Step 1: Sign in to the IAM console
Sign in to the IAM console to manage policies and users.
To sign in
1. Sign in to the AWS Management Console and open the IAM console at https://
console.aws.amazon.com/iam/.
Use your Administrator user credentials to sign in.
Step 2: Create policies
Create two policies for AWS Elemental MediaTailor: one to provide read/write access, and one to provide read-only access.
To create policies for AWS Elemental MediaTailor
1. In the navigation pane of the IAM console, choose Policies.
2. On the Policies page, create a policy named MediaTailorAllAccess that allows all actions on all resources in MediaTailor:
a. Choose Create policy.
b. Choose the JSON tab and paste the following policy, replacing the resource ARN for PassRole with the actual ARN.
{
"Version": "2012-10-17", "Statement": {
"Effect": "Allow",
"Action": "mediatailor:*", "Resource": "*"
}}
c. Choose Review policy.
d. On the Review policy page, for Name, enter MediaTailorAllAccess, and then choose Create policy.
3. On the Policies page, create a read-only policy named MediaTailorReadOnlyAccess for MediaTailor:
a. Choose Create policy.
b. Choose the JSON tab and paste the following read-only policy.
{ "Version": "2012-10-17", "Statement": {
"Effect": "Allow", "Action": [
"mediatailor:List*", "mediatailor:Describe*", "mediatailor:Get*"
], "Resource": "*"
}}
Step 3: Create user groups
c. Choose Review policy.
d. On the Review policy page, for Name, enter MediaTailorReadOnlyAccess, and then choose Create policy.
Step 3: Create user groups
Create a user group for each of the policies that you created in the section called “Step 2: Create policies” (p. 6). This way, when you create additional users you can add the users to a group rather than attaching individual policies to each user.
To create groups for users who need access to AWS Elemental MediaTailor 1. In the navigation pane of the IAM console, choose Groups.
2. On the Groups page, choose Create New Group and create an administrator group using the MediaTailorAllAccess policy:
a. On the Set Group Name page, enter a name for the group, such as MediaTailorAdmins. Choose Next Step.
b. On the Attach Policy page, for Filter, choose Customer Managed.
c. In the policy list, choose the MediaTailorAllAccess policy that you created.
d. On the Review page, verify that the correct policy is added to this group, and then choose Create Group.
3. On the Groups page, choose Create New Group and create a read-only group using the MediaTailorReadOnlyAccess policy:
a. On the Set Group Name page, enter a name for the group, such as MediaTailorReadOnly.
Choose Next Step.
b. On the Attach Policy page, for Filter, choose Customer Managed.
c. In the policy list, choose the MediaTailorReadOnlyAccess policy that you created.
d. On the Review page, verify that the correct policy is added to this group, and then choose Create Group.
Step 4: Create users
Create IAM users for the individuals who require access to AWS Elemental MediaTailor. Next, add each user to the appropriate user group to ensure that they have the right level of permissions. If you already have users created, skip past the user creation steps to modify the permissions for the users.
To create users who can access AWS Elemental MediaTailor
1. In the navigation pane of the IAM console, choose Users, and then choose Add user.
2. For User name, enter the name that the user will use to sign in to MediaTailor.
3. Select the check box next to AWS Management Console access, select Custom password, and then enter the new user's password in the box. You can optionally select Require password reset to force the user to create a password the next time the user signs in.
4. Choose Next: Permissions.
5. On the Set permissions for user page, choose Add user to group.
6. Modify the permissions for the users in the group list. Choose the group with the appropriate attached policy. Remember that permissions levels are as follows:
• The group with the MediaTailorAllAccess policy allows all actions on all resources in MediaTailor.
• The group with the MediaTailorReadOnlyAccess policy allows read-only rights for all resources in MediaTailor.
Step 4: Create users
7. Choose Next: Review to see the list of group memberships to be added to the new user. When you are ready to proceed, choose Create user.
