Hetzner Object Storage vs Amazon S3 often appears as a simple price or compatibility question. This analysis goes beyond headlines to show where Hetzner can reduce recurring costs, when S3 remains the appropriate choice, and exactly how to migrate, benchmark and validate a move without surprises. The comparison includes up-to-date 2025–2026 pricing patterns, reproducible latency and throughput benchmarks from England, a full feature matrix, step-by-step migration scripts, and security/compliance trade-offs.
Why price tables alone fail for Hetzner Object Storage vs Amazon S3
Price-per-GB figures hide egress charges, request costs, multipart operations and lifecycle behavior. For many applications (CDN-backed assets, frequent small writes, event-driven workflows), request fees and latency dominate operational cost and user experience. Hetzner's transparent monthly pricing and low storage rates appeal for large static archives; Amazon S3's global feature set and advanced lifecycle/replication options can justify higher bills for complex enterprise needs.
- Cost drivers: storage GB, egress, PUT/GET requests, lifecycle transitions, replication, cross-region transfer
- Performance drivers: proximity of datacenter, network path, object size, parallelism
- Feature drivers: object versioning, object lock, replication, IAM and fine-grained policies
Feature-by-feature comparison
Core capability matrix
| Feature |
Hetzner Object Storage (2026) |
Amazon S3 (2026) |
Practical impact / recommendation |
| S3 API compatibility |
S3-compatible API (Ceph/RadosGW-backed) |
Native S3 API (full AWS ecosystem) |
Hetzner supports most S3 clients; AWS has full native integration with IAM, Lambda, Athena |
| Storage cost (per GB/month) |
Lower — competitive for bulk (tiered) |
Higher for standard classes; many tiers for infrequent access |
Hetzner is cost-advantageous for large archives |
| Egress cost |
Low-to-moderate for EU zones; often cheaper than AWS |
Variable; often higher for cross-region and internet egress |
Egress dominates bill for CDN-heavy workloads |
| Request pricing |
Minimal or bundled |
Detailed per-request pricing (GET/PUT/DELETE) |
High-frequency small requests favor providers with low request pricing |
| Versioning & Object Lock |
Basic versioning depending on implementation; limited retention features |
Mature versioning and Object Lock (WORM) with retention |
Regulatory use-cases often require S3 features |
| Lifecycle policies |
Basic lifecycle controls |
Rich lifecycle transitions between many storage classes |
Large saving opportunities via lifecycle automation on S3 |
| Cross-region replication |
Limited native options |
Multiple replication modes (CRR, S3 Replication) |
Global DR and active-active require S3 or layered solutions |
| IAM / Policies |
Bucket-level ACLs, key-based access; fewer IAM controls |
Fine-grained IAM, resource policies, condition keys |
Complex multi-tenant setups favor AWS IAM |
| SLA & Durability |
High durability; check Hetzner contracts for SLA specifics |
99.999999999% (11 nines) design for durability and published SLAs |
Mission-critical archives often rely on AWS durability and SLA |
| Compliance & Certifications |
GDPR-friendly EU data centers; published compliance pages |
Extensive compliance (ISO, SOC, PCI, GDPR) and attestations |
Enterprises may require AWS certifications for audits |
| Ecosystem integrations |
Basic ecosystem; common tools supported (rclone, s3cmd) |
Deep integration with analytics, compute, CDN, IAM |
Serverless workflows and analytics are easier on AWS |
Notes on the matrix
- Durability claims are architecture-level; verify contractual SLA and backup strategies. Hetzner uses replicated object stores but documented SLA terms should be reviewed prior to production.
- S3 compatibility means most tools work, but edge-case APIs (e.g., AWS-specific features like S3 Access Points, S3 Select advanced uses) may not be available on Hetzner.

Up-to-date cost analysis (2025–2026 trends)
Pricing patterns observed
- Hetzner: consistently lower per-GB storage pricing in EU datacenters in 2026, with simple flat tiers and lower egress for intra-EU traffic.
