Allowing pre-signed urls when writing and deleting from buckets will give us real write security without having to store AWS credentials in the config file. For this approach to work, buckets will need to be publicly readable and the user or their automated system will need to generate pre-signed urls for each node in the cluster.

An example of the config entry:

<S3_PING pre_signed_put_url="http://s3.amazonaws.com/ben-test/DemoCluster/thing1?AWSAccessKeyId=access_key&Expires=1316198231&Signature=url_signature"
pre_signed_delete_url="http://s3.amazonaws.com/ben-test/DemoCluster/thing1?AWSAccessKeyId=access_key&Expires=1316194276&Signature=url_signature"
timeout="2000"
num_initial_members="3"/>

The pre-signed urls need to be generated with no headers except "x-amz-acl" with a value of "public-read" for the PUT url. It would be a good idea to add some utility code to S3_Ping to generate these urls.