interface CmafSpekeEncryptionProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.MediaPackageV2.Alpha.CmafSpekeEncryptionProps |
 Go | github.com/aws/aws-cdk-go/awsmediapackagev2alpha/v2#CmafSpekeEncryptionProps |
 Java | software.amazon.awscdk.services.mediapackagev2.alpha.CmafSpekeEncryptionProps |
 Python | aws_cdk.aws_mediapackagev2_alpha.CmafSpekeEncryptionProps |
 TypeScript (source) | @aws-cdk/aws-mediapackagev2-alpha ยป CmafSpekeEncryptionProps |
Properties for CMAF SPEKE encryption configuration.
Example
declare const channel: Channel;
declare const spekeRole: iam.IRole;
declare const certificate: certificatemanager.ICertificate;
new OriginEndpoint(this, 'Endpoint', {
channel,
segment: Segment.cmaf({
encryption: CmafEncryption.speke({
method: CmafEncryptionMethod.CBCS,
drmSystems: [CmafDrmSystem.FAIRPLAY],
resourceId: 'my-content-id',
url: 'https://example.com/speke',
role: spekeRole,
certificate,
}),
}),
manifests: [Manifest.hls({ manifestName: 'index' })],
});
Properties
| Name | Type | Description |
|---|---|---|
| drm | Cmaf[] | The DRM systems to use for content protection. |
| method | Cmaf | The encryption method to use. |
| resource | string | The unique identifier for the content. |
| role | IRole | IAM role for accessing the key provider API. |
| url | string | URL of the SPEKE key provider. |
| audio | Preset | Audio encryption preset. |
| certificate? | ICertificate | The ARN of the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. |
| constant | string | Constant initialization vector (32-character hex string). |
| exclude | boolean | When enabled, DRM metadata is excluded from CMAF segments. |
| key | Duration | Key rotation interval. |
| video | Preset | Video encryption preset. |
drmSystems
Type:
Cmaf[]
The DRM systems to use for content protection.
CENC supports PlayReady, Widevine, and Irdeto. CBCS supports PlayReady, Widevine, and FairPlay.
method
Type:
Cmaf
The encryption method to use.
resourceId
Type:
string
The unique identifier for the content.
The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes.
role
Type:
IRole
IAM role for accessing the key provider API.
This role must have a trust policy that allows MediaPackage to assume the role, and it must have sufficient permissions to access the key retrieval URL.
url
Type:
string
URL of the SPEKE key provider.
audioPreset?
Type:
Preset
(optional, default: PresetSpeke20Audio.PRESET_AUDIO_1)
Audio encryption preset.
certificate?
Type:
ICertificate
(optional, default: no content key encryption)
The ARN of the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint.
For this feature to work, your DRM key provider must support content key encryption.
constantInitializationVector?
Type:
string
(optional, default: MediaPackage generates the IV)
Constant initialization vector (32-character hex string).
A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content.
excludeSegmentDrmMetadata?
Type:
boolean
(optional, default: false)
When enabled, DRM metadata is excluded from CMAF segments.
keyRotationInterval?
Type:
Duration
(optional, default: no rotation)
Key rotation interval.
videoPreset?
Type:
Preset
(optional, default: PresetSpeke20Video.PRESET_VIDEO_1)
Video encryption preset.