[object Object] Icon

Learn how to create, start, manage and modify Encodings

[object Object] Icon

Learn how to create, start, manage and modify Players

[object Object] Icon

Learn how to create, start, manage and modify Analyticss

Docs Home
User shortcuts for search
Focus by pressing f
Hide results by pressing Esc
Navigate via   keys

Tue Jun 16 2020

What are AWS S3 roled-based Outputs and how do I create them?

S3 role-based Outputs are an alternative way of service to access your AWS S3 bucket to be used as an Input (Encoding) and/or Output (Encoding/Analytics). Instead of providing an Access/Secret key pair, we provide you with an AWS IAM user name, which you can grant specific access rights in your account so it can access your desired S3 bucket.

To do that, you create an IAM role in your AWS account, and attach an IAM policy to it. This policy states which bucket can be accessed by our user, and which permissions are granted to it.

Before you start you need two to know two things:

  • The name of your S3 bucket
  • The ARN of the Bitmovin User: arn:aws:iam::630681592166:role/user/bitmovinCustomerS3Access

1) Create a Role in IAM

Create a new Role in your AWS IAM Management Area (IAM - Identity and Access Management Role). You will be asked for two parameters:

Account ID This field excepts the AWS Account ID of user you are granting access with this role. The ARN (Amazon Resource Name) part 630681592166 represents the expected Account ID.

External ID - While it is optional in AWS, it we still recommend to use one. It can be anything, but setting it to a a randomly generated UUID for better security and uniqueness is a good way to go. More details about this option can be found here.

2) Assign an IAM Policy to your new Role

The pre-defined AmazonS3FullAccess policy is known to be suitable but since it provides unrestricted access to your bucket, you might need to create a custom policy with fine-tuned access rights.aws-role-aws-managed-policies

In order to create your own custom policy that only provides the minimum set of rights that are required, click the Create Policy button. Have a look at our tutorials for

for specific IAM policy examples.

Give us feedback