|« PreviousNext »|
|Did this page help you? Yes | No | Tell us about it...|
When customers use your Amazon S3 product, they might end up storing data on Amazon servers. For example, you could have a product that stores customers' data in Amazon S3 for them. This section discusses restrictions on access to that data.
Amazon DevPay implements a product-based access control system that is automatically applicable to your product; you don't have to do anything to implement it. Let's say you have a product called MagicProduct that uses Amazon S3 and stores images for customers. If John Smith uses MagicProduct to store his images, he can access those stored images only by using MagicProduct. He can't use some other product that also uses Amazon S3, and he can't get his own AWS developer account and use Amazon S3 directly to access the images.
Although DevPay enforces a product-based access control restriction, you can still use the access control mechanisms implemented by the AWS service your product uses. For example, you can still use the Amazon S3 access control mechanism with your product. The mechanism's operation is independent of the DevPay product-based restriction.
If we go back to our previous example: You could design MagicProduct to use the Amazon S3 access control mechanism so that John Smith could grant his mother access to the images he stored. His mother could then buy MagicProduct herself and access John's images. However, she couldn't access those images by using another product that uses Amazon S3. She also couldn't access those images by getting her own AWS account and using Amazon S3 directly.
Another important implication of the product-based restriction is that John Smith can no longer access his stored data when he cancels his use of MagicProduct. He can't use another product based on Amazon S3 or use Amazon S3 directly to access his data. If he resubscribes to MagicProduct, his images might or might not be available depending on the Amazon S3 data retention policy.
You should warn your customers that:
They should retrieve their data before they cancel use of your product
If they don't pay their bills for your product, Amazon will cancel their access to the product and their data will be unavailable