AWS::MediaConnect::FlowVpcInterface
The AWS::MediaConnect::FlowVpcInterface resource is a connection between your AWS Elemental MediaConnect flow and a virtual private cloud (VPC) that you created using the Amazon Virtual Private Cloud service.
To avoid streaming your content over the public internet, you can add up to two VPC interfaces to your flow and use those connections to transfer content between your VPC and MediaConnect.
You can update an existing flow to add a VPC interface. If you haven’t created the flow yet, you must create the flow with a temporary standard source by doing the following:
-
Use CloudFormation to create a flow with a standard source that uses to the flow’s public IP address.
-
Use CloudFormation to create a VPC interface to add to this flow. This can also be done as part of the previous step.
-
After CloudFormation has created the flow and the VPC interface, update the source to point to the VPC interface that you created.
Note
The previous steps must be undone before the CloudFormation stack can be deleted. Because the source is manually updated in step 3, CloudFormation is not aware of this change. The source must be returned to a standard source before CloudFormation stack deletion.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::MediaConnect::FlowVpcInterface", "Properties" : { "FlowArn" :String, "Name" :String, "RoleArn" :String, "SecurityGroupIds" :[ String, ... ], "SubnetId" :String} }
YAML
Type: AWS::MediaConnect::FlowVpcInterface Properties: FlowArn:StringName:StringRoleArn:StringSecurityGroupIds:- StringSubnetId:String
Properties
FlowArn-
The Amazon Resource Name (ARN) of the flow.
Required: Yes
Type: String
Update requires: Replacement
Name-
The name of the VPC Interface. This value must be unique within the current flow.
Required: Yes
Type: String
Update requires: Replacement
RoleArn-
The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.
Required: Yes
Type: String
Update requires: No interruption
SecurityGroupIds-
The VPC security groups that you want MediaConnect to use for your VPC configuration. You must include at least one security group in the request.
Required: Yes
Type: Array of String
Update requires: No interruption
SubnetId-
The subnet IDs that you want to use for your VPC interface.
A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block.
The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.
Required: Yes
Type: String
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the flow ARN and the name of the VPC interface. For
example:
{ "Ref":
"arn:aws:mediaconnect:us-east-1:111122223333:flow:1-23aBC45dEF67hiJ8-12AbC34DE5fG:BasketballGame|MyVPCInterface"
}
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
NetworkInterfaceIds-
The IDs of the network interfaces that MediaConnect created in your account.
