S3 Security Policy
I love S3, I use it with Arq, I use it to host this site, backup configs on VPSs, and to transfer random files that are too big for e-mail.
As my S3 usage has grown I've started creating seperate AMI users for each task, e.g. a siteleaf user for this blog. It wasn't until tonight that I took the time to craft a better security policy for some of these users.
Here's the basic policy I came up with. This policy restricts access to a single bucket, and allows access via the AWS cli.