Rotating the CDN header value

If you change the CDN custom origin HTTP header value, you need to rotate the stored secret value in Secrets Manager. The following procedure describes how to rotate your value in Secrets Manager to make sure that your CDN's HTTP header value and the Secrets Manager stored secret value are in sync.

To rotate the value

Update the stored secret value in Secrets Manager as described in Modifying a secret in the AWS Secrets Manager User Guide.

To ensure continued playback for active streams, MediaPackage authorizes requests that use either the current value in Secrets Manager or one version back.
Wait 10 minutes for MediaPackage to recognize that the value has changed in Secrets Manager.
In your CDN, update the value in X-MediaPackage-CDNIdentifier to the new authorization code.
Wait for your CDN to update fully with the new value before you send any requests through it to MediaPackage.

To disable the previous secret value, save the new secret value two times. This way, both the current and previous secret versions have the same value.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Setting up CDN authorization

Content encryption and DRM