Short description
-----------------

You pay for all the bandwidth into and out of Amazon S3, except for the following:

*   Data that's transferred out to the internet for the first 100 GB per month  
    **Note:** This is aggregated across all AWS services and Regions except Amazon Web Services in China and AWS GovCloud (US).
*   Data that's transferred in from the internet
*   Data that's transferred between S3 buckets in the same AWS Region
*   Data that's transferred from an Amazon S3 bucket to any service within the same Region as the S3 bucket  
    **Note:** This includes data that's transferred to a different account in the same Region.
*   Data that's transferred out to Amazon CloudFront

Resolution
----------

1.    To identify the buckets that are responsible for high data transfer, [check your S3 usage report](https://docs.aws.amazon.com/AmazonS3/latest/userguide/aws-usage-report.html). The report helps you to review the operation, Region, and time when the data transfer occurred.

2.    To identify the usage types that correspond to data transfer, see [Understanding your AWS billing and usage reports for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/aws-usage-report-understand.html).

3.    Review the [S3 server access logs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html) that are associated with the buckets that are responsible for high data transfer charges. This helps you to view detailed information about the requests. You can query the server access logs using Amazon Athena to get information on a specific date and time, operations, and requesters. For example, run the following query to see the amount of data that was transferred through a certain IP address during a specific time period:

```plaintext
SELECT SUM(bytessent) as uploadtotal,SUM(objectsize) as downloadtotal,SUM(bytessent + objectsize) AS total FROM s3_access_logs_db.mybucket_logsWHERE remoteIP='1.2.3.4' AND parse_datetime(requestdatetime,'dd/MMM/yyyy:HH:mm:ss Z')BETWEEN parse_datetime('2021-07-01','yyyy-MM-dd')AND parse_datetime('2021-08-01','yyyy-MM-dd');
```

For more information, see [How do I analyze my Amazon S3 server access logs using Athena?](https://repost.aws/knowledge-center/analyze-logs-athena)

Related information
-------------------

[Understanding data transfer charges](https://docs.aws.amazon.com/cur/latest/userguide/cur-data-transfers-charges.html)

[Amazon S3 request metrics in CloudWatch](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metrics-dimensions.html#s3-request-cloudwatch-metrics)

[AWS Pricing Calculator](https://calculator.aws/#/addService/S3)

I incurred high data transfer charges for Amazon Simple Storage Service (Amazon S3). I want to identify the buckets that caused the high data transfer charges.

Identify data transfer costs in Amazon S3

How do I Identify data transfer costs in Amazon S3?

How do I Identify data transfer costs in Amazon S3?

Short description

Resolution

Related information

Relevant content