AWS Elastic transcoder, HLS Content Protection, No Store, how to get the data key

362 views Asked by At

I'm using AWS Lambda to create an elastic transcoder job with HLS content protection.

Following the doc here: http://docs.aws.amazon.com/elastictranscoder/latest/developerguide/content-protection.html At the end it says: "Note If you choose No Store, Elastic Transcoder returns your data key as part of the job object, but does not store it. You are responsible for storing the data key."

But I don't see a way to get the data key once the job is finished. In my AWS Lambda source code I have (javascript):

elastictranscoder.createJob(params, function(err, data) {
    if (err) {
        console.log('Error!', JSON.stringify(err, null, 2));
        context.fail();
    } else {
        console.log('Success! Data: ', JSON.stringify(data, null, 2));
        context.succeed();
    }
});

The job completes successfully but I don't see a data key in the data object (when looking at the logs). My idea was to obtain it and add some code that stores the data key somewhere.

Thanks for any help!

1

There are 1 answers

0
Md Alamin On

As per documentation,

Specify "No Store" if you will provide the keys, or you will determine the keys by reading the job or the job completion notification. This option requires you to provide a License Acquisition URL, and make the key available there for use by the video player. This is the more common case for production systems.

That means When the job is created, then we will find the DataKey(key) in the success response. Here is the response Object. You can find the data key in Job.Outputs.Encryption.Key or

you can take the data key from AWS ElasticTranscoder Job details, just hover in Outputs section-> output key(lock icon), (encryption key is the data key) || or Playlists -> hover on master playlist

If you want to restrict or prevent the video from unauthorised users, you must implement authentication system on the License Acquisition URL, so that video player need to attach the data in order to be authenticated.

Here is screenshot