Concepts for directory buckets in Local Zones

Before creating a directory bucket in an AWS Local Zone (Local Zone), it's essential to know the Local Zone ID where you want to create a bucket. You can obtain a list of Local Zone IDs by using the DescribeAvailabilityZones API operation. This API operation provides information about Local Zones (including Local Zone IDs), their parent Regions, and network border groups. The directory bucket name consists of a base name that you provide and a suffix that contains the Zone ID of your bucket location.

A Local Zone is connected to the parent Region using the Amazon redundant and very high-bandwidth private network. This gives applications running in the Local Zone fast, secure, and seamless access to the rest of the AWS services. Parent Zone ID is the ID of the zone that handles some of the Local Zone control plane operations, such as API calls. Network Border Group is a unique group from which AWS advertises public IP addresses. For more information about Local Zones, parent Region, and parent Zone ID, see AWS Local Zones concepts in the AWS Local Zones User Guide.

All directory buckets use the s3express namespace, which is different from the s3 namespace for general purpose buckets. For directory buckets, requests are routed to either a Regional endpoint or a Zonal endpoint. The routing is handled automatically for you if you use the AWS Management Console, AWS CLI, or AWS SDKs.

Bucket-level API operations (such as CreateBucket and DeleteBucket) are routed to Regional endpoints, and are referred to as Regional endpoint API operations. Regional endpoints are in the format of s3express-control.ParentZoneID.amazonaws.com. All object-level API operations (such as PutObject) and two bucket-level API operations (CreateSession and HeadBucket) are routed to Zonal endpoints, and are referred to as Zonal endpoint API operations. Zonal endpoints are in the format of s3express-LocalZoneID.ParentRegionCode.amazonaws.com. For a complete list of API operations by endpoint type, see Directory bucket API operations.

To access directory buckets in Local Zones from your virtual private cloud (VPC), you can use gateway VPC endpoints. There is no additional charge for using gateway endpoints. To configure gateway VPC endpoints to access directory buckets and objects in Local Zones, see Private connectivity from your VPC.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Data residency workloads

Enable accounts for Dedicated Local Zones