https://serverless-stack.com/ logo
Join Slack
Powered by
more of a general CloudFormation/CDK thing: CloudF...
# help
s
more of a general CloudFormation/CDK thing: CloudFront key pairs can’t be generated automatically, right? seems like you have to generate the RSA private/public keys manually and then add them to the root account.
f
s
hmm, yeah. so the private key is added once as the root account, then the public key can just go into the SST repo
got it. so for multiple dev AWS accounts, each dev would have to set up their CloudFront private key first
a
there’s another way which doesn’t involve using the root account.
you don’t need to add the private key into AWS, you’ll only add the public keys and then create a trusted key group which contains all public keys. You will use the private key to create signed urls, CloudFront will use the public key to validate them.
s
@Ashishkumar Pandey hmm. this will work somehow with CloudFront signed cookies?
I can’t see how, since CloudFront needs to generate the signature using a private key
a
s
oh wow. Ashishkumar to the rescue again today! 😄 I had no clue this existed. and it looks like trusted key groups are now the recommended approach. thanks!
a
The second link says how you can generate signed cookies using trusted key groups.
Well, I’m building an OTT platform on AWS, if I don’t understand the media related services who will. 😅😂
No worries, my pleasure. 🙏
s
ooh cool, media stuff eh? our service is pretty media heavy too, but not w/ livestreaming or broadcast. just allowing users to upload audio & video, then serving that up to their clients.
we’re using MediaConvert for video (transcoding to HLS video segments) and using ffprobe on a Lambda function to handle audio transcoding
a
you might want to keep an eye out on the bills, you should look at cloudflare stream as well as Akamai CDN. It’ll be drastically cheaper.
s
bills are ok to this point (we’ve been running for 4 years with a few thousand users). we don’t have video yet..that’s being built now. but serving up audio hasn’t been a big deal. we are a paid service so all of our bandwidth costs (our highest cost) are well covered
is there some easy way to use Cloudflare or Akamai with AWS? we’re paying roughly $0.09/GB for outgoing bandwidth
a
okay, my workflow is pretty standard, upload to s3, trigger lambda by s3 notification, get data about uploaded files, add to sqs, lambda processes sqs queue and adds files to transcode, subscribe to transcode completion notifications and then add data to mongodb. It’s almost automatic except when the source files are created using weird codecs and tools.
Cloudflare has it’s own http api, it’s easy to use. Akamai has it’s sdk and you can access their s3 equivalent using ssh, ftp, rsync, etc.
s
nice. ours is similar. audio gets uploaded to S3, audio file is created in DB, then the front end calls Lambda directly to start a Step Function which processes the audio file (copies the original, transcodes to Mp3, extracts metadata, etc), then updates the DB with transcode:complete.
a
check their pricing here - https://www.cloudflare.com/products/cloudflare-stream/. It’s hilarious.
s
oh I see, so your video files never get uploaded to AWS.. they’re right on Cloudflare, so you’re not paying AWS fees to move data out to an external resource
a
okay, yep, looks good, I have plans to incorporate using step functions to perform split transcoding. It’s a lot of work and ffmpeg wizrdry so I’m just avoiding it for the time being. 😅
you don’t pay for the storage and the transcode as well. The only downside is you can’t control the quality and other config for the same.
Open in Slack
PreviousNext
Powered by