AWS for M&E Blog
Part 2: How to optimize video and ad content delivery with AWS Elemental MediaTailor and Amazon CloudFront
This is the step-by-step configuration guide for the ad insertion workflow discussed in Part 1: How to optimize ad delivery with AWS Elemental MediaTailor. The instructions show HLS-based examples, but AWS Elemental MediaTailor—a channel assembly and personalized ad insertion service—supports both HLS- and DASH-based workflows. In this guide you will:
- Create a basic MediaTailor configuration and define:
- Video content source
- Ad decision server (ADS) URL
- Create an Amazon CloudFront, a content delivery network (CDN) service, distribution and define:
- CDN origin and behavior for MediaTailor manifests
- CDN origin and behavior for MediaTailor transcoded ad segments
- CDN origin and behavior for your content origin, live or video on demand (VOD)
- Finalize the MediaTailor configuration to add:
- Content segment prefix with the new Amazon CloudFront distribution domain.
- Ad segment prefix with the new Amazon CloudFront distribution domain
- Play the over-the-top (OTT) stream using the Amazon CloudFront CDN URL for MediaTailor
Prerequisites
- AWS Management Console, which is everything you need to access and manage the Amazon Web Services (AWS) cloud: login credentials to AWS Management Console.
- AWS Identity and Access Management (AWS IAM), which provides fine-grained access control across all of AWS: If your AWS IAM user has the administrator access(AWS managed) policy, you can delegate permissions to every service and resource in AWS, including implementing all the steps in this guide. To create users with minimum required permissions necessary for this step-by-step guide, follow the instructions in the links below:
- AWS IAM setup to manage access to MediaTailor
- AWS IAM setup to manage access to Amazon CloudFront
- OTT content published to a web origin—for example, AWS Elemental MediaPackage, which reliably prepares and protects your video for delivery over the internet—in either HLS or DASH format. SCTE 35 signalingshould be present in the media manifest. SCTE 35 is the signaling standard for compressed video streams and is used extensively in ad insertion workloads. Alternatively for VOD content, your ADS should be set up to return a video multiple ad playlist (VMAP) response when MediaTailor issues a video ad serving template (VAST) request on client playback of VOD.
- A CDN service. Instructions in this post use Amazon CloudFront.
- A terminal to test retrieval of content manifests via public URLs. Instructions in this post use Mac Terminal and cURL commands.
Create MediaTailor configuration
- Log in to the AWS Management Console, and navigate to MediaTailor service using the search bar or by browsing through the AWS services catalog.
- Under ad insertion, click create configuration. On the new configuration page, under required settings, complete the following required fields to deploy the configuration:
- name: vod-ssai (or any other logical name to easily identify its purpose)
- video content source: this is the origin domain name of video content, including protocol (http:// or https://). An example of MediaPackage origin domain is egress.mediapackage-vod.us-west-2.amazonaws.com
- ad decision server: put the ADS URL here, including session and client player parameters. For more information on parameters, please review https://docs.aws.amazon.com/mediatailor/latest/ug/getting-started-ad-insertion.html#getting-started-configure-request and https://docs.aws.amazon.com/mediatailor/latest/ug/variables.html.
If an ADS server is not available, a reference ADS server available at https://github.com/scunning1987/ads_reference_server can be used for testing purposes to complete these step-by-step instructions.
- Click the create configuration button to complete the configuration.
Document the MediaTailor HLS playback prefix domain name for use in the CDN configuration.
Create a CloudFront distribution
- Navigate to the Amazon CloudFront service console using the search bar or by browsing through the AWS services catalog.
- Under distributions, click create distribution.
- In the origin settings, the specified origin domain will become the default route for objects that do not match any other path pattern. The origin domain that serves the ad segments will be added as the default origin for this distribution. Additional origin domains and path patterns for routing client manifests and content segment requests will be added in subsequent steps.
- origin domain: mediatailor.{region}.amazonaws.com where {region} should be replaced by the region that the MediaTailor configuration is deployed in—for example, us-west-2 region.
- protocol: select HTTPS only.
- Leave HTTPS portand SSL protocol to defaults for test setup, but change it based on specific requirements.
- origin path: leave this blank.
- name: MediaTailor-Ad-Segments (or any other logical name to easily identify its purpose)
- enable origin shield: leave it as no.
- additional settings: leave all settings to default values.