Getting started with MediaTailor ad insertion
Getting started with MediaTailor
To get started with MediaTailor ad insertion or channel assembly, select the applicable topic.
Topics
• Getting started with MediaTailor ad insertion (p. 9)
• Getting started with MediaTailor channel assembly (p. 16)
Getting started with MediaTailor ad insertion
To use AWS Elemental MediaTailor, you need an AWS account and permissions to access, view, and edit MediaTailor configurations. For information on how to do this, see Setting up AWS Elemental MediaTailor (p. 4).
This Getting Started tutorial shows you how to perform the following tasks:
• Prepare your HLS or DASH content streams
• Configure an ad decision server (ADS) template URL
• Create a MediaTailor configuration that contains a playback endpoint
• Use your player or content delivery network (CDN) to make a playback request to MediaTailor
When you're finished, you'll be able to send a playback request to MediaTailor for personalized ad content in your stream.
Topics
• Prerequisites (p. 9)
• Step 1: Access AWS Elemental MediaTailor (p. 9)
• Step 2: Prepare a stream (p. 10)
• Step 3: Configure ADS request URL and query parameters (p. 11)
• Step 4: Create a configuration (p. 12)
• Step 5: Test the configuration (p. 13)
• Step 6: Send the playback request to AWS Elemental MediaTailor (p. 14)
• Step 7 (optional): Monitor AWS Elemental MediaTailor activity (p. 14)
• Step 8: Clean up (p. 15)
Prerequisites
Before you begin, be sure that you've completed the steps in Setting up AWS Elemental MediaTailor (p. 4).
Step 1: Access AWS Elemental MediaTailor
Using your IAM credentials, sign in to the MediaTailor console at https://
console.aws.amazon.com/mediatailor/home.
Step 2: Prepare a stream
Step 2: Prepare a stream
Configure your origin server to produce manifests for HLS or DASH that are compatible with AWS Elemental MediaTailor.
Prepare an HLS stream
HLS manifests must satisfy the following requirements:
• Manifests must be accessible on the public internet.
• Manifests must be live or video on demand (VOD).
• Manifests must have an EXT-X-VERSION of 3 or higher.
• For live content, manifests must contain markers to delineate ad avails. This is optional for VOD content, which can use VMAP timeoffsets instead.
The manifest file must have ad slots marked with one of the following:
• #EXT-X-CUE-OUT / #EXT-X-CUE-IN (more common) with durations as shown in the following example.
#EXT-X-CUE-OUT:60.00
#EXT-X-CUE-IN
• #EXT-X-DATERANGE (less common) with durations as shown in the following example.
#EXT-X-DATERANGE:ID="",START-DATE="",DURATION=30.000,SCTE35-OUT=0xF
#EXT-X-DATERANGE:ID="",START-DATE="",DURATION=30.000,SCTE35-OUT=0xF
All fields shown for #EXT-X-DATERANGE are required.
The way that you configure the ad markers in the manifest influences whether ads are inserted in a stream or replace other fragments in the stream. For more information, see the section called
“Understanding MediaTailor ad insertion behavior” (p. 106).
• HLS master manifests must follow the HLS specification documented at HTTP live streaming: Master playlist tags. In particular, #EXT-X-STREAM-INF must include the fields RESOLUTION, BANDWIDTH, and CODEC.
After you have configured the stream, note the content origin URL prefix for the master manifest. You need it to create the configuration in AWS Elemental MediaTailor, later in this tutorial.
Prepare a DASH stream
DASH manifests must satisfy the following requirements:
• Manifests must be accessible on the public internet.
• Manifests must be live or video on demand (VOD).
• Manifests must mark events as ad avails using either splice insert markers or time signal markers. You can provide the ad markers in clear XML or in base64-encoded binary. For splice insert, the out-of-network indicator must be enabled. For time signal markers, the segmentation type ID, located inside the segmentation UPID, must be a cue-out value recognized by AWS Elemental MediaTailor. The ad avail starts at the event start and lasts for the event duration, if one is specified, or until the next event starts.
