Content encryption and DRM in AWS Elemental MediaPackage

Protect your content from unauthorized use through content encryption and digital rights management (DRM). AWS Elemental MediaPackage uses the AWS Secure Packager and Encoder Key Exchange (SPEKE) API to facilitate content encryption and decryption by a DRM provider. Using SPEKE, the DRM provider supplies encryption keys to MediaPackage through the SPEKE API. The DRM provider also supplies licenses to supported media players for decryption. For more information about how SPEKE is used with services and features running in the cloud, see AWS cloud-based architecture in the Secure Packager and Encoder Key Exchange API Specification guide.

Limitations and requirements

When implementing content encryption for MediaPackage, refer to the following limitations and requirements:

Use the AWS Secure Packager and Encoder Key Exchange (SPEKE) API to facilitate integration with a digital rights management (DRM) system provider. For information about SPEKE, see What is Secure Packager and Encoder Key Exchange?
Your DRM system provider must support SPEKE. For a list of DRM providers that support SPEKE, see the Get on board with a DRM platform provider topic in the AWS Elemental MediaPackage User Guide. Your DRM provider can help you set up DRM encryption use in MediaPackage.
Use MediaPackage to encrypt live content.

The following sections provide guidance on how to choose and implement content encryption using SPEKE for MediaPackage.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

MediaPackage features

Container and DRM system support with SPEKE