- origin domain: mediatailor.{region}.amazonaws.com where {region} should be replaced by the region that the MediaTailor configuration is deployed in—for example, us-west-2 region.
- In the default cache behavior settings, leave all settings to the default values, except for:
- viewer protocol policy: set it to HTTPS only.
- In the function associations settings, leave all settings to default value of no association.
- In the final settings, select the price class option, considering costs and location of users. Select the most cost-efficient price class for testing purposes.
- Click create distribution to complete the basic Amazon CloudFront distribution.
The distribution can take up to 15 minutes to deploy fully, but we can begin adding additional origins and behaviors while the distribution is deploying.
Create origins
- In the Amazon CloudFront service console, select the Amazon CloudFront distribution created in the previous section.
- There are two more origins that need to be created. One is for serving requests for content segments, and the other is for serving requests for personalized client manifest requests from MediaTailor.
- Click the origins tab, and then click create origin to set up the origin for serving content segments:
- origin domain: enter the domain name of the content origin without the protocol—for example, my-company-origin.com or 3ae97e9482b0xxxx.mediapackage.us-west-2.amazonaws.com
- protocol: select the protocol option supported by the content origin. For MediaPackage, select HTTPS only.
- Leave HTTPS port and SSL protocol to defaults for test setup, but change it based on specific requirements.
- origin path: leave this blank, or enter a path that will be added to the root path that Amazon CloudFront will use for requests to the content origin. More information can be found here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath
- name: content-origin (or any other logical name to easily identify its purpose)
- Click create origin to complete adding the new origin to the distribution.
- origin domain: enter the domain name of the content origin without the protocol—for example, my-company-origin.com or 3ae97e9482b0xxxx.mediapackage.us-west-2.amazonaws.com
- Going back to the origins tab, select create origin to add the origin for serving personalized client manifests from MediaTailor:
- origin domain: enter only the domain name portion of the MediaTailor playback prefix that was documented previously on the creation of the MediaTailor configuration. For example, 8cfb050af7894d8d8a136473f0d59xxx.mediatailor.us-west-2.amazonaws.com.
- protocol: select HTTPS only.
- Leave HTTPS port and SSL protocol at default values for the test setup, or change them to meet specific requirements.
- origin path: leave this blank.
- name: MediaTailor-Manifests (or any other logical name to easily identify its purpose)
- Click create origin to complete adding the new origin to the distribution.
- origin domain: enter only the domain name portion of the MediaTailor playback prefix that was documented previously on the creation of the MediaTailor configuration. For example, 8cfb050af7894d8d8a136473f0d59xxx.mediatailor.us-west-2.amazonaws.com.
The Origin list should show three origins similar to the example snapshot below:
Create CDN behaviors (origin routing)
The final steps in setting up the distribution requires configuring the CDN behaviors (also known as path-based routing rules).
- In the Amazon CloudFront service console, select the Amazon CloudFront distribution created in the previous section.
- Click on the behaviors A default behavior is listed that was created with the Amazon CloudFront distribution. This cache behavior will route all requests to the default origin if the requests path doesn’t match path patterns specified in any other behaviors within the distribution. To provide proper routing of all stream requests, two more cache behaviors will be added to this distribution:
- a cache behavior to match the path pattern-of-content segment requests and route them to the content origin.
- a cache behavior to match path pattern-of-personalized manifest requests and route them to the MediaTailor service.
- Click create behavior to set up the path pattern behavior for the content origin. In the settings section, configure the following:
- path pattern: identify the URL path pattern that uniquely identifies requests for content segments. For example, in a MediaPackage origin endpoint URL, the unique path pattern is “/out/” and the respective path pattern would be “/out/*”. For example, https://8343f7014c0exxxx.mediapackage.us-west-2.amazonaws.com/out/v1/e31918b886ec482f830178c53760xxxx/index.m3u8.
- origin and origin groups: select the origin name of the content origin from the drop-down menu.
- compress objects automatically: leave it as yes.
- In the viewer section, configure the following:
- viewer protocol policy: select HTTPS only, if using MediaPackage, or select the best option based on the content origin restrictions.
- Leave all other settings at default values, or change them based on specific requirements.
- In cache key and origin requests, select cache policy and origin request policy and configure the following:
- cache policy: select caching optimized from the drop-down menu to facilitate caching for the most efficient delivery of content segments from the Amazon CloudFront distribution.
- Leave all other settings at default, or change them based on workload-specific requirements.
