How do I store my Amazon Credentials in my app?

I am making an app that accesses Amazon S3.

But should I put the Amazon S3 login credentials (Access Key ID and Secret Access Key) into the .exe tha开发者_运维知识库t customers will be using?

DropBox uses Amazon S3, but how do they store their login credentials? When I send a file to my DrobBox, does the file go to their server first, then their server logs into S3 using their credentials?

I can always obfuscate my .exe but I am still very leery about putting my Amazon S3 info into the .exe.

Any ideas or suggestions?

Thanks.

---

you may consider implementing your own server-side authentication layer, which will authenticate user and sign requests,

amazon s3 credentials are needed to sign aws requests. you may do this on server side.

for example:

1. your app send request to your server with user credentials
2. your server side code check user credentials and sign aws request
3. your app send signed request to amazon

---

You're right to be concerned. I don't know of any completely safe means of including your keys with a locally-installed app. The web equivalent (which I'm more familiar with) would be a javascript (so client-side) widget that needs to carry some credentials... and there's no way to do it.

I think the solution that you mentioned (only using your server to interact with S3) may be the only way.