AWS AmazonS3 documentation change
Summary
Expanded documentation on bucket creation settings, including detailed sections for S3 Object Ownership, Object Lock, Block Public Access, Versioning, Default Encryption (with DSSE-KMS support), and S3 Bucket Keys. Clarified immutable bucket properties and added troubleshooting guidance.
Security assessment
The changes add documentation for security-related features like Object Ownership (ACL control), Block Public Access, encryption configurations (SSE-KMS/DSSE-KMS), and S3 Bucket Keys. These are preventive security controls rather than fixes for existing vulnerabilities. No specific CVE or incident response is mentioned.
Diff
diff --git a/AmazonS3/latest/userguide/create-bucket-overview.md b/AmazonS3/latest/userguide/create-bucket-overview.md index c840bb672..c2ff5f60a 100644 --- a/AmazonS3/latest/userguide/create-bucket-overview.md +++ b/AmazonS3/latest/userguide/create-bucket-overview.md @@ -4,0 +5,2 @@ +Bucket settings + @@ -7 +9,5 @@ -To upload your data to Amazon S3, you must first create an Amazon S3 bucket in one of the AWS Regions. The AWS account that creates the bucket owns it. When you create a bucket, you must choose a bucket name and Region. You can optionally choose other storage management options for the bucket. After you create a bucket, you cannot change the bucket name or Region. For information about naming buckets, see [General purpose bucket naming rules](./bucketnamingrules.html). +To upload your data to Amazon S3, you must first create an Amazon S3 bucket in one of the AWS Regions. The AWS account that creates the bucket owns it. When you create a bucket, you must choose a bucket name and Region. During the creation process, you can optionally choose other storage management options for the bucket. + +###### Important + +After you create a bucket, you can't change the bucket name, the bucket owner, or the Region. For more information about bucket naming, see [General purpose bucket naming rules](./bucketnamingrules.html). @@ -11 +17,12 @@ By default, you can create up to 10,000 general purpose buckets per AWS account. -You can store any number of objects in a bucket. For a list of restriction and limitations related to Amazon S3 buckets see, [Bucket quotas, limitations, and restrictions](./BucketRestrictions.html). +You can store any number of objects in a bucket. For a list of restriction and limitations related to Amazon S3 buckets, see [Bucket quotas, limitations, and restrictions](./BucketRestrictions.html). + +## Bucket settings + +When you're creating a bucket, you can use the following settings to control various aspects of your bucket's behavior: + + * **S3 Object Ownership** – S3 Object Ownership is an Amazon S3 bucket-level setting that you can use both to control ownership of objects that are uploaded to your bucket and to disable or enable access control lists (ACLs). By default, Object Ownership is set to the Bucket owner enforced setting, and all ACLs are disabled. With ACLs disabled, the bucket owner owns every object in the bucket and manages access to data exclusively by using policies. For more information, see [Controlling ownership of objects and disabling ACLs for your bucket](./about-object-ownership.html). + + * **S3 Object Lock** – S3 Object Lock can help prevent Amazon S3 objects from being deleted or overwritten for a fixed amount of time or indefinitely. Object Lock uses a _write-once-read-many_ (WORM) model to store objects. You can use Object Lock to help meet regulatory requirements that require WORM storage, or to add another layer of protection against object changes or deletion. For more information, see [Locking objects with Object Lock](./object-lock.html). + + + @@ -13 +30 @@ You can store any number of objects in a bucket. For a list of restriction and l -S3 Object Ownership is an Amazon S3 bucket-level setting that you can use both to control ownership of objects that are uploaded to your bucket and to disable or enable access control lists (ACLs). By default, Object Ownership is set to the Bucket owner enforced setting, and all ACLs are disabled. With ACLs disabled, the bucket owner owns every object in the bucket and manages access to data exclusively by using policies. +After you create a bucket, or when you're creating a bucket by using the Amazon S3 console, you can also use the following settings to control other aspects of your bucket's behavior: @@ -15 +32 @@ S3 Object Ownership is an Amazon S3 bucket-level setting that you can use both t -For more information, see [Controlling ownership of objects and disabling ACLs for your