Understanding Amazon S3 Storage Lens: Discover Its Features

Jay TilluJay Tillu
6 min read

Table of contents

Arjun had been storing more and more files in Amazon S3. With new buckets created across projects, accounts, and regions, he started wondering:

“How do I track what’s growing, what’s costing me the most, and where I might be wasting space?”

That’s when he discovered Amazon S3 Storage Lens — a tool that gives deep insights into S3 usage, cost, and best practices.

📊 What Is S3 Storage Lens?

S3 Storage Lens is like an analytics dashboard for all your S3 storage. It helps you:

  • Discover unusual usage patterns

  • Reduce storage costs

  • Improve data protection settings

  • Analyze trends over time

And it works across:

  • ✅ Multiple buckets

  • ✅ Regions

  • ✅ AWS accounts

  • ✅ Even down to prefixes (folders)

📈 How Does It Work?

S3 Storage Lens collects metrics and shows them in a dashboard. You can:

  • Use the default dashboard (enabled by default)

  • Or create custom dashboards for specific accounts, buckets, or regions

You can also export reports as CSV or Parquet files to your own S3 bucket.

🧪 Example Use Cases Arjun Explored

GoalWhat Arjun Used
Find large unused bucketsChecked storage bytes and object counts
Spot old or incomplete uploadsLooked at incomplete multipart uploads
Check security complianceUsed data protection metrics like versioning or SSE-KMS
Analyze activity trendsReviewed GET/PUT request data
Track access issuesMonitored HTTP status codes like 403 or 404

🛡️ Types of Metrics in Amazon S3 Storage Lens

Arjun discovered that S3 Storage Lens groups metrics into categories, each helping answer a different type of question about his storage usage, cost, or security.

Here’s a breakdown of each category with simple examples:

📦 1. Summary Metrics

What they show:

  • Total storage used (in bytes)

  • Number of objects in a bucket or prefix

  • Average object size

Why it’s useful:
These are your high-level stats. You can track:

  • Which buckets are growing fastest

  • Which buckets are idle (object count and size not changing)

  • Whether you’re storing a lot of small files or fewer large ones

🧠 Example: Arjun found a bucket storing over 10 million tiny logs. Now he knows it might need archiving or reorganization.

💰 2. Cost Optimization Metrics

What they show:

  • Non-current version storage (older versions of objects)

  • Incomplete multipart uploads (wasted space)

  • Storage class breakdown (e.g., S3 Standard vs Glacier)

Why it’s useful:
These metrics help reduce your S3 bill by pointing out:

  • Objects you could archive or delete

  • Space wasted by unfinished uploads

  • Opportunities to move cold data to cheaper storage tiers

💡 Example: Arjun spotted 5 GB of storage from failed uploads and deleted them, instantly saving money.

🔐 3. Data Protection Metrics

What they show:

  • Which buckets have versioning enabled

  • Which ones use SSE-KMS encryption

  • If MFA Delete is turned on

  • Cross-region replication rules

Why it’s useful:
These metrics highlight buckets that may be missing security best practices or compliance requirements.

🔍 Example: Arjun identified a bucket with no versioning and added it to prevent accidental file loss.

🔑 4. Access Management Metrics

What they show:

  • Bucket and object ownership types

  • Are you using Bucket Owner Enforced or Object Writer settings?

Why it’s useful:
Ownership conflicts can lead to access issues, especially in cross-account setups. This helps you fix inconsistent settings.

🛠️ Example: Arjun saw that a shared bucket used “Object Writer” ownership — which caused permission problems. He changed it to "Bucket Owner Enforced".

🔁 5. Event & Performance Metrics

What they show:

  • Number of buckets with event notifications enabled

  • Buckets using S3 Transfer Acceleration

Why it’s useful:
Event metrics help ensure your automation is working (e.g., triggering Lambda or SQS), and performance metrics tell you if you’re using tools to speed up file access.

🚀 Example: Arjun realized most of his buckets weren’t using Transfer Acceleration for global uploads — an easy performance win.

🔍 6. Activity Metrics

What they show:

  • Total number of GET, PUT, DELETE, and other requests

  • How many bytes were uploaded/downloaded

  • Trends in usage over time

Why it’s useful:
Understand which buckets are most active, and how they’re being used.

📈 Example: Arjun spotted that a backup bucket had high PUT activity but no GETs — a clear candidate for infrequent access storage.

📡 7. HTTP Status Code Metrics

What they show:

  • Successes: 200 OK

  • Client errors: 403 Forbidden, 404 Not Found

  • Server errors (if any)

Why it’s useful:
You can spot broken apps or misconfigured permissions by tracking error trends.

⚠️ Example: Arjun found a spike in 403 errors — someone was trying to access a bucket without the right policy.

💡 Free vs. Paid Metrics

TypeFreeAdvanced (Paid)
Metrics Count28 basic metrics+100 advanced metrics
Retention14 days15 months
Prefix-level stats✅ Yes
CloudWatch integration✅ Yes
Status code insights✅ Yes
Activity details✅ Yes

Arjun decided to stick with the free tier at first, but made note of the paid tier when he needed deeper analysis or historical tracking.

📘 SAA Exam Tips

  • Storage Lens gives usage and activity metrics for your S3 buckets

  • Default dashboard covers all accounts and regions

  • Metrics help with:

    • Cost optimization

    • Security posture

    • Access patterns

  • Free = 28 metrics for 14 days

  • Paid = Full features, prefix-level detail, 15-month retention

🎯 Arjun’s Final Take

“With S3 Storage Lens, I can finally see what’s happening across all my buckets — what’s growing, what’s stale, and what needs fixing. It’s like getting X-ray vision for my cloud storage.”

More AWS SAA Articles

Follow me for more such content

0
Subscribe to my newsletter

Read articles from Jay Tillu directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSAWS Certified Solutions Architect AssociateAmazon S3Amazon Web ServicesCloudCloud Computingcloud native

Written by

Jay Tillu
Jay Tillu

Hello! I'm Jay Tillu, an Information Security Engineer at Simple2Call. I have expertise in security frameworks and compliance, including NIST, ISO 27001, and ISO 27701. My specialities include Vulnerability Management, Threat Analysis, and Incident Response. I have also earned certifications in Google Cybersecurity and Microsoft Azure. I’m always eager to connect and discuss cybersecurity—let's get in touch!