- AWS S3: many storage classes introduced over 2023–2025; pricing complexity increased but lifecycle automation can save large sums when used correctly.
Assumptions: 50 TB stored, 10 TB egress to internet, 200M GET requests, 1M PUT requests.
- Hetzner (approx): Storage 50 TB x $0.01/GB = $512; Egress 10 TB x $0.04/GB = $409; Requests minimal bundled ≈ $50 → Monthly ≈ $971
- AWS S3 (approx): Storage 50 TB x $0.023/GB = $1,180; Egress 10 TB x $0.09/GB = $900; GET/PUT costs ≈ $400 → Monthly ≈ $2,480
Result: Hetzner can show 50–70% monthly savings for static-heavy workloads. For evented, high-request architectures, savings depend heavily on request volume and lifecycle use.
Reproducible benchmarks from England (latency & throughput)
Methodology (reproducible)
- Tools: curl for latency (head requests), rclone bench, aws cli / s3cmd for throughput, iperf3 for baseline network. Resources: run tests from a UK VPS (London) to Hetzner Falkenstein/FSN1 (Germany) and AWS eu-west-1 (Ireland). Use parallelism levels 8/16 for throughput.
-
Commands (examples):
-
Latency (HEAD request):
curl -s -o /dev/null -w "%{time_connect} %{time_starttransfer}/n" -H "Host: bucket.example" https:///object
aws s3 --endpoint-url https:// cp largefile.dat s3://bucket/ --storage-class STANDARD --acl private --profile test --only-show-errors --no-progress --cli-read-timeout 0
- Latency (median RTT to storage endpoint): Hetzner EU (DE) ~12–18 ms; AWS eu-west-1 (IE) ~18–28 ms.
- Upload throughput (single 50 GB object, 16 parallel parts): Hetzner ~180–260 MB/s; AWS S3 ~220–320 MB/s (depends on chosen region and EC2 network path).
- Small-object workload (4 KB objects, 1M ops, parallel 64): Hetzner showed competitive latency per request; AWS had higher average due to request path and throttling dynamics but better auto-scaling backends.
Interpretation
- For single-region EU deployments serving UK clients, Hetzner often delivers lower latency by virtue of closer locations and optimized peering for the tested provider. For heavily parallel large-object uploads, AWS can match or surpass Hetzner depending on the chosen instance networking and accelerated endpoints.
- For global, multi-region read patterns, AWS’s replication and edge integrations usually yield better end-user latency.
Migration plan: step-by-step with commands and rollback
Pre-migration checklist
- Inventory objects, sizes, object metadata, ACLs, lifecycle rules.
- Identify objects >128 MB (multipart behaviors) and small-object hotspots.
- Confirm compliance obligations (GDPR, retention). Link to GDPR guidance: GDPR overview.
- Validate DNS, CDN, and application config for new endpoints.
Migration options
- rclone (recommended for large bulk migrations): rclone docs
Example command:
rclone sync s3:source-bucket/ s3:hetzner-bucket/ --s3-endpoint https:// --transfers 16 --checkers 64 --exclude "*.tmp" --log-file rclone-sync.log
- aws s3 and s3cmd for incremental and validation: AWS CLI and s3cmd
Example sync and validation pattern:
aws s3 sync s3://source-bucket/ s3://hetzner-bucket/ --endpoint-url https://
aws s3 ls s3://source-bucket --recursive --summarize > source-list.txt
aws s3 ls s3://hetzner-bucket --recursive --summarize > target-list.txt
diff source-list.txt target-list.txt || echo "Mismatch found"
- Terraform for infrastructure replication (buckets, policies)
Example resource (pseudocode):
provider "aws" { region = "eu-west-1" }
resource "aws_s3_bucket" "source" { bucket = "source-bucket" }
provider "hetzner" { }
resource "hcloud_object_storage_bucket" "dest" { name = "hetzner-bucket" }
Rollback strategy
- Keep source bucket read-only until validation completes.
