Hacker News new | past | comments | ask | show | jobs | submit login

Fantastic list with much more depth than I expected. Some surprises that others might be interested in from this article and comments below:

  [1] Keeping buckets locked down and allowing direct client -> S3 uploads
  [2] Using ALIAS records for easier redirection to core AWS resources instead of CNAMES.
  [3] What's an ALIAS?
  [-] Using IAM Roles
  [4] Benefits of using a VPC
  [-] Use '-' instead of '.' in S3 bucket names that will be accessed via HTTPS.
  [-] Automatic security auditing (damn, entire section was eye-opening)
  [-] Disable SSH in security groups to force you to get automation right.

[1] http://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlU...

[2] http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/Cre...

[3] http://blog.dnsimple.com/2011/11/introducing-alias-record/

[4] http://www.youtube.com/watch?v=Zd5hsL-JNY4




I like SSH. But I'm the founder of Userify ;) http://userify.com

Also, S3 buckets cannot scale infinitely. This is a huge myth http://aws.typepad.com/aws/2012/03/amazon-s3-performance-tip...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: