Now git-annex can be used to set up a public S3 remote. If you've cloned a repository that knows about such a remote, you can use the S3 remote without needing any S3 credentials. Read-only of course.
This tip shows how to do it: public Amazon S3 remote
One rather neat way to use this is to configure the remote with
encryption=shared. Then, the files stored in S3 will be encrypted, and
anyone with access to the git repository can get and decrypt the files.
This feature will work for at least AWS S3, and for the Internet Archive's
S3. It may work for other S3 services, that can be configured to publish
their files over unauthenticated http. There's a
setting to allow specifying the url when using a service that git-annex
doesn't know the url for.
Actually, there was a hack for the IA before, that added the public url to an item when it was uploaded to the IA. While that hack is now not necessary, I've left it in place for now, to avoid breaking anything that depended on it.