- Newest
- Most votes
- Most comments
With the launch of Amazon S3 Files, you no longer need boto3 for basic object interaction. Once you have attached the S3 file system to your Lambda function (via the Configuration > File systems tab), you treat S3 objects as if they were on a local disk.
Python Example
This example assumes your mount path is configured as /mnt/s3data.
import os
def lambda_handler(event, context):
mount_path = '/mnt/s3data'
file_path = os.path.join(mount_path, 'example.txt')
# Writing directly to S3
with open(file_path, 'w', encoding='utf-8') as f:
f.write("Hello from S3 Files!")
# Reading directly from S3
if os.path.exists(file_path):
with open(file_path, 'r') as f:
print(f"Content: {f.read()}")
return {"status": "success", "files": os.listdir(mount_path)}
Technical Requirements:
- VPC & Security Groups: Lambda must be in the same VPC as the S3 Mount Target; allow NFS (Port 2049) in your Security Groups.
- IAM Permissions: The execution role needs s3files:ClientMount and s3files:ClientWrite, plus standard s3:GetObject permissions.
- Reference: See the official AWS News Blog (April 2026) titled "Launching S3 Files, making S3 buckets accessible as file systems" for the full architectural breakdown.
https://aws.amazon.com/blogs/aws/launching-s3-files-making-s3-buckets-accessible-as-file-systems/
https://aws.amazon.com/about-aws/whats-new/2026/04/amazon-s3-files/
Does that answer your question?
Thank you for your answer,
I made all the configurations and when tested, I had the below error. It seams that the function does not start, because S3File system does not mount. I also used AmazonQ to investigate, and all checks suggested by this seams ok. Did I missed something, or is there a particular configuration in my account ?Response: Calling the invoke API action failed with this message: The function couldn't mount the Amazon S3 Files file system with access point <access_point_id>One more thing to mention is that CloudWatch did not start any record (not even standard ones: START RequestId, END RequestId, INIT_START Runtime Version) ! Thank you,
One more thing to mention is that : when I try to mount from an Amazon Linux instance - Management Console - CloudShellConsole (
sudo mount -t s3files fs-<id> /mnt/s3files) I have the error:Cannot retrieve AZ-ID from instance metadata service (IMDS). Ensure IMDS is reachable and that the instance has the correct IAM permissions. This is required for S3Files mounts using {az_id} in dns_name_format. You can also specify the AZ ID directly using the mount option: -o azid=<az-id>.When running Reachability Analyzer the path FROM Linux instance Network Interface TO S3 Files Mount Target IP, in same AZ, is valid. But indeed when calling IMDS from CloudShell any of the below, nothing is found:
curl http://169.254.169.254/latest/meta-data/placement/availability-zone curl http://169.254.169.254/latest/meta-data/placement/availability-zone-id curl http://169.254.169.254/latest/meta-data/placement/host-id curl http://169.254.169.254/latest/meta-data/instance-id curl http://169.254.169.254/latest/meta-data/local-ipv4 <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body> </html>~ $@rePost-User-4717319 CloudShell environments run in AWS-managed ECS container tasks, not on plain EC2 instances. That's why EC2 instance metadata isn't available.
Thank you for your answer,
Please clarify the information from Management Console -> S3Files -> Attach to an EC2 instance screen, as seen in screenshot S3Files attach to EC2 , where it states that S3File could be mounted with CloudShell, but where it does not have the appropriate environment ("EC2 instance metadata isn't available"). I mention that I tested with running EC2 instance, as requested in the screen.
I don't have specific code examples for using the S3 Files feature with Lambda functions in Python from the available information. However, I can explain the general approach for configuring this feature.
S3 Files allows Lambda functions to access Amazon S3 objects as files using standard file system operations through a local mount path. To use this feature, you need to:
-
Set up prerequisites: Ensure you have an S3 file system with mount targets in the same VPC as your Lambda function, and configure the appropriate security groups to allow NFS traffic.
-
Configure IAM permissions: Your Lambda function's execution role needs permissions including
s3files:ClientMountands3files:ClientWriteto mount the file system, pluss3:GetObjectands3:GetObjectVersionto read from S3. -
Attach the file system: In the Lambda console, go to your function's Configuration tab, select File systems, and attach your S3 file system by specifying a local mount path and selecting an access point if needed.
-
Access files in your code: Once configured, your Python Lambda function can access S3 objects through the local mount path using standard file operations, similar to how you would read/write files on a local file system.
The file system will be available the next time your Lambda function is invoked, allowing you to read large files, share data across invocations, or write output to persistent storage through the mounted path.
Sources
Mounting S3 file systems on AWS Lambda functions - Amazon Simple Storage Service
Configuring Amazon S3 Files access - AWS Lambda
Relevant content
- asked 12 days ago
- AWS OFFICIALUpdated 3 years ago
If my answer was helpful, I would appreciate it if you could mark it as the accepted answer.