Steps for creating one or more public Yum repositories served via S3 with write access for the owner only. Don't put the repository in the root of the bucket; you won't be able to serve multiple repositories, and if you choose to enable logging you'll expose those publicly, as well.
The only magic here is the S3 bucket policy.
GPG-signed packages and repo metadata are left as an exercise to the reader.
- create the bucket via the AWS S3 console
- use the included bucket policy, replacing
@@BUCKET_NAME@@
and@@REPO@@
as appropriate - put some RPMs into a directory and run
createrepo /path/to/dir
- sync repo to S3:
s3cmd sync --delete /path/to/dir/ s3://@@BUCKET_NAME@@/@@REPO@@/
- use the included repo template to create
/etc/yum.repos.d/@@BUCKET_NAME@@.repo
- install your packages!