You can set a bucket policy to limit external (out of region) access - for this bucket. See my script and blog post here: http://blog.james.rcpt.to/2012/12/24/aws-s3-bucket-policies-restricting-to-in-region-access/ You can also fix up symlink redirects for “stable” => “squeeze”, etc, using Routing Rules: <RoutingRules> <RoutingRule> <Condition> <KeyPrefixEquals>debian/dists/unstable/</KeyPrefixEquals> </Condition> <Redirect> <ReplaceKeyPrefixWith>debian/dists/sid/</ReplaceKeyPrefixWith> </Redirect> </RoutingRule> <RoutingRule> <Condition> <KeyPrefixEquals>debian/dists/testing/</KeyPrefixEquals> </Condition> <Redirect> <ReplaceKeyPrefixWith>debian/dists/wheezy/</ReplaceKeyPrefixWith> </Redirect> </RoutingRule> <RoutingRule> <Condition> <KeyPrefixEquals>debian/dists/stable/</KeyPrefixEquals> </Condition> <Redirect> <ReplaceKeyPrefixWith>debian/dists/squeeze/</ReplaceKeyPrefixWith> </Redirect> </RoutingRule> </RoutingRules> Here’s a sample policy: { "Version": "2008-10-17", "Id": "Policy1356334828153", "Statement": [ { "Sid": "Stmt1356334823200", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::debian-sydney/*", "Condition": { "IpAddress": { "aws:SourceIp": [ "46.137.128.0/18", "176.34.128.0/17", "54.252.0.0/16", "184.169.128.0/17", "54.241.0.0/16", "184.72.128.0/17", "54.242.0.0/15", "175.41.192.0/18", "46.137.0.0/17", "54.226.0.0/15", "175.41.128.0/18", "46.137.192.0/18", "176.32.64.0/19", "50.18.0.0/16", "54.244.0.0/16", "54.234.0.0/15", "177.71.128.0/17", "54.224.0.0/15", "72.44.32.0/19", "75.101.128.0/17", "46.51.192.0/20", "46.51.128.0/18", "50.19.0.0/16", "46.51.224.0/19", "184.73.0.0/16", "54.236.0.0/15", "184.72.64.0/18", "54.251.0.0/16", "204.236.128.0/18", "176.34.0.0/18", "174.129.0.0/16", "79.125.0.0/17", "122.248.192.0/18", "50.112.0.0/16", "54.247.0.0/16", "46.51.216.0/21", "50.16.0.0/15", "54.245.0.0/16", "54.228.0.0/16", "54.246.0.0/16", "103.4.8.0/21", "54.248.0.0/15", "184.72.0.0/18", "176.34.64.0/18", "204.236.192.0/18", "23.20.0.0/14", "67.202.0.0/18", "107.20.0.0/14", "54.232.0.0/16" ] } } } ] } James Bromberger | Solution Architect | Amazon Web Services E:
jameseb@amazon.com P: +61
422 166 708 If you require Technical Support please visit
http://aws.amazon.com/support and sign-up for AWS Support at the level you require for either Web or Phone-based support. From: olivier sallou [mailto:olivier.sallou@gmail.com]
> |