Release: Amazon S3 on 2011-06-06

Release Notes>Amazon S3>Release: Amazon S3 on 2011 06 06
In this release, Amazon S3 enables console support for folder uploads and simplifies granting cross-account IAM user access.


Submitted By: TimT@AWS
Release Date: June 6, 2011 7:00 AM GMT
Latest Version: 2006-03-01
Created On: June 7, 2011 2:27 AM GMT
Last Updated: June 7, 2011 2:27 AM GMT

New Feature

Feature Description

Console Support for Amazon S3 Folder Uploads

AWS Management Console now supports uploading entire folders to your Amazon S3 bucket. In addition to selecting one or more files in the console UI, you can now select folders to upload. When you select a folder for upload, the console uploads all its files and subfolders to the specific bucket. For more information, go to Uploading Objects into Amazon S3.

This feature is in beta.

Amazon S3 Simplifies Granting Cross-account IAM User Access

Previously, to access an Amazon S3 resource, an IAM user needed permissions from both the parent AWS account and the Amazon S3 resource owner. With cross-account access, the IAM user now only needs permission from the owner account. That is, if a resource owner grants access to an AWS account, the AWS account can now grant its IAM users access to these resources.

For example, if a bucket owner, Account A, grants bucket access to another AWS account, Account B, then the Account B can write a user policy granting IAM users under its account access to the bucket. These IAM users don't require any additional direct permission from the resource owner, Account A.

The cross-account access also enables a scenario related to server access logging. If you enable logging on your bucket, an Amazon S3 account periodically aggregates the log records into log files and writes them to your bucket. It also updates the ACL on the log objects granting full permissions to the bucket owner, an AWS account. Previously, the IAM users under the bucket owner could not access these log objects because the Amazon S3 account could not grant access to users under the bucket owner account. With the implicit cross-account access, IAM user needs access permission only from its parent account. The bucket owner can grant its users access to these log objects by using either a User or a Bucket policy.

For more information, go to Enabling Cross-Account Access in Using Identity and Access Management. To learn more about managing access to buckets and objects in Amazon S3, go to Access Control.

©2017, Amazon Web Services, Inc. or its affiliates. All rights reserved.