AWS Elemental MediaLive
User Guide

Access to Amazon EC2 Systems Manager Parameter Store

The Amazon EC2 Systems Manager Parameter Store is used extensively in MediaLive. It's likely that you will use this store. The store holds passwords that MediaLive needs so that it can retrieve and store files externally.

Some of the features that store passwords in this way are the following:

  • An input of type RTMP Pull or type HLS Pull. The connection to the source is secure.

  • Fields in the channel that contain the URL to an external file, if the connection is secure. Examples of this type of field are the Avail blanking image and a source captions file that is an external file.

  • The destination in an HLS output group or a Microsoft Smooth output group, if the connection is secure.

In all these cases, if the connection is secure (typically HTTPS), then MediaLive needs the user name and password (stored in a parameter).

How It Works

The password parameter feature ensures that you are not storing passwords in plaintext on the console. Instead, you create a password parameter in Amazon EC2 Systems Manager Parameter Store. The parameter is a name-value pair where the name is something like corporateStorageImagesPassword and the value is the actual password. When you create a channel or input in MediaLive, you specify the password parameter name instead of the password. When MediaLive needs the password (to either read or write to the external location), it sends the password parameter name to the Amazon EC2 Systems Manager Parameter Store and gets back the actual password in response.

Wherever a password field appears on the console, MediaLive lets you do the following:

  • Specify a password parameter that has already been created in Amazon EC2 Systems Manager Parameter.

  • Create a password parameter "on the spot." You type in a name and the actual password.

Required Permissions

For any user to create a password parameter "on the spot," MediaLive must have a trusted entity role that includes Amazon EC2 Systems Manager Parameter. See Setting Up a Trusted Entity.