Class SpekeDrmProvider

SpekeDrmProvider

Inheritance
System.Object
SpekeDrmProvider
Inherited Members
System.Object.ToString()
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
Namespace: Bitmovin.Api.Sdk.Models
Assembly: Bitmovin.Api.Sdk.dll
Syntax
public class SpekeDrmProvider

Properties

ExternalId

External ID used together with the IAM role identified by roleArn to assume access to the SPEKE server on AWS.

Declaration
public string ExternalId { get; set; }
Property Value
Type Description
System.String

ExternalIdMode

ExternalIdMode

Declaration
public ExternalIdMode? ExternalIdMode { get; set; }
Property Value
Type Description
System.Nullable<ExternalIdMode>

GatewayRegion

Describes the region of the AWS API Gateway that is used to access the SPEKE server. This property is mandatory when setting 'roleArn' and has to indicate in which region the AWS API Gateway is setup. This usually corresponds to the {{region}} one sets in the execute-api policy for the role as described in 'roleArn'.

Declaration
public string GatewayRegion { get; set; }
Property Value
Type Description
System.String

Password

Your password for Basic Authentication

Declaration
public string Password { get; set; }
Property Value
Type Description
System.String

RoleArn

AWS role that will be assumed for the key exchange in case the provider runs on AWS. During the key exchange the role will be assumed to be able to access the key provider. This role is to be created in the customer's account and must be granted access to the API Gateway of the SPEKE server. For Bitmovin to be able to assume this role, the following has to be added to the trust policy of the role: { \&quot;Effect\&quot;: \&quot;Allow\&quot;, \&quot;Principal\&quot;: { \&quot;AWS\&quot;: \&quot;arn:aws:iam::630681592166:user/bitmovinCustomerSpekeAccess\&quot; }, \&quot;Action\&quot;: \&quot;sts:AssumeRole\&quot;, \&quot;Condition\&quot;: { \&quot;StringEquals\&quot;: { \&quot;sts:ExternalId\&quot;: \&quot;{{externalId}}\&quot; } } } It is recommended to also set the {{externalId}} due to security reasons but it can also be ommitted. Additionally the role needs a policy similar to the following to be able to invoke the API gateway: { \&quot;Version\&quot;: \&quot;2012-10-17\&quot;, \&quot;Statement\&quot;: [ { \&quot;Effect\&quot;: \&quot;Allow\&quot;, \&quot;Action\&quot;: [ \&quot;execute-api:Invoke\&quot; ], \&quot;Resource\&quot;: [ \&quot;arn:aws:execute-api:{{region}}:*:*_/_*_/POST/_*\&quot; ] } ] } where {{region}} is the region of the API gateway (for example us-west-2), the same has to be set in the property 'gatewayRegion'. It's also possible to set {{region} to * to give the role access to all regions.

Declaration
public string RoleArn { get; set; }
Property Value
Type Description
System.String

Url

URL of the endpoint (required)

Declaration
public string Url { get; set; }
Property Value
Type Description
System.String

Username

Your username for Basic Authentication

Declaration
public string Username { get; set; }
Property Value
Type Description
System.String