How to Configure Private Content for CloudFront Streaming with CloudBerry S3 Explorer

The CloudFront team recently introduced a set of features that would allow you to secure content streamed through Amazon CloudFront. Private content features for streaming distributions give customers more control over who can and who cannot view content streamed with the service.

New release of CloudBerry Explorer fully supports configuring private content for streaming distributions and this article will demonstrate how.

To enable Private Content select a bucket and click the Streaming button on the toolbar on in the context menu. Make sure a streaming distribution is created already and go to the Private Content tab. Check out our previous blog post on how to create the streaming distribution.

Click Enable Private Content Distribution checkbox and make sure you click "Add myself as a trusted signer" checkbox. Click Ok.

The Private Content feature for streaming distribution works in a similar way as the private content feature for regular HTTP distributions and we recommend that you check our previous blog post on Private Content for more details and definitions for Origin Access Identity and Trusted Signers.

image001

Now we have to create a Policy to specify who will get access to the resources. Go to Tools | Policies in the program menu and click Add. For the sake of simplicity, we will create a Canned Policy. Please refer here on creating a Custom Policy. Canned Policy will allow you to create time-limited URLs similar to the ones you can create for Amazon S3 using Query String Authentication.

image003

Check out here on how to obtain the Private Key file and Key pair ID. Basically, you have to go to the AWS portal and log-in to your account. Then go to the Security Credentials section and scroll down to Access Credentials. Click to Key Pairs tab and Create a New Key Pair if you don’t have it yet. The interface will prompt you to save the key file on your local computer.

image005

Now as you enabled Private Content for a Streaming Distribution and created a Policy you are ready to create URLs for the files stored on your distribution. Select the file you want to create a URL for and click Web URL button on the toolbar. Choose RTMP option at the top to create a URL. Select the date when you want URL to expire and choose the Policy that you created in the drop-down list. Click the Generate button. The URL will be created and you can use it in your favorite video players such as JW Player or Flow Player.

image007

You can also generate an HTML for JW Player by selecting an HTML option at the top of the window. All you will have to do is to copy and paste the HTML code to the source of the HTML page.

image009

Note: this post applies to CloudBerry Explorer 1.9.1 and later.