Você sempre pode ocultar os intervalos por trás de um aplicativo de virtualização (um front end HTTP, um FTP ou algo personalizado). Mas isso significa que você teria que queimar a CPU, provavelmente em uma instância do EC2, para mapear essas solicitações e copiar bytes dentro / fora desses buckets do S3.
Expor um bucket S3 diretamente a um usuário teria que seguir as regras de segurança do S3 :
How can I control access to my data stored on Amazon S3?
Customers may use three mechanisms for controlling access to Amazon S3 resources: bucket policies, Access Control Lists (ACLs) and query string authentication. With bucket policies, companies can define rules which apply broadly across all requests to their Amazon S3 resources, such as granting write privileges to a subset of Amazon S3 resources. Customers can also restrict access based on an aspect of the request, such as HTTP referrer and IP address. With ACLs, customers can grant specific permissions (i.e. READ, WRITE, FULL_CONTROL) to specific users for an individual bucket or object. With query string authentication, customers can create a URL to an Amazon S3 object which is only valid for a limited time.