Pipeline Jobs Error

[samueldv6]

I’m getting an error when trying to encrypt my videos. In pipeline jobs, the status is showing as “Error”. I created a new IAM user and role and assigned an encryption key to this user but I still can’t encrypt my videos with AES 128.

I also added the new role to the encryption setup (Key Administrator and Key User) but it still doesn’t encrypt.

Please help.

[s3bubble]

Hi Samuel,

Taking a look now.

Best Regards

Sam

[s3bubble]

Hi Samuel,

This issue is caused when a bucket policy is added it denys the elastic transcoder access please remove the bucket policy while you encode until we find a solution.

Best Regards

Sam

[samueldv6]

Ok thanks Sam.

[samueldv6]

Hi Sam,

Have you sorted out the bucket policy issue yet?

I want to make sure that this is sorted before I add my video content to my site.

Kind regards,

Samuel.

[s3bubble]

Hi samueldv6,

Apologies I have been going back and forth with Amazon about this and they keep giving me a solution which resolves the pipeline is and starts the job with the policy attached but it then doesn’t secure the link I will chase the up today, here was the code that they said worked but after testing it didn’t work for me , perhaps you could test and let me know if it works for you.

{
	"Version": "2008-10-17",
	"Id": "S3BubbleSecurity",
	"Statement": [{
		"Sid": "S3BubbleAllow",
		"Effect": "Allow",
		"Principal": "*",
		"Action": "s3:GetObject",
		"Resource": "arn:aws:s3:::<bucketname>/*",
		"Condition": {
			"StringLike": {
				"aws:Referer": [
					"https://s3bubble.com/*",
					"https://media.s3bubble.com/*"
				]
			}
		}
	}, {
		"Sid": "S3BubbleDeny",
		"Effect": "Deny",
		"Principal": "*",
		"Action": "s3:GetObject",
		"Resource": "arn:aws:s3:::<bucketname>/*",
		"Condition": {
			"ForAnyValue:StringNotLike": {
				"aws:userid": [
					"arn:aws:iam::<!-- role arn -->:role/S3Bubble_Elastic_Transcoder_Default_Role"
				],
				"aws:referer": [
					"https://s3bubble.com/*",
					"https://media.s3bubble.com/*"
				]
			}
		}
	}]
}

Best Regards

Sam

[samueldv6]

Hi Sam,

I’ve tested that bucket policy and it doesn’t work.

I was able to download my video using the method discussed previously.

[samueldv6]

Hi Sam,

Did you manage to get this sorted?

[s3bubble]

Hi samueldv6,

Yes this is resolved but I will need to do a video to explain the process but if you want to test you can do the following.

1. Create a new bucket do not set any hls options.
2. Upload a mp4 or mov to the bucket click start encryption.

we will now initially check for a pipeline added to this bucket you won’t have one so we will show some options to create one.

(if you want to setup encryption simply create a key here https://console.aws.amazon.com/iam/home#/encryptionKeys/ in the correct region and revisit the page your key will then show in the dropdown list)

Leave the transcode set to the S3Bubble default
And leave I won’t be using Cloudfront to serve my media

Create pipeline, then your encoder settings will pop up select your encryption settings and the start your job.

This will now setup everything correctly for you everything will be fully locked down.

I will try and get a new video up shortly.

Best Regards

Sam

• This reply was modified 7 years, 2 months ago by s3bubble.

[samueldv6]

Hi Sam.

Thanks for the fix.

I’d prefer it if you made a walkthrough video for this.

Regards,

Samuel.

[s3bubble]

Hi samueldv6

Here you go full video tutorial 😉

Best Regards

Sam

[Author]

Posts