Configuring an AWS S3 Bucket for Content Playback Testing
When you use an S3 bucket as Output for your encodings, they will not automatically allow you to test streaming your encoded content from them. The default security model with S3 does not allow for this.
To enable this model, you will need to do the following:
Allow Public Access ACLs
For creating new buckets we have this tutorial: How to create an S3 Encoding Input or Output with the Bitmovin API
For existing buckets:
- Go to the Permissions tab of the S3 Bucket a. e.g.: https://s3.console.aws.amazon.com/s3/buckets/?tab=permissions
- If it says
Access: Bucket and objects not public
our Encoder cannot set objects to have the PUBLICACCESS ACL.
a. In Block public access (bucket settings) push the Edit button
b. uncheck 🔳 Block all_ public access.
c. Hit Save changes
d. In the Permissions overview, it should sayAccess: Objects can be public
When you create the bucket, disable the bucket settings that block public access, which is set by default on new buckets. If you use the AWS Console, they are Block new public ACLs and uploading public objects, and Remove public access granted through public ACLs. See the AWS Documentation on Block Public Access for details.
If you leave those enabled, you will need to ensure that your scripts set ACL permissions to PRIVATE on objects output to this bucket (for example muxings, manifests, etc.), or your encodings will fail.
Note: Encodings started in the https://bitmovin.com/dashboard/ are configured to set the PUBLIC_ACCESS ACL on output files. Allowing Public Access ACLs in the bucket is required for these Encodings to work.
CORS configuration
To allow players to request content for streaming from your S3 bucket, you will also need to allow origin access with a CORS configuration.
- Go to the Permissions tab of the S3 Bucket
a. e.g.: https://s3.console.aws.amazon.com/s3/buckets/ bucket-name ?tab=permissions - Scroll down until Cross-origin resource sharing (CORS) and hit the Edit Button next to it
a. e.g.: https://s3.console.aws.amazon.com/s3/buckets/ bucket-name /property/cors/edit - Now you can paste or edit the CORS configuration based on your needs.
The following is a good default policy that provides unrestricted access for streaming.
[
{
"AllowedHeaders": [
"Authorization"
],
"AllowedMethods": [
"GET",
"HEAD"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]
For more information on how to enable CORS on S3 buckets, see the AWS Documentation
Troubleshooting
To troubleshoot upload issues to your AWS S3 bucket are explained here.
Updated about 10 hours ago