So we've got and AWS account and we've got acces to EC2 and S3. Now everything is fine and nice, and i want to backup some of the data on my EC2 instance (let's say /etc and /var/lib/mysql ) and some data from another server ( the company's emails beeing that data) .
We've got the right tools, so let's backup the data, we never know when we'll be happy that even if the data center was hit by a meteorite we've got all the data backed up and tommorow we'll have everything back and running. But , wait, i see e problem, and the problem is the S3 acces method (the credentials). I have only one account that i'm using for uploading my ec2 images (this beeing done by an automated script that takes a snapshot of the system from time to time), for uploading the /etc dir from my etc instance and /var/lib/mysql from the same instance , and for backing up the emails from the company mail server (which is outside amazon). If we would have more machines, we would have more stuff to backup from different places , so more machines would have the s3 credentials.

So the problem is that we have only one set of credentials that is present on all of the machines/instances. So if one of them gets cracked, the creacker has access to all of the companies data backed up on S3(employee emails, databases, system configuration files and password databases , etc).

The fix .. either encrypt all of your data before uploading, and use a different set of credentials (with you encryption software of choice) for every machine that's doing the backing up (but still , the attacker can't decrypt your data, but he can delete all your backups) or hope that Amazon will provide a mechanism of creating more "sub accounts" for using with S3 .

Another problem could be that maybe Amazon thinks your data is evil and just deletes it( as you did agree with that in the service agreement ).

Still to come, you need to provide "crawl acces" for Amazon into your aplications (section 1.A.5 in the service agreement). I'm not sure what that really means, but doesn't sound that good.

Conclusion: if you need to backup data from different sites/servers/instances either hope Amazon will provide a mecanism of creating some kind of accounts bounded to your master account, and give access to those accounts to specific buckets or create an AWS account for every site/server/instance.