- In the function associations section, leave all values at default.
- Click create behavior to complete the creation of the behavior.
- Going back to the behaviors tab, click create behavior to create the MediaTailor personalized manifest behavior:
- path pattern: for MediaTailor endpoints, the URL path pattern that uniquely identifies requests for MediaTailor client manifests is “/v1/”. The recommended path pattern for MediaTailor endpoints is “/v1/*”.
- origin and origin groups: select the origin name of the MediaTailor origin from the drop-down menu.
- compress objects automatically: leave it as yes.
- In the viewer section, configure the following:
- viewer protocol policy: select HTTPS only.
- Leave all other settings at default, or change them based on workload-specific requirements.
- In cache key and origin requests, select cache policy and origin request policy, and configure the following:
- cache policy: select caching disabled from the drop-down menu to deactivate caching of manifests. This is to help clients get a unique, personalized manifest from MediaTailor on every request.
- origin request policy: select AllViewerExceptHostHeader to ensure all headers, cookies, and query strings from the viewer playback session are passed on to MediaTailor.
- Leave all other settings at default, or change them based on workload-specific requirements.
- Click create behavior to complete the creation of the behavior.
The behaviors list should show three behaviors similar to the example snapshot below:
NOTE: In this step-by-step guide, no path pattern definition was needed for the MediaTailor ad segment requests because they are routed by the default behavior without needing a pattern match. However, if your CDN setup requires the path pattern definition for routing the ad segments, you can use “/tm/*” as the MediaTailor ad segment URL path pattern. An example URL of an ad segment: https://segments.mediatailor.us-west-2.amazonaws.com/tm/61567c73cxxxxx997f20cf2b6/hq3xxxohjmp/asset_480_2.ts
Navigate to the general tab of the Amazon CloudFront distribution and copy the distribution domain name to your clipboard for finalizing the MediaTailor configuration.
So far the following resources have been created:
- A MediaTailor configuration pointing directly to a content origin and an ADS. The configuration will deliver client manifests pointing to the content origin for content segments and MediaTailor for ad segment URLs.
- An Amazon CloudFront distribution with origins and behaviors to appropriately route the following requests:
- client manifest requests to the MediaTailor endpoint
- content segment requests to the content origin
- ad segment requests to the MediaTailor ad segment origin
Finalize MediaTailor configuration
In the final steps, the MediaTailor configuration will be updated to add the Amazon CloudFront distribution domain to the content segment prefix and ad segment prefix fields. With this update, when serving client media manifests, MediaTailor will replace the domain in the ad segment and content segment URL with the Amazon CloudFront domain. This will help all content and ad segments, along with the personalized client manifests, get served from the Amazon CloudFront distribution. It will also facilitate appropriate routing of the requests based on the behaviors and caching policies.
- Navigate to the MediaTailor service console, and click on the configuration name previously created.
- Click the edit button, and navigate to the advanced settings
- Populate the content segment prefix and ad segment prefix fields with your CDN distribution domain name. An example Amazon CloudFront domain URL: https://d2tfjdy83kvln.cloudfront.net/
- Click save configuration to complete the configuration update.
The setup is now complete and ready for testing.
Constructing the playback URL using the CDN
To test playback, build the content playback URL by combining the following:
```
Playback URL : https:// + [CDN distribution domain name] + [MediaTailor playback prefix path] + [Content path on the origin]
```
- CDN distribution domain name: get the Amazon CloudFront distribution domain from the distribution you created. An example domain: cloudfront.net
- MediaTailor (HLS) playback prefix: get the MediaTailor HLS playback prefix from the MediaTailor configurations. An example URL: https://8cfb050af7894d8d8a136473f0d59xxx.mediatailor.us-west-2.amazonaws.com/v1/master/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/. Copy the part of the prefix beyond the MediaTailor domain as shown for the example URL: /v1/master/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai
- content path on the origin: this is the path without the origin domain. An example content origin URL for MediaPackage: https://f337a469f5f293208fc7568453363xxx.egress.mediapackage-vod.us-west-2.amazonaws.com/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/cc1ea9871c934645a78d4a94c8209204/6350137eb4914046a0b39090654axxxx/index.m3u8. Copy the path beyond the MediaPackage domain: /out/v1/f257d73ceda44a56b5aea674c8c5xxxx/ cc1ea9871c934645a78d4a94c8209204/6350137eb4914046a0b39090654axxxx/index.m3u8
Based on the example above, the final HLS playback URL should be similar to:
https://d2tfjdy83kxxx.cloudfront.net/v1/master/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/ cc1ea9871c934645a78d4a94c8209204/6350137eb4914046a0b39090654axxxx/index.m3u8
An excerpt of the personalized client main manifest is shown below. It was fetched using cURL and the HLS playback URL similar to the one presented above.