The following example shows an event designated as an ad avail using splice insert markers. The duration for this ad avail is the event's duration.
Step 3: Configure ADS request URL and query parameters
<Period start="PT444806.040S" id="123586" duration="PT15.000S">
<EventStream timescale="90000" schemeIdUri="urn:scte:scte35:2013:xml">
<Event duration="1350000">
<scte35:SpliceInfoSection protocolVersion="0" ptsAdjustment="180832" tier="4095">
<scte35:SpliceInsert spliceEventId="4026531855"
spliceEventCancelIndicator="false" outOfNetworkIndicator="true"
spliceImmediateFlag="false" uniqueProgramId="1" availNum="1" availsExpected="1">
<scte35:Program><scte35:SpliceTime ptsTime="5672624400"/></scte35:Program>
<scte35:BreakDuration autoReturn="true" duration="1350000"/>
</scte35:SpliceInsert>
</scte35:SpliceInfoSection>
</Event>
</EventStream>
<AdaptationSet mimeType="video/mp4"
...
</AdaptationSet>
</Period>
• Ad avails must have the same AdaptationSet and Representation settings as content streams.
AWS Elemental MediaTailor uses these settings to transcode the ads to match the content stream, for smooth switching between the two.
After you configure the stream, note the content origin URL prefix for the DASH manifest. You need it to create the configuration in AWS Elemental MediaTailor, later in this tutorial.
Step 3: Configure ADS request URL and query parameters
To determine the query parameters that the ADS requires, generate an ad tag URL from the ADS. This URL acts as a template for requests to the ADS, and consists of the following:
• Static values
• Values generated by AWS Elemental MediaTailor (denoted by session or avail query parameters)
• Values generated by players, obtained from the client application (denoted by player_params.
query parameters)
Example Ad tag URL from an ADS
https://my.ads.com/ad?
output=vast&content_id=12345678&playerSession=[session.id]&cust_params=[player_params.cust_params]
Where:
• output and content_id are static values
• playerSession=[session.id] is a dynamic value provided by AWS Elemental MediaTailor. The value of [session.id] changes for each player session and results in a different URL for the VAST request for each session.
• cust_params are player-supplied dynamic values
The master manifest request from the player must provide key-value pairs that correspond to the player_params. query parameters in the ADS request URL. For more information about configuring
Step 4: Create a configuration
key-value pairs in the request to AWS Elemental MediaTailor, see Using dynamic ad variables in AWS Elemental MediaTailor (p. 94).
Enter the configured "template" URL when you create the origin server/ADS mapping in MediaTailor, in Step 4: Create a configuration (p. 12).
Testing
You can use a static VAST response from your ADS for testing purposes. Ideally, the VAST response returns a mezzanine quality MP4 rendition that AWS Elemental MediaTailor can transcode. If the response from the ADS contains multiple playback renditions, MediaTailor picks the highest quality and resolution MP4 rendition and sends it to the transcoder.
Step 4: Create a configuration
The AWS Elemental MediaTailor configuration holds mapping information for the origin server and ADS.
To create a configuration (console)
1. Open the MediaTailor console at https://console.aws.amazon.com/mediatailor/.
2. On the Configurations page, choose Create configuration.
3. In the Configuration section at the bottom of the page, for Configuration name, enter a unique name that describes the configuration. The name is the primary identifier for the configuration. The maximum length allowed is 512 characters.
4. For Video content source, enter the URL prefix for the HLS master manifest or DASH manifest for this stream, minus the asset ID. For example, if the master manifest URL is http://origin-server.com/a/master.m3u8, you would enter http://origin-server.com/a/. Alternatively, you can enter a shorter prefix such as http://origin-server.com, but then you must include the /a/ in the asset ID in the player request for content. The maximum length is 512 characters.
NoteIf your content origin uses HTTPS, its certificate must be from a well-known certificate authority. (It can't be a self-signed certificate.) Otherwise, AWS Elemental MediaTailor fails to connect to the content origin and can't serve manifests in response to player requests.