bucket](./about-object-ownership.html). + * **S3 Block Public Access** – The S3 Block Public Access feature provides settings for access points, buckets, and accounts to help you manage public access to Amazon S3 resources. By default, new buckets, access points, and objects don't allow public access. However, users can modify bucket policies, access point policies, or object permissions to allow public access. S3 Block Public Access settings override these policies and permissions so that you can limit public access to these resources. For more information, see [Blocking public access to your Amazon S3 storage](./access-control-block-public-access.html). @@ -17 +34 @@ For more information, see [Controlling ownership of objects and disabling ACLs f -Server-side encryption with Amazon S3 managed keys (SSE-S3) is the base level of encryption configuration for every bucket in Amazon S3. All new objects uploaded to an S3 bucket are automatically encrypted with SSE-S3 as the base level of encryption setting. If you want to use a different type of default encryption, you can also specify server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS) or customer-provided keys (SSE-C) to encrypt your data. For more information, see [Setting default server-side encryption behavior for Amazon S3 buckets](./bucket-encryption.html). + * **S3 Versioning** – Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your bucket. With versioning, you can easily recover from both unintended user actions and application failures. By default, versioning is disabled for buckets. For more information, see [Retaining multiple versions of objects with S3 Versioning](./Versioning.html). @@ -19 +36,8 @@ Server-side encryption with Amazon S3 managed keys (SSE-S3) is the base level of -You can use the Amazon S3 console, Amazon S3 APIs, AWS CLI, or AWS SDKs to create a bucket. For more information about the permissions required to create a bucket, see [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) in the _Amazon Simple Storage Service API Reference_. + * **Default encryption** – You can set the default encryption type for all objects in your bucket. Server-side encryption with Amazon S3 managed keys (SSE-S3) is the base level of encryption configuration for every bucket in Amazon S3. All new objects uploaded to an S3 bucket are automatically encrypted with SSE-S3 as the base level of encryption. If you want to use a different type of default encryption, you can specify server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), dual-layer server-side encryption with AWS KMS keys (DSSE-KMS), or server-side encryption with customer-provided keys (SSE-C) to encrypt your data. For more information, see [Setting default server-side encryption behavior for Amazon S3 buckets](./bucket-encryption.html). + + + + +You can use the Amazon S3 console, Amazon S3 REST API, AWS Command Line Interface (AWS CLI), or AWS SDKs to create a bucket. For more information about the permissions required to create a bucket, see [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) in the _Amazon Simple Storage Service API Reference_. + +If you're having trouble creating an Amazon S3 bucket, see [How do I troubleshoot errors when creating an Amazon S3 bucket?](https://repost.aws/knowledge-center/s3-create-bucket-errors) on AWS re:Post. @@ -27 +51,3 @@ You can use the Amazon S3 console, Amazon S3 APIs, AWS CLI, or AWS SDKs to creat -To minimize latency and costs and address regulatory requirements, choose a Region close to you. Objects stored in a Region never leave that Region unless you explicitly transfer them to another Region. For a list of Amazon S3 AWS Regions, see [AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the _Amazon Web Services General Reference_. + * After you create a bucket, you can't change its Region. + + * To minimize latency and costs and address regulatory requirements, choose a Region close to you. Objects stored in a Region never leave that Region unless you explicitly transfer them to another Region. For a list of Amazon S3 AWS Regions, see [AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the _Amazon Web Services General Reference_. @@ -37 +63 @@ The bucket name must: - * Be unique within a partition. A partition is a grouping of Regions. AWS currently has three partitions: `aws` (Standard Regions), `aws-cn` (China Regions), and `aws-us-gov` (AWS GovCloud (US) Regions). + * Be unique within a partition. A partition is a grouping of Regions. AWS currently has three partitions: `aws` (commercial Regions), `aws-cn` (China Regions), and `aws-us-gov` (AWS GovCloud (US) Regions). @@ -41 +67 @@ The bucket name must: - * Consist only of lowercase letters, numbers, dots (.), and hyphens (-). For best compatibility, we recommend that you avoid using dots (.) in bucket names, except for buckets that are used only for static website hosting. + * Consist only of lowercase letters, numbers, periods (`.