AWS

Create Amzon S3 Bucket and configuring Amazon Cloudfront Distribution to serve content securely

This post is part of the series of blogs where will understand How to Protect Videos Using AWS Elemental MediaConvert and HLS just like a Netflix. If you already know how to create S3 Bucket and Cloudfront Distribution then you can skip to next post.

Creating S3 bucket and configuring Amazon Cloudfront Distribution to serve content securely.

Step 1: Sign up for AWS

To use AWS Elemental MediaConvert, you need an AWS account. If you don’t already have an account, you are prompted to create one when you sign up. You aren’t charged for any AWS services that you sign up for unless you use them. You can sign up at https://portal.aws.amazon.com/billing/signup/.

Step 2: To create a bucket

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.
  2. Choose Create bucket.
  3. Enter bucket name in the Bucket name field.
  4. In Region, choose the AWS Region where you want the bucket to reside.
  5. Leave rest of the settings to their default values and hit Create bucket at the bottom.

Step 3: Set Cross-origin resource sharing (CORS) policy

Once the bucket is successfully created, open the bucket and go to the Permission tab.

Scroll to the bottom to Cross-origin resource sharing (CORS) section and click on edit button and then paste the following code:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "POST",
            "GET",
            "PUT",
            "HEAD"
        ],
        "AllowedOrigins": [
            "https://example.com",
            "https://cdn.example.com"
        ],
        "ExposeHeaders": []
    }
]

Like this

Make sure you change example.com with your domain name. For example,

https://example.com change to https://my-website.com
https://cdn.example.com change to https://cdn.my-website.com

Once you made the changes, click on Save changes button.

Step 4: To create a CloudFront web distribution

  1. Sign in to the AWS Management Console and open the CloudFront console at https://console.aws.amazon.com/cloudfront/.
  2. Choose Create Distribution.
  3. In the Web section, choose Get Started.
  4. Select the created S3 bucket in Origin Domain Name.
  5. Select “Yes” against “Restrict Bucket Access”. Also we will be creating a new “Origin Access Identity”. You can use an existing Origin Access Identity if you already created one (it can be created under Security in the left panel of CloudFront Distribution home page). You need to grant read permission on the S3 bucket to this distribution so we will select “Yes, Update Bucket Policy” to auto update the permissions on the bucket.

6. Select Redirect HTTP to HTTPS for Viewer Protocol Policy and GET, HEAD, OPTIONS for Allowed HTTP Methods in Default Cache Behavior Settings.

7. Select Yes against Restrict Viewer Access and choose Trusted Signer for Trusted Key Groups or Trusted Signer.

8. Leave rest of the settings to their default values and hit Create Distribution.

9. Now go to the list of distribution by clicking on Distribution option at the left side.

10. You distribution status must be showing In Progress, wait untill status become Deployed from In Progress and state is Enabled. It will take around 10 to 15 minutes but sometime it could take 12 hours.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *