 | Feedback |  |
Amazon S3 authentication is used to validate the identity of the party making a request. Most requests to Amazon S3 require authentication to verify that the subscriber is authorized to perform the requested action. Authentication ensures that you don't get charged for operations you did not authorize.
Security always relies on a secret. For Amazon S3 (and other AWS services), your secret is your AWS Secret Access Key. It should not be shared with others outside your organization, even if a request appears to come from Amazon.com. The AWS Secret Access Key is paired with an AWS Access Key ID. The AWS Access Key ID identifies you in your requests to Amazon S3. When a request is received with an AWS Access Key ID, Amazon S3 verifies that the sender of the request knows the corresponding AWS Secret Access Key by validating a signature that is included with the request. You can find your AWS Access Key ID and Secret Access Key by visiting the AWS Access Key Identifiers page.
In the following samples, you simply add your AWS Access Key ID and AWS Secret Key to the sample files. For more information about authentication, go to the Amazon Simple Storage Service Developer Guide.
![[Note]](images/note.png) | Note |
|---|---|
Depending on how the ACL is set, Amazon S3 can accept anonymous requests. |