`), and hyphens (`-`). For best compatibility, we recommend that you avoid using periods (`.`) in bucket names, except for buckets that are used only for static website hosting. @@ -45 +71 @@ The bucket name must: -After you create the bucket, you cannot change its name. The AWS account that creates the bucket owns it. For more information about naming buckets, see [General purpose bucket naming rules](./bucketnamingrules.html). + * For a complete list of bucket-naming rules, see [General purpose bucket naming rules](./bucketnamingrules.html). @@ -49 +75 @@ After you create the bucket, you cannot change its name. The AWS account that cr -Avoid including sensitive information, such as account numbers, in the bucket name. The bucket name is visible in the URLs that point to the objects in the bucket. + * After you create the bucket, you can't change its name. @@ -51 +77,3 @@ Avoid including sensitive information, such as account numbers, in the bucket na - 6. AWS Management Console allows you to copy an existing bucket's settings to your new bucket. If you do not want to copy the settings of an existing bucket, skip to the next step. + * Don't include sensitive information in the bucket name. The bucket name is visible in the URLs that point to the objects in the bucket. + + 6. (Optional) Under **General configuration** , you can choose to copy an existing bucket's settings to your new bucket. If you don't want to copy the settings of an existing bucket, skip to the next step. @@ -57,3 +85 @@ This option: - * Is not available in the AWS CLI and is only available in console - - * Is not available for directory buckets + * Isn't available in the AWS CLI and is only available in the Amazon S3 console @@ -61 +87 @@ This option: - * Does not copy the bucket policy from the existing bucket to the new bucket + * Doesn't copy the bucket policy from the existing bucket to the new bucket @@ -63 +89 @@ This option: -To copy an existing bucket's settings, under **Copy settings from existing bucket** , select **Choose bucket**. The **Choose bucket** window opens. Find the bucket with the settings that you would like to copy, and select **Choose bucket**. The **Choose bucket** window closes, and the **Create bucket** window re-opens. +To copy an existing bucket's settings, under **Copy settings from existing bucket** , select **Choose bucket**. The **Choose bucket** window opens. Find the bucket with the settings that you want to copy, and select **Choose bucket**. The **Choose bucket** window closes, and the **Create bucket** window reopens. @@ -65 +91 @@ To copy an existing bucket's settings, under **Copy settings from existing bucke -Under **Copy settings from existing bucket** , you will now see the name of the bucket you selected. You will also see a **Restore defaults** option that you can use to remove the copied bucket settings. Review the remaining bucket settings, on the **Create bucket** page. You will see that they now match the settings of the bucket that you selected. You can skip to the final step. +Under **Copy settings from existing bucket** , you now see the name of the bucket that you selected. The settings of your new bucket now match the settings of the bucket that you selected. If you want to remove the copied settings, choose **Restore defaults**. Review the remaining bucket settings on the **Create bucket** page. If you don't want to make any changes, you can skip to the final step. @@ -95 +121 @@ To enable all Block Public Access settings, only the `s3:CreateBucket` permissio - 9. (Optional) Under **Bucket Versioning** , you can choose if you wish to keep variants of objects in your bucket. For more information about versioning, see [Retaining multiple versions of objects with S3 Versioning](./Versioning.html). + 9. (Optional) By default, **Bucket Versioning** is disabled. Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your bucket. With versioning, you can recover more easily from both unintended user actions and application failures. For more information about versioning, see [Retaining multiple versions of objects with S3 Versioning](./Versioning.html). @@ -97 +123 @@ To enable all Block Public Access settings, only the `s3:CreateBucket` permissio -To disable or enable versioning on your bucket, choose either **Disable** or **Enable**. +To enable versioning on your bucket, choose **Enable**. @@ -99 +125 @@ To disable or enable versioning on your bucket, choose either **Disable** or **E - 10. (Optional) Under **Tags** , you can choose to add tags to your bucket. Tags are key-value pairs used to categorize storage. + 10. (Optional) Under **Tags** , you can choose to add tags to your bucket. With AWS cost allocation, you can use bucket tags to annotate billing for your use of a bucket. A tag is a key-value pair that represents a label that you assign to a bucket. For more information, see [Using cost allocation S3 bucket tags](./CostAllocTagging.html). @@ -103 +129 @@ To add a bucket tag, enter a **Key** and optionally a **Value** and choose **Add - 11. Under **Default encryption** , choose **Edit**. + 11. To configure **Default encryption** , under **Encryption type** , choose one of the following: @@ -105 +131 @@ To add a bucket tag, enter a **Key** and optionally a **Value** and choose **Add - 12. To configure default encryption, under **Encryption type** , choose one of the following: + * **Server-side encryption with Amazon S3 managed keys (SSE-S3)** @@ -107 +133 @@ To add a bucket tag, enter a **Key** and optionally a **Value** and choose **Add - * **Amazon S3 managed key (SSE-S3)** + * **Server-side encryption with AWS Key Management Service keys (SSE-KMS)** @@ -109 +135 @@ To add a bucket tag, enter a **Key** and optionally a **Value** and choose **Add - * **AWS Key Management Service key (SSE-KMS)** + * **Dual-layer server-side encryption with AWS Key Management Service (AWS KMS) keys (DSSE-KMS)** @@ -113 +139 @@ To add a bucket tag, enter a **Key** and optionally a **Value** and choose **Add -If you use the SSE-KMS option for your default encryption configuration, you are subject to the requests per second (RPS) quota of AWS KMS. For more information about AWS KMS quotas and how to request a quota increase, see [Quotas](https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) in the _AWS Key Management Service Developer Guide_. +If you use the SSE-KMS or DSSE-KMS option for your default encryption configuration, you are subject to the requests per second (RPS) quota of AWS KMS. For more information about AWS KMS quotas and how to request a quota increase, see [Quotas](https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) in the _AWS Key Management Service Developer Guide_. @@ -115 +141 @@ If you use the SSE-KMS option for your default encryption configuration, you are -Buckets and new objects are encrypted with server-side encryption with an **Amazon S3 managed key** as the base level of encryption configuration. For more information about default encryption, see [Setting default server-side encryption behavior for Amazon S3 buckets](./bucket-encryption.html). +Buckets and new objects are encrypted by using server-side encryption with Amazon S3 managed keys (SSE-S3) as the base level of encryption configuration. For more information about default encryption, see [Setting default server-side encryption behavior for Amazon S3 buckets](./bucket-encryption.html). For more information about SSE-S3, see [Using server-side encryption with Amazon S3 managed keys (SSE-S3)](./UsingServerSideEncryption.html). @@ -117 +143 @@ Buckets and new objects are encrypted with server-side encryption with an **Amaz -For more information about using Amazon S3 server-side encryption to encrypt your data, see [Using server-side encryption with Amazon S3 managed keys (SSE-S3)](./UsingServerSideEncryption.html). +For more information about using server-side encryption to encrypt your data, see [Protecting data with encryption](./UsingEncryption.html). @@ -119 +145 @@ For more information about using Amazon S3 server-side encryption to encrypt you - 13. If you chose **AWS Key Management Service key (SSE-KMS)** , do the following: + 12. If you chose **Server-side encryption with Amazon S3 managed keys (SSE-S3)** or **Dual-layer server-side encryption with AWS Key Management Service (AWS KMS) keys (DSSE-KMS)** , do the following: @@ -135 +161 @@ For more information about creating an AWS KMS key, see [Creating keys](https:// -You can use only KMS keys that are available in the same AWS Region as the bucket. The Amazon S3 console lists only the first 100 KMS keys in the same Region as the bucket. To use a KMS key that is not listed, you must enter your KMS key ARN. If you want to use a KMS key that is owned by a different account, you must first have permission to use the key and then you must enter the KMS key ARN. For more information on