I have a pretty tough problem here: I need to allow the users of my site to upload very large files to their accounts and I want to store these files on a AWS S3 filesystem. I can't just write a web service to receive these and save them in the S3 fs, because all kinds of things can go wrong during the upload and I need a sophisticated uploader client. The kind of client that Amazon provides to upload files into S3, but of course I can't give my users direct access to that. I'd seriously appreciate any ideas for this!

Thank you

Best practice would be to let your client application to upload directly to S3, not flowing through your own web infrastructure. This would leverage ether massive parallel nature of S3 and off-load your web infrastructure. Offloading your infrastructure will allow to use less instances or smaller instances to serve the same amount of traffic. Hence a lower infrastructure cost for you.

You would need to write an S3 IAM Policy that would limit access for each of your user to their own "directory" (aka key prefix) on S3

Have a look at this blog post : http://blogs.aws.amazon.com/security/post/Tx1P2T3LFXXCNB5/Writing-IAM-policies-Grant-access-to-user-specific-folders-in-an-Amazon-S3-bucke

If your application is a web app, you can even let your customers' browsers upload directly to S3. See how to implement this securely at http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html

Just a last note about your question : S3 is not a file system, S3 is an object store. Read more about the differences between object storage and file system at http://www.infoworld.com/article/2614094/data-center/what-is-object-storage-.html