SimpleDB direct client access
https://stackoverflow.com/questions/1914055
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
One of the useful things about S3 for content storage is that a client can directly make a direct HTTP request to download the object. For instance, this is how Twitter serve up avatar images.
SimpleDB provides an HTTP interface to data. Rather than having to write a proxy that sits inbetween SimpleDB and the client, is it possible for client software (i.e. desktop, mobile) to make calls to read values from a SimpleDB domain, without sharing credentials that shouldn't be shared? Or is a proxy in-between the only way to go?
Solution
Unfortunately there is still no secure way to do this. Not only does this make the untrusted desktop/mobile use case much more difficult than it ought to be, it also does the same for the flash/silverlight client.
I have repeatedly made the request to AWS that they enable the same sort of fine grained access controls that are available in SQS, including the policy language and permission grants to the various criteria like account, IP address, date ranges, etc.
I only hope they decide to implement it.
OTHER TIPS
You can now do this with WebServius (which basically acts as a proxy between SimpleDB and the clients accessing the data). See http://blog.webservius.com/2010/09/14/introducing-amazon-simpledb-integration/
An inexpensive/free tier micro EC2 instance can now also be used to host your own proxy to SimpleDB, with less latency than hosting elsewhere.