cross account permissions for KMS keys, see [Creating KMS keys that other accounts can use](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html#cross-account-console) in the _AWS Key Management Service Developer Guide_. For more information on SSE-KMS, see [Specifying server-side encryption with AWS KMS (SSE-KMS)](./specifying-kms-encryption.html). +You can use only KMS keys that are available in the same AWS Region as the bucket. The Amazon S3 console lists only the first 100 KMS keys in the same Region as the bucket. To use a KMS key that isn't listed, you must enter your KMS key ARN. If you want to use a KMS key that's owned by a different account, you must first have permission to use the key, and then you must enter the KMS key ARN. For more information about cross account permissions for KMS keys, see [Creating KMS keys that other accounts can use](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html#cross-account-console) in the _AWS Key Management Service Developer Guide_. For more information about SSE-KMS, see [Specifying server-side encryption with AWS KMS (SSE-KMS)](./specifying-kms-encryption.html). For more information about DSSE-KMS, see [Using dual-layer server-side encryption with AWS KMS keys (DSSE-KMS)](./UsingDSSEncryption.html). @@ -139,3 +165 @@ When you use an AWS KMS key for server-side encryption in Amazon S3, you must ch -For more information about creating an AWS KMS key, see [Creating keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) in the _AWS Key Management Service Developer Guide_. For more information about using AWS KMS with Amazon S3, see [Using server-side encryption with AWS KMS keys (SSE-KMS)](./UsingKMSEncryption.html). - - 2. When you configure your bucket to use default encryption with SSE-KMS, you can also enable S3 Bucket Keys. S3 Bucket Keys lower the cost of encryption by decreasing request traffic from Amazon S3 to AWS KMS. For more information, see [Reducing the cost of SSE-KMS with Amazon S3 Bucket Keys](./bucket-key.html). + 2. When you configure your bucket to use default encryption with SSE-KMS, you can also use S3 Bucket Keys. S3 Bucket Keys lower the cost of encryption by decreasing request traffic from Amazon S3 to AWS KMS. For more information, see [Reducing the cost of SSE-KMS with Amazon S3 Bucket Keys](./bucket-key.html). S3 Bucket Keys aren't supported for DSSE-KMS. @@ -143 +167 @@ For more information about creating an AWS KMS key, see [Creating keys](https:// -To use S3 Bucket Keys, under **Bucket Key** , choose **Enable**. +By default, S3 Bucket Keys are enabled in the Amazon S3 console. We recommend leaving S3 Bucket Keys enabled to lower your costs. To disable S3 Bucket Keys for your bucket, under **Bucket Key** , choose **Disable**. @@ -145 +169 @@ To use S3 Bucket Keys, under **Bucket Key** , choose **Enable**. - 14. (Optional) If you want to enable S3 Object Lock, do the following: + 13. (Optional) S3 Object Lock helps protect new objects from being deleted or overwritten. For more information, see [Locking objects with Object Lock](./object-lock.html). If you want to enable S3 Object Lock, do the following: @@ -151 +175 @@ To use S3 Bucket Keys, under **Bucket Key** , choose **Enable**. -Enabling Object Lock also enables versioning for the bucket. After enabling you must configure the Object Lock default retention and legal hold settings to protect new objects from being deleted or overwritten. +Enabling Object Lock automatically enables versioning for the bucket. After you've enabled and successfully created the bucket, you must also configure the Object Lock default retention and legal hold settings on the bucket's **Properties** tab. @@ -155,2 +178,0 @@ Enabling Object Lock also enables versioning for the bucket. After enabling you -For more information, see [Locking objects with Object Lock](./object-lock.html). - @@ -159 +181 @@ For more information, see [Locking objects with Object Lock](./object-lock.html) -To create an Object Lock enabled bucket, you must have the following permissions: `s3:CreateBucket`, `s3:PutBucketVersioning` and `s3:PutBucketObjectLockConfiguration`. +To create an Object Lock enabled bucket, you must have the following permissions: `s3:CreateBucket`, `s3:PutBucketVersioning`, and `s3:PutBucketObjectLockConfiguration`. @@ -161 +183 @@ To create an Object Lock enabled bucket, you must have the following permissions - 15. Choose **Create bucket**. + 14. Choose **Create bucket**. @@ -166 +188 @@ To create an Object Lock enabled bucket, you must have the following permissions -When you use the AWS SDKs to create a bucket, you must