Content encryption and DRM in AWS Elemental MediaPackage
Protect your content from unauthorized use through content encryption and digital rights management (DRM). AWS Elemental MediaPackage uses the AWS Secure Packager and Encoder Key Exchange (SPEKE) API
Limitations and requirements
When implementing content encryption for AWS Elemental MediaPackage, refer to the following limitations and requirements:
-
Use the AWS Secure Packager and Encoder Key Exchange (SPEKE) API to facilitate integration with a digital rights management (DRM) provider. For information about SPEKE, see What is Secure Packager and Encoder Key Exchange?
-
Your DRM provider must support SPEKE. For a list of DRM providers that support SPEKE, see the Get on board with a DRM platform provider topic in the MediaPackage User Guide. Your DRM solution provider can help you set up DRM encryption use in MediaPackage.
-
Use MediaPackage to encrypt live and video on demand (VOD) content. Assets that must be delivered through the MediaPackage VOD service must be harvested from an unencrypted HLS live endpoint. You can harvest live-to-VOD assets from HLS and DASH endpoints that are protected by DRM or encryption. However, the MediaPackage VOD service can't ingest these assets because they're encrypted (not clear) content. For more information about this kind of workflow, see Creating live-to-VOD assets with AWS Elemental MediaPackage.
The following sections provide guidance on how to choose and implement content encryption using SPEKE for MediaPackage.