5. For Ad decision server, enter the URL for your ADS. This is either the URL with variables as described in Step 3: Configure ADS request URL and query parameters (p. 11), or the static VAST URL that you are using for testing purposes. The maximum length is 25,000 characters.
NoteIf your ADS uses HTTPS, its certificate must be from a well-known certificate authority. (It can't be a self-signed certificate.) The same is true for mezzanine ad URLs returned by the ADS. Otherwise, MediaTailor fails to retrieve and stitch ads into the manifests from the content origin.
6. (Optional as needed for DASH) For Location, choose DISABLED if you have CDN routing rules set up for accessing MediaTailor manifests and you are either using client-side reporting or your players support sticky HTTP redirects.
For more information about the Location feature, see the section called “Location feature” (p. 85).
7. (Optional) If your origin server produces single-period DASH manifests, choose DASH mpd manifest origin type, and then choose SINGLE_PERIOD. By default, MediaTailor handles DASH manifests as multi-period manifests. For more information, see the section called “Integrating an MPEG-DASH source” (p. 47).
8. Choose Create configuration.
AWS Elemental MediaTailor displays the new configuration on the Configurations page.
Step 5: Test the configuration
Step 5: Test the configuration
After you save the configuration, test the stream using a URL in the appropriate format for your streaming protocol:
• Example: HLS
playback-endpoint/v1/master/hashed-account-id/origin-id/master.m3u8
• Example: DASH
playback-endpoint/v1/dash/hashed-account-id/origin-id/manifest.mpd
Where:
• playback-endpoint is the unique playback endpoint that AWS Elemental MediaTailor generated when the configuration was created.
Example
https://bdaaeb4bd9114c088964e4063f849065.mediatailor.us-east-1.amazonaws.com
• hashed-account-id is your AWS account ID.
Example
AKIAIOSFODNN7EXAMPLE
• origin-id is the name that you gave when creating the configuration.
Example
myOrigin
• master.m3u8 or manifest.mpd is the name of the manifest from the test stream plus its file extension. Define this so that you get a fully identified manifest when you append this to the video content source that you configured in the section called “Step 4: Create a configuration” (p. 12).
Using the values from the preceding examples, the full URLs are the following.
• Example: HLS
https://bdaaeb4bd9114c088964e4063f849065.mediatailor.us-east-1.amazonaws.com/v1/master/
AKIAIOSFODNN7EXAMPLE/myOrigin/master.m3u8
• Example: DASH
https://bdaaeb4bd9114c088964e4063f849065.mediatailor.us-east-1.amazonaws.com/v1/dash/
AKIAIOSFODNN7EXAMPLE/myOrigin/manifest.mpd
You can test the stream using one of the following methods.
• As shown in the preceding example, enter the URL in a standalone player.
Step 6: Send the playback request to MediaTailor
• Test the stream in your own player environment.
Step 6: Send the playback request to AWS Elemental MediaTailor
Configure the downstream player or CDN to send playback requests to the configuration's playback endpoint provided from AWS Elemental MediaTailor. Any player-defined dynamic variables that you used in the ADS request URL in Step 3: Configure ADS request URL and query parameters (p. 11) must be defined in the manifest request from the player.
Example
Assume your template ADS URL is the following.
https://my.ads.com/ad?
output=vast&content_id=12345678&playerSession=[session.id]&cust_params=[player_params.cust_params]
Then define [player_params.cust_params] in the player request by prefacing the key-value pair with ads.. AWS Elemental MediaTailor passes parameters that aren't preceded with ads. to the origin server instead of the ADS.
