GCS Buckets for Live Outputs

Overview

Bitmovin can not only run in Google Cloud, deploying the Live Encoder to a range of regions, but it can also output to a GCS bucket as an origin server for distribution directly or via a CDN.

Configuring GCS buckets

When using GCS buckets as an output for the Live Encoder you will need to configure them to grant the appropriate roles and access control policies.

Output Buckets

  • GCS role- The Storage Object Admin role must be added to the relevant IAM user.
  • GCS Access- As long as the proper GCS role was added, Output Buckets can be configured either as publicly accessible or private.
  • GCS Access Control Policy and Bitmovin ACL- The bucket access control policy and the Bitmovin ACL settings must be set according to the table below.
GCS role (for IAM user)GCS AccessGCS Access Control PolicyBitmovin ACL
Storage Object AdminPublic / PrivateUniform1private
Storage Object AdminPublic / PrivateFine-Grained2private/public_read

1When using Uniform access control policy type, GCS applies access control policies to all objects in the Bucket based on the IAM permissions - and all access granted by object ACLs are revoked. To get Bitmovin outputs working properly with this approach, all ACLs in EncodingOutput.acl[*].permission must be set to private

2When using Fine-Grained access control policy type, GCS applies access control policies based on Access Control Lists (ACLs). In this way, the ACLs set in EncodingOutput.acl[*].permission are applied to each object to be written in the bucket.

Take into account that Bitmovin ACLs in EncodingOutput.acl[*].permission are set to public_read by default - for example when creating encoding jobs from the Bitmovin Dashboard, so if you do not set an ACL explicitly, you should set a Fine-Grained control policy type on the bucket in order to get it working

Configuring Live Encoding Outputs

In the Dashboard navigate to Live Encoding in the left side panel, and then select Outputs.

πŸ“˜

You will need to enter the Access key and Secret Key provided via the GCS console or your GCS system administrator.

Press + Create and select GCS to see the correct form.

When you are finished press Create and the output will be saved.

Using the Live Output

The bucket will appear in the Outputs list, and in the Wizard under Google Storage.

You can confirm the bucket is created in the API by using List GCS Outputs