I've recently moved the images from my site to s3. I'm having nightmares about someone getting hold of the access keys, going in and deleting all my buckets.
Please share some s3 security tips and what to do in case of such a scenario ? (please don't say "keep your keys in a safe place").
When I had the images with my (regular) hosting company, I could rest knowing they keep daily snapshot backups so worst case I would ever lose is 1 day of data.
thanks in advance.
If you're really worried, some extra steps you could take are:
keep spare backups somewhere else, either a different amazon account (the worry is about access to the keys, not amazon's infrastructure failing, right?) or someplace entirely different like Rackspace's cloud... or both - and keep those keys closely-held.
change the keys often - IIRC you can tell amazon to revoke your past keys and give you new ones - this will keep any breach time-limited, at the cost of having to develop ways to quickly disseminate the new keys to those who do need to know.