Creating a source location - AWS Elemental MediaTailor

Creating a source location

The following procedure explains how to create source locations using the MediaTailor console. For information about how to create source locations using the MediaTailor API, see CreateSourceLocation in the AWS Elemental MediaTailor API Reference.

To create a source location

  1. Open the MediaTailor console at

  2. In the navigation pane, choose Channel assembly > Source locations.

  3. On the navigation bar, choose Create source location.

  4. Under Source location configuration, enter a name and the base URL of your origin server:

    • Name: An identifier for your source location, such as my-origin.

    • Base URL: The protocol and base URL of the origin server your content is stored, such as The URL must be in a standard HTTP URL format, prefixed with http:// or https://.

      Optionally select Use SigV4 for Amazon S3 authentication if your source location is an Amazon S3 bucket, and if you'd like to use AWS Signature Version 4 for Amazon S3 access authentication. For advanced information, see Configuring authentication for your source location.

  5. Under Access configuration, optionally configure authentication for your source location:

    • Access type: Select the authentication type that MediaTailor uses to access the content stored on the source location's origin.

      • SigV4 for Amazon S3 - MediaTailor uses Amazon Signature Version 4 (SigV4) to authorize request to your origin. For more information, see Working with SigV4 for Amazon S3.

      • Secrets Manager access token authentication - MediaTailor uses Secrets Manager and a AWS KMS customer managed key created, owned, and managed by you to facilitate access token authentication between MediaTailor and your origin. For information about how to configure Secrets Manager access token authentication, see Working with AWS Secrets Manager access token authentication.

        • Header name - Specify a HTTP header name. MediaTailor uses the HTTP header to send the access token to your origin in content manifest requests. You can can use any header name as long as it doesn’t start with x-amz- or x-amzn-. If you're integrating with MediaPackage CDN authorization, the header value should be X-MediaPackage-CDNIdentifier.

        • Secret string key - The SecretString key that you specified in your Secrets Manager secret. For example, if your SecretString contains a key and value pair such as: {"MyHeaderName": "11111111-2222-3333-4444-111122223333"}, then MyHeaderName is the SecretString key you enter in this field.

        • Secret ARN - The ARN of the secret that holds your access token. For a step-by-step guide, see Step 2: Create an AWS Secrets Manager secret.

  6. Under Segment delivery server configuration, optionally configure a server to deliver your content segments:

    • Use a default segment delivery server: Enter the base URL of the server that is used to deliver your content segments, such as a CDN. Configure Default segment host name if you'd like to use a different server than the source location server to serve the content segments. For example, you can restrict access to the origin manifests from players by using a different CDN configuration for the Base HTTP URL (what MediaTailor uses to access the manifests) and the Default Segment Base URL (what players uses to access the content segments). If you don't enter a value, MediaTailor defaults to the source location server for segment delivery.

  7. Choose Create source location.

  8. To add more source locations, repeat steps 2-6.