create a client and then use the client to send a request to create a bucket. As a best practice, you should create your client and bucket in the same AWS Region. If you don't specify a Region when you create a client or a bucket, Amazon S3 uses the default Region, US East (N. Virginia). If you want to constrain the bucket creation to a specific AWS Region, use the [`LocationConstraint`](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketConfiguration.html) condition key. +When you use the AWS SDKs to create a bucket, you must create a client and then use the client to send a request to create a bucket. As a best practice, you should create your client and bucket in the same AWS Region. If you don't specify a Region when you create a client or a bucket, Amazon S3 uses the default Region, US East (N. Virginia). If you want to constrain the bucket creation to a specific AWS Region, use the [LocationConstraint](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketConfiguration.html) condition key. @@ -168 +190 @@ When you use the AWS SDKs to create a bucket, you must create a client and then -To create a client to access a dual-stack endpoint, you must specify an AWS Region. For more information, see [Using Amazon S3 dual-stack endpoints ](https://docs.aws.amazon.com/AmazonS3/latest/API/dual-stack-endpoints.html#dual-stack-endpoints-description) in the _Amazon S3 API Reference_ . For a list of available AWS Regions, see [Regions and endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html) in the _AWS General Reference_. +To create a client to access a dual-stack endpoint, you must specify an AWS Region. For more information, see [Using Amazon S3 dual-stack endpoints ](https://docs.aws.amazon.com/AmazonS3/latest/API/dual-stack-endpoints.html#dual-stack-endpoints-description) in the _Amazon S3 API Reference_. For a list of available AWS Regions, see [Amazon Simple Storage Service endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/s3.html) in the _AWS General Reference_. @@ -178 +200,2 @@ These AWS SDK code examples perform the following tasks: - * **Retrieve information about the location of the bucket** – Amazon S3 stores bucket location information in the _location_ subresource that is associated with the bucket. + * **Retrieve information about the location of the bucket** – Amazon S3 stores bucket location information in the _location_ subresource that's associated with the bucket. + @@ -181,0 +205 @@ These AWS SDK code examples perform the following tasks: +For additional AWS SDK examples and examples in other languages, see [Use CreateBucket with an AWS SDK or CLI](https://docs.aws.amazon.com/AmazonS3/latest/API/s3_example_s3_CreateBucket_section.html) in the _Amazon Simple Storage Service API Reference_. @@ -212 +236 @@ The following example shows you how to create a bucket with a GUID at the end of -This example shows you how to create an Amazon S3 bucket using the AWS SDK for Java. For instructions on creating and testing a working sample, see [Getting Started](https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/getting-started.html) in the AWS SDK for Java Developer Guide. +This example shows you how to create an Amazon S3 bucket by using the AWS SDK for Java. For instructions on creating and testing a working sample, see the [AWS SDK for Java 2.x Developer Guide](https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/home.html). @@ -265 +289 @@ This example shows you how to create an Amazon S3 bucket using the AWS SDK for J -For information about how to create and test a working sample, see [AWS SDK for .NET Version 3 API Reference](https://docs.aws.amazon.com/sdkfornet/v3/apidocs/Index.html). +For information about how to create and test a working sample, see the [AWS SDK for .NET Version 3 API Reference](https://docs.aws.amazon.com/sdkfornet/v3/apidocs/Index.html). @@ -333 +357 @@ Ruby -For information about how to create and test a working sample, see [AWS SDK for Ruby - Version 3](https://docs.aws.amazon.com/sdkforruby/api/index.html). +For information about how to create and test a working sample, see the [AWS SDK for Ruby - Version 3](https://docs.aws.amazon.com/sdk-for-ruby/v3/api/). @@ -395 +419 @@ The following AWS CLI example creates a bucket in the US West (N. California) Re -For more information, see [create-bucket](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/create-bucket.html) in the _AWS CLI Command Reference_. +For more information and additional examples, see [create-bucket](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/create-bucket.html) in the _AWS CLI Command Reference_.