vectors provide significant operational and cost benefits.
  • Tight integration with other AWS services (SageMaker, Bedrock, OpenSearch) enables seamless end-to-end solutions.
  • S3 is becoming an increasingly versatile and intelligent data platform, supporting a wide range of modern application requirements.

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.