Comments (7)
Hi @ek9852
Please refer to Controlling Access to Kinesis Video Streams Resources Using AWS IoT for provisioning details. Thanks
from amazon-kinesis-video-streams-webrtc-sdk-c.
Hi @ek9852
Please refer to Controlling Access to Kinesis Video Streams Resources Using AWS IoT for provisioning details.
You may want to allow authorizations for the signaling apis as well.
e.g.
{
"Effect": "Allow",
"Action": [
"kinesisvideo:CreateSignalingChannel",
"kinesