Encryption fields
Protect your content from unauthorized use through content encryption and digital rights management (DRM). AWS Elemental MediaPackage uses the AWS Secure Packager and Encoder Key Exchange (SPEKE) API
Note
To encrypt content, you must have a DRM solution provider, and be set up to use encryption. For information, see Content encryption and DRM in AWS Elemental MediaPackage.
To serve content with copyright protection, select Enable encryption and complete the additional fields as follows:
For Encryption method, choose Sample-AES for Apple HLS FairPlay or choose AES-128 for Apple HLS AES-128.
-
(Optional) For Constant initialization vector enter a 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content.
For URL, enter the URL of the API Gateway proxy that you set up to talk to your key server. The API Gateway proxy must reside in the same AWS Region as MediaPackage.
The following example shows a URL.
https://1wm2dx1f33.execute-api.us-west-2.amazonaws.com/SpekeSample/copyProtection
For Role ARN, enter the Amazon Resource Name (ARN) of the IAM role that provides you access to send your requests through API Gateway. Get this from your DRM solution provider.
The following example shows a role ARN.
arn:aws:iam::444455556666:role/SpekeAccess
For System IDs, enter unique identifiers for your streaming protocol and DRM system. Provide up to three IDs for CMAF, two IDs for DASH, and exactly one for the other streaming protocols. If you provide more than one system ID, enter one per line and choose Add. For a list of common system IDs, see DASH-IF System IDs
. If you don't know your IDs, ask your DRM solution provider.