Richard's Diary

Sunday, January 11, 2009

Amazon S3 Note the security precautions in http://docs.amazonwebservices.com/AWSEC2/latest/DeveloperGuide/building-shared-amis.html. (Mounting proc is no longer necessary in http://docs.amazonwebservices.com/AWSEC2/latest/DeveloperGuide/ami-via-loopback.html)
  1. clear history of root commands (in particular note when S3 password appears on command line)
  2. ssh keys deleted in /root/.ssh and /etc/ssh
  3. root cannot login (already done if you leverage an existing Amazon AMI)
  4. root password is randomized (already done if you leverage an existing Amazon AMI)

Ruby s3 utils
  1. amazon library which doesn't stream http://developer.amazonwebservices.com/connect/entry.jspa?externalID=135
    conn = S3::AWSAuthConnection.new("user","pass")
    response=conn.create_bucket("picky-ricky")
  2. right_aws is from nov 08 and streams http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1014
  3. s3sync/s3cmd is from june 08 and streams http://developer.amazonwebservices.com/connect/entry.jspa?externalID=931
  4. aws-s3 is from july 08
  5. http://github.com/grempe/amazon-ec2
  6. rsh3ll is from 2006 and doesn't let you specify location http://www.developer.com/lang/other/article.php/3624096
  7. ruby-aws is a library for affiliate api

© 2010 Picky Ricky, Inc. originalblog