BlogTechnical

Contribution using Open Broadcast Systems and AWS Cloud – Part 1

By 17th February 2020 No Comments

Late last year, AWS Elemental MediaConnect was announced, offering the chance to ingest, transmit and distribute live video content securely and reliably in the AWS cloud. The set-up can be configured in minutes and removed after a live event ends, so unlike private fibre connectivity there’s no on-going cost to access a link that isn’t in use. To see how useful this would be for us, we set up a feed from the OBE C-100 encoder in the lab in London, out to the AWS cloud, and back to the lab OBD C-100 decoder. Here’s how the setup was done in AWS…

Setting up the AWS account and users

First, set up an AWS account including payment details. Access to most AWS services is only granted once this has been done.

To keep the account details and billing information secure, it is advisable that the AWS account “root” login (i.e. the email/password) isn’t used for day-to-day operations. Instead, create an IAM (Identity and Access Management) user as an Administrator.

Log into the AWS management console and search for “IAM” in the Find Services search field. Go to the IAM console to begin configuring users and groups.

Click “Customize” next to the IAM users sign-in link to set up an account alias. Make a note of the new sign-in link.

To create an Administrators group, go to Groups > Create new group and provide a suitable group name.
Click Next step and include Administrator Access in the permission policies.

To create an admin user, click Users > Add User.
Provide a username and check Access Type: AWS Management Console Access
Specify a password and click Next.
Add the user to the Admin group.

From this point on the admin login(s) should be used instead of the root login. Sign out of AWS, then sign in as an admin user via the sign-in link noted previously.

Further groups and users can be created as required. Custom permissions policies can also be applied to users and groups. Amazon provides some handy templates for doing this. To create a policy for a user managing MediaConnect flows, go to Policies > Create Policy > JSON and paste the following into the field:

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "mediaconnect:*" ], "Effect": "Allow", "Resource": "*" }, { "Action": [ "ec2:DescribeAvailabilityZones" ], "Effect": "Allow", "Resource": "*" }, { "Action": [ "cloudwatch:GetMetricStatistics" ], "Effect": "Allow", "Resource": "*" }, { "Action": [ "iam:PassRole" ], "Effect": "Allow", "Resource": "*" } ] }

Creating a Flow

From the AWS management console, search for MediaConnect in the AWS Services search field and go to the MediaConnect page.

Click Create Flow, then select the desired AWS region and availability zone.

Fill in the flow details, setting the source protocol to Zixi push, then click Create Flow. Note the Ingest IP address for the source. This will be the target IP for the Zixi feeder at the encoder site. If left blank, the Stream ID will be inherited from the flow name.

On the Flow details page, click Outputs then Add Output.

Fill in the details, setting the output protocol to Zixi Pull (remote ID must match the value in the settings page of the target Zixi receiver), then click Add Output and start the flow.

The next post will demonstrate the configuration of the OBE Encoder and OBD Decoder, along with the Zixi feeder and receiver, in order to send a feed to and from the AWS Cloud.

About Kieran Kunhya