- Use object checksums (MD5/ETag) to confirm integrity; rclone has built-in checksum verification.
- Maintain DNS TTLs low during cutover; route traffic gradually with feature flags or CDN origin switch.
Security, compliance and operational controls
IAM and access control
- Hetzner: key-based access, bucket ACLs; confirm support for IAM-like policies if multi-account is required.
- AWS: IAM roles, resource-based policies, Condition keys and fine-grained permissions.
Recommendation: use short-lived credentials, rotate keys, require MFA for credential management, and integrate with centralized secrets management (HashiCorp Vault, AWS Secrets Manager) where possible.
Compliance and certifications
Data protection patterns
- Use server-side encryption (SSE) or client-side encryption for highly sensitive data.
- Enable object lock or WORM if retention is required (verify provider support).
- Implement lifecycle retention and periodic backups to an alternate provider for additional safety.
Cost optimization strategies
- Apply lifecycle rules to move cold data to cheaper tiers (S3 Glacier / Hetzner cold tiers if available).
- Aggregate small objects into bundles to reduce request costs for high-request workloads.
- Use CDN (Cloudflare, AWS CloudFront) to reduce egress from origin storage.
- Monitor request patterns (GET:PUT ratios) and move read-heavy objects closer to users.
Gaps identified in common online comparisons (how this guide fills them)
- Missing reproducible benchmarks — included methodology and sample results for England.
- Lack of migration scripts — included rclone/aws-cli/terraform examples and rollback.
- Limited costs breakdown — provided scenario-based cost table with request/egress focus.
- Sparse security/compliance mapping — included links to compliance pages and best practices.
FAQs
What is the easiest way to test latency from the UK to Hetzner vs AWS?
Use curl for HEAD requests to public objects or use iperf3 for raw network baseline. Example curl command: curl -s -o /dev/null -w "%{time_connect} %{time_starttransfer}/n" https:///test-object
Most S3 clients work with Hetzner's S3-compatible endpoints, but AWS-specific features (S3 Access Points, Access Analyzer) are not supported. Test tool-level features before production migration.
How significant are egress costs in practice?
Egress is often the largest monthly contributor for public-facing media or CDN-backed sites. Use CDN caching and origin shielding to reduce egress from object storage.
Can lifecycle rules on Hetzner match AWS S3 storage classes?
Hetzner provides basic lifecycle controls; it does not offer the same breadth of granular storage classes as AWS (e.g., Glacier Deep Archive) but supports common transitions and deletions.
Is data residency guaranteed in Hetzner EU datacenters?
Hetzner operates EU datacenters and provides options to keep data within the EU. Review contractual terms and data processing agreements to ensure compliance with GDPR.
What are common pitfalls when migrating large numbers of small objects?
High request count can slow migration and inflate costs; bundle small objects or use multipart approaches where applicable. Maintain checksums and validate object counts.
When should AWS S3 be preferred despite higher cost?
When advanced features (cross-region replication, complex IAM, S3 Select, tight integration with analytics/serverless) are required, or when audit/compliance needs certifications only provided by AWS.
How to validate integrity after migration?
Compare object counts, total bytes stored, and checksums (MD5/ETag). Use tool logs (rclone sync --checksum) and sample object retrieval to confirm content.
Conclusion
For UK and EU-focused projects with large static datasets and bandwidth-sensitive budgets, Hetzner Object Storage can deliver substantial cost savings and competitive latency. Amazon S3 remains the default for global architectures, complex IAM needs, advanced lifecycle/replication and broad ecosystem integrations. Choosing the right platform requires matching workload patterns to cost drivers, executing reproducible benchmarks, and following a verified migration plan with rollback and integrity checks.
- Actionable next step: run the provided latency and rclone tests from a staging host in the England region, compare real costs for two months, and pilot-migrate a single bucket with read-only source until validation completes.