CmafSpekeEncryptionProps

class aws_cdk.aws_mediapackagev2_alpha.CmafSpekeEncryptionProps(*, drm_systems, method, resource_id, role, url, audio_preset=None, certificate=None, constant_initialization_vector=None, exclude_segment_drm_metadata=None, key_rotation_interval=None, video_preset=None)

Bases: object

(experimental) Properties for CMAF SPEKE encryption configuration.

Parameters:

  • drm_systems (Sequence[CmafDrmSystem]) – (experimental) The DRM systems to use for content protection. CENC supports PlayReady, Widevine, and Irdeto. CBCS supports PlayReady, Widevine, and FairPlay.

  • method (CmafEncryptionMethod) – (experimental) The encryption method to use.

  • resource_id (str) – (experimental) The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes.

  • role (IRole) – (experimental) IAM role for accessing the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have sufficient permissions to access the key retrieval URL.

  • url (str) – (experimental) URL of the SPEKE key provider.

  • audio_preset (Optional[PresetSpeke20Audio]) – (experimental) Audio encryption preset. Default: PresetSpeke20Audio.PRESET_AUDIO_1

  • certificate (Optional[ICertificate]) – (experimental) The ARN of the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption. Default: - no content key encryption

  • constant_initialization_vector (Optional[str]) – (experimental) Constant initialization vector (32-character hex string). A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. Default: - MediaPackage generates the IV

  • exclude_segment_drm_metadata (Optional[bool]) – (experimental) When enabled, DRM metadata is excluded from CMAF segments. Default: false

  • key_rotation_interval (Optional[Duration]) – (experimental) Key rotation interval. Default: - no rotation

  • video_preset (Optional[PresetSpeke20Video]) – (experimental) Video encryption preset. Default: PresetSpeke20Video.PRESET_VIDEO_1

Stability:

experimental

ExampleMetadata:

infused

Example:

# channel: Channel
# speke_role: iam.IRole
# certificate: certificatemanager.ICertificate


OriginEndpoint(self, "Endpoint",
    channel=channel,
    segment=Segment.cmaf(
        encryption=CmafEncryption.speke(
            method=CmafEncryptionMethod.CBCS,
            drm_systems=[CmafDrmSystem.FAIRPLAY],
            resource_id="my-content-id",
            url="https://example.com/speke",
            role=speke_role,
            certificate=certificate
        )
    ),
    manifests=[Manifest.hls(manifest_name="index")]
)

Attributes

audio_preset

(experimental) Audio encryption preset.

Default:

PresetSpeke20Audio.PRESET_AUDIO_1

Stability:

experimental

certificate

(experimental) The ARN of the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint.

For this feature to work, your DRM key provider must support content key encryption.

Default:

  • no content key encryption

Stability:

experimental

constant_initialization_vector

(experimental) Constant initialization vector (32-character hex string).

A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content.

Default:

  • MediaPackage generates the IV

Stability:

experimental

drm_systems

(experimental) The DRM systems to use for content protection.

CENC supports PlayReady, Widevine, and Irdeto. CBCS supports PlayReady, Widevine, and FairPlay.

Stability:

experimental

exclude_segment_drm_metadata

(experimental) When enabled, DRM metadata is excluded from CMAF segments.

Default:

false

Stability:

experimental

key_rotation_interval

(experimental) Key rotation interval.

Default:

  • no rotation

Stability:

experimental

method

(experimental) The encryption method to use.

Stability:

experimental

resource_id

(experimental) The unique identifier for the content.

The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes.

Stability:

experimental

role

(experimental) IAM role for accessing the key provider API.

This role must have a trust policy that allows MediaPackage to assume the role, and it must have sufficient permissions to access the key retrieval URL.

Stability:

experimental

url

(experimental) URL of the SPEKE key provider.

Stability:

experimental

video_preset

(experimental) Video encryption preset.

Default:

PresetSpeke20Video.PRESET_VIDEO_1

Stability:

experimental