The player request URL is some variation of the following HLS and DASH examples.
https://bdaaeb4bd9114c088964e4063f849065.mediatailor.us-east-1.amazonaws.com/v1/master/
AKIAIOSFODNN7EXAMPLE/myOrigin/master.m3u8?ads.cust_params=viewerinfo
https://bdaaeb4bd9114c088964e4063f849065.mediatailor.us-east-1.amazonaws.com/v1/dash/
AKIAIOSFODNN7EXAMPLE/myOrigin/manifest.mpd?ads.cust_params=viewerinfo
When AWS Elemental MediaTailor receives the player request, it defines the player variables based on the information in the request. The resulting ADS request URL is some variation of this.
https://my.ads.com/ad?
output=vast&content_id=12345678&playerSession=<filled_in_session_id>&cust_params=viewerinfo
For more information about configuring key-value pairs to pass to the ADS, see Using dynamic ad variables in AWS Elemental MediaTailor (p. 94).
Step 7 (optional): Monitor AWS Elemental MediaTailor activity
Use Amazon CloudWatch and Amazon CloudWatch Logs to track AWS Elemental MediaTailor activity, such as the counts of requests, errors, and ad avails filled.
If this is your first time using CloudWatch with AWS Elemental MediaTailor, create an AWS Identity and Access Management (IAM) role to allow communication between the services.
To allow AWS Elemental MediaTailor access to CloudWatch (console) 1. Open the IAM console at https://console.aws.amazon.com/iam/.
2. In the navigation pane of the IAM console, choose Roles, and then choose Create role.
Step 8: Clean up
3. Choose the Another AWS account role type.
4. For Account ID, enter your AWS account ID.
5. Select Require external ID and enter midas. This option automatically adds a condition to the trust policy that allows the service to assume the role only if the request includes the correct sts:ExternalID.
6. Choose Next: Permissions.
7. Add a permissions policy that specifies what actions this role can complete. Select from one of the following options, and then choose Next: Review:
• CloudWatchLogsFullAccess to provide full access to Amazon CloudWatch Logs
• CloudWatchFullAccess to provide full access to Amazon CloudWatch 8. For Role name, enter MediaTailorLogger, and then choose Create role.
9. On the Roles page, select the role that you just created.
10. Edit the trust relationship to update the principal:
1. On the role's Summary page, choose the Trust relationship tab.
2. Choose Edit trust relationship.
3. In the policy document, change the principal to the AWS Elemental MediaTailor service. It should look like this.
"Principal": {
"Service": "mediatailor.amazonaws.com"
},
The entire policy should read as follows.
{ "Version": "2012-10-17", "Statement": [
{
"Effect": "Allow", "Principal": {
"Service": "mediatailor.amazonaws.com"
},
"Action": "sts:AssumeRole", "Condition": {
"StringEquals": {
"sts:ExternalId": "Midas"
} } } ]}
4. Choose Update Trust Policy.
Step 8: Clean up
To avoid extraneous charges, delete all unnecessary configurations.
To delete a configuration (console)
1. On the AWS Elemental MediaTailor Configurations page, do one of the following:
• Choose the Configuration name for the configuration that you want to delete.
Getting started with MediaTailor channel assembly
• In the Configuration name column, choose the radio button, and then choose Delete.
2. In the Delete configuration confirmation box, enter Delete, and then choose Delete again.
AWS Elemental MediaTailor removes the configuration.
Getting started with MediaTailor channel assembly
This Getting Started tutorial shows you how to perform the following tasks:
• Create a source location, and add source content to it
• Create a channel
• Create a program list to play your channel's content on a schedule
• Add personalized ads to the channel stream using AWS Elemental MediaTailor ad insertion
When you're finished, you'll be able to open a browser, enter the playback URL for your channel, and view your channel's stream containing personalized ads.
This tutorial walks you through the basic steps to get started with MediaTailor channel assembly. For more advanced information, see Using MediaTailor to create linear assembled streams (p. 110).
Estimated cost
• The fee for an active channel is $0.10 per hour. You aren't charged for channels that are inactive.
Topics
• Prerequisites (p. 16)
• Step 1: Create a source location (p. 17)
• Step 2: Add VOD sources to your source location (p. 17)
• Step 3: Create a channel (p. 18)
• Step 3: Create a channel (p. 18)