```
$ curl -s https://d2tfjdy83kxxx.cloudfront.net/v1/master/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/cc1ea9871c934645a78d4a94c8209204/6350137eb4914046a0b39090654axxxx/index.m3u8
#EXT-X-VERSION:3
#EXT-X-INDEPENDENT-SEGMENTS
#EXT-X-STREAM-INF:CODECS="avc1.4D401F,mp4a.40.5",AVERAGE-BANDWIDTH=511613,RESOLUTION=480x270,FRAME-RATE=14.985,BANDWIDTH=585288
../../../../../../../../manifest/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0.m3u8
#EXT-X-STREAM-INF:CODECS="avc1.4D401F,mp4a.40.5",AVERAGE-BANDWIDTH=731613,RESOLUTION=640x360,FRAME-RATE=29.97,BANDWIDTH=849288
../../../../../../../../manifest/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/1.m3u8
#EXT-X-STREAM-INF:CODECS="avc1.640028,mp4a.40.5",AVERAGE-BANDWIDTH=7256485,RESOLUTION=1280x720,FRAME-RATE=29.97,BANDWIDTH=8665188
../../../../../../../../manifest/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/6.m3u8
#EXT-X-STREAM-INF:CODECS="avc1.640028,mp4a.40.2",AVERAGE-BANDWIDTH=9491711,RESOLUTION=1920x1080,FRAME-RATE=29.97,BANDWIDTH=11333366
../../../../../../../../manifest/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/7.m3u8
```
From the client main manifest response (above), pick a media manifest URL path to fetch the respective media manifest. The media manifest will show the content segments URLs and ad segment redirect URL path when an ad break is present similar to the example shown below.
```
$ curl -s "https://d2tfjdy83kxxx.cloudfront.net/v1/manifest/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0.m3u8"
#EXTM3U
#EXT-X-VERSION:3
#EXT-X-TARGETDURATION:8
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-DISCONTINUITY-SEQUENCE:0
#EXTINF:6.006,
https://d2tfjdy83kxxx.cloudfront.net/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/cc1ea9871c934645a78d4a94c8209204/d8764860d2644db9bbe402794cb94da6/38604cd06e614459aea9757afcadba72/index_1_0.ts
#EXTINF:6.006,
https://d2tfjdy83kxxx.cloudfront.net/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/cc1ea9871c934645a78d4a94c8209204/d8764860d2644db9bbe402794cb94da6/38604cd06e614459aea9757afcadba72/index_1_1.ts
#EXT-X-DISCONTINUITY
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/12
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/13
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/14
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/15
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/16
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/17
#EXTINF:2.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/18
#EXTINF:1.0,
../../../../segment/94063eadf7d8c56e9e2edd84fdf897826a70xxxx/mediatailor-ssai/84ed5c11-58aa-433d-a065-72e685b2xxxx/0/19
#EXT-X-DISCONTINUITY
#EXTINF:6.006,
https://d2tfjdy83kxxx.cloudfront.net/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/cc1ea9871c934645a78d4a94c8209204/d8764860d2644db9bbe402794cb94da6/38604cd06e614459aea9757afcadba72/index_1_2.ts
#EXTINF:6.006,
https://d2tfjdy83kxxx.cloudfront.net/out/v1/f257d73ceda44a56b5aea674c8c5xxxx/cc1ea9871c934645a78d4a94c8209204/d8764860d2644db9bbe402794cb94da6/38604cd06e614459aea9757afcadba72/index_1_3.ts
```
As expected, the content segment URLs have the Amazon CloudFront domain as configured in the content segment prefix. The URL returned for the ad segment on the redirect URL request will also contain the configured Amazon CloudFront domain and can be verified by monitoring traffic on the player. This completes the step-by-step configuration walk-through for MediaTailor and Amazon CloudFront using content segment prefix and ad segment prefix.
https://aws.amazon.com/blogs/media/how-to-configure-advanced-features-in-aws-elemental-mediatailor/