Skip to content
Alchemy
GitHubXDiscord

OriginEndpointPolicy

The OriginEndpointPolicy resource allows you to manage AWS MediaPackageV2 OriginEndpointPolicys which define access control and routing rules for your media content delivery. This resource is crucial for ensuring secure and efficient streaming of media content.

Minimal Example

Section titled “Minimal Example”

Create a basic OriginEndpointPolicy with essential properties:

import AWS from "alchemy/aws/control";


const basicPolicy = await AWS.MediaPackageV2.OriginEndpointPolicy("basicPolicy", {
  Policy: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: "*",
        Action: "mediapackage:DescribeOriginEndpoint",
        Resource: "*"
      }
    ]
  },
  ChannelName: "liveChannel",
  OriginEndpointName: "liveEndpoint",
  ChannelGroupName: "liveChannelGroup"
});

Advanced Configuration

Section titled “Advanced Configuration”

Configure an OriginEndpointPolicy with more detailed access control settings and the option to adopt existing resources:

const advancedPolicy = await AWS.MediaPackageV2.OriginEndpointPolicy("advancedPolicy", {
  Policy: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: {
          AWS: "arn:aws:iam::123456789012:role/MyMediaPackageRole"
        },
        Action: [
          "mediapackage:CreateOriginEndpoint",
          "mediapackage:UpdateOriginEndpoint"
        ],
        Resource: "*"
      }
    ]
  },
  ChannelName: "myLiveChannel",
  OriginEndpointName: "myLiveEndpoint",
  ChannelGroupName: "myChannelGroup",
  adopt: true // Allow adoption of existing resource if present
});

Policy for Restricted Access

Section titled “Policy for Restricted Access”

Define a policy that restricts access to a specific IP range for enhanced security:

const restrictedAccessPolicy = await AWS.MediaPackageV2.OriginEndpointPolicy("restrictedAccessPolicy", {
  Policy: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Deny",
        Principal: "*",
        Action: "mediapackage:*",
        Resource: "*",
        Condition: {
          "IpAddress": {
            "aws:SourceIp": "192.168.1.0/24"
          }
        }
      }
    ]
  },
  ChannelName: "restrictedChannel",
  OriginEndpointName: "restrictedEndpoint",
  ChannelGroupName: "restrictedChannelGroup"
});

Dynamic Policy Update

Section titled “Dynamic Policy Update”

Implement a policy that can be dynamically updated based on the channel state:

const dynamicPolicy = await AWS.MediaPackageV2.OriginEndpointPolicy("dynamicPolicy", {
  Policy: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: "*",
        Action: "mediapackage:GetChannel",
        Resource: "*",
        Condition: {
          "StringEquals": {
            "mediapackage:ChannelState": "ACTIVE"
          }
        }
      }
    ]
  },
  ChannelName: "dynamicChannel",
  OriginEndpointName: "dynamicEndpoint",
  ChannelGroupName: "dynamicChannelGroup"
});