Posted On: Dec 1, 2024
Amazon S3 updates the default behavior of object upload requests with new data integrity protections that build upon S3’s existing durability posture. The latest Amazon SDKs now automatically calculate CRC-based checksums for uploads as data is transmitted over the network. S3 independently verifies these checksums and accepts objects after confirming that data integrity was maintained in transit over the public internet. Additionally, S3 now stores a CRC-based whole-object checksum in object metadata, even for multipart uploads, which helps you to verify the integrity of an object stored in S3 at any time.
S3 has always validated the integrity of object uploads from the S3 API to storage by calculating MD5 checksums and allowed customers to provide their own pre-calculated MD5 checksums for integrity validation. S3 also supports five additional checksum algorithms, CRC64NVME, CRC32, CRC32C, SHA-1, and SHA-256, for integrity validations on upload and download. Using checksums for data validation is a best practice for data durability, and this new default behavior adds additional data integrity protections with no changes to your applications and at no additional cost.
Default checksum protections are rolling out to all the Amazon Web Services Regions, including the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD, in the next few weeks. To get started, you can use the Amazon Web Services Management Console or the latest SDKs to upload objects. To learn more about checksums in S3, view the S3 User Guide.