AWS for M&E Blog

Live streaming from specialized live cameras and drones using RTMP to Amazon IVS

Introduction

RTMP stands for Real-Time Messaging Protocol. It’s a live video streaming technology that lets you transfer data over the internet and is a widely used protocol for streaming video.

Customers may want to create interactive experiences with video originating from specialized live cameras or drones that do not support RTMP streaming. A workaround is needed in this use case to implement a secure method of streaming RTMP. However, a workaround potentially adds complexity and costs to a streaming workflow when using Amazon Interactive Video Service (Amazon IVS).

To facilitate these types of workflows, Amazon IVS recently launched a feature called “Insecure video ingest”. This feature allows users to stream RTMP video directly to Amazon IVS in addition to the default ingest of video through RTMPS.

In this blog post, we discuss why RTMPS is preferred over RTMP and other ways to secure access to streaming content. We also demonstrate how to enable this form of RTMP ingest protocol into Amazon IVS using the AWS Console.

Why RTMPS is preferred over RTMP

RTMPS is a variation of RTMP that uses extra security encryption to ensure that an unauthorized entity does not intercept the stream. The extra layer of security in RTMPS can be either TLS or SSL encryption.

RTMPS can often be used interchangeably with RTMP, as long as your broadcasting tools support it. It is beneficial for broadcasting on a public network, which is why this protocol is popular for streaming from mobile devices.

Other ways to secure access to streaming content

RTMPS is a great starting point for protected streaming, but many broadcasters value layering up security measures on top of RTMPS ingest.

Some of the other security measures for protected streaming include:

  • Double-factor authentication
  • Tokenized security
  • Geographic / IP / domain restrictions
  • AES encryption (AES Encryption is currently not supported by Amazon IVS. If needed, this feature is available with AWS Elemental MediaPackage.

Security measures do not only limit access to your live streams from specific viewers, they are also crucial for keeping your online video platforms, and viewers’ information, safe.

It is therefore important to layer RTMPS with other security measures to secure your content.

RTMP in Amazon IVS

Despite availability of this new feature in Amazon IVS, we strongly recommend that whenever possible, customers leverage RTMPS (RTMP over TLS/SSL) to provide needed protection and security to video streams when contributing video into Amazon IVS ingest endpoint.

RTMP in Amazon IVS Diagram

Enabling RTMP ingest in Amazon IVS

To enable this feature, when creating an Amazon IVS Channel through the console:

  1. Select Custom configuration
  2. Toggle the button to enable RTMP ingest under Insecure ingest
  3. Acknowledge the insecure ingest warning and click Enable insecure ingest
  4. Click Create channel

The following image depicts the creation of a channel with RTMP ingest.

Amazon IVS Console, channel setup

Figure 1 – Amazon IVS Console, channel setup

To enable this feature, when creating an Amazon IVS Channel through the API:
Use the new insecureIngest field in CreateChannel or UpdateChannel requests.

For further details, please see the Amazon IVS API Reference https://docs.aws.amazon.com/ivs/latest/APIReference/Welcome.html

Once you have created your Amazon IVS channel with RTMP ingest capability, the channel will still allow you to ingest RTMPS or RTMP as shown in the following image.

Amazon IVS Console, ingest endpoints

Figure 2 – Amazon IVS Console, ingest endpoints

Drone footage streamed through IVS

Figure 3 – Drone footage streamed through IVS

Delete your Amazon IVS Channel

When your application is finished streaming to Amazon IVS, delete any channels you created during testing to avoid unwanted charges.

Conclusion

In this blog post, we discussed how to enable RTMP ingest to allow streaming devices like commercial drones that are not capable or streaming RTMPS to do so.

We explained how layered security is important and why it should be used to protect online video platforms.

If you want to learn more about how to apply layered security measures using Amazon CloudFront for your video application front-end (player and website application), please visit the following resources:

Amazon CloudFront Signed Cookie Authentication
Restricting the geographic distribution of your content with CloudFront
CloudFront Workshop

Nuno Quental

Nuno Quental

Nuno Quental is a Senior Solutions Architect for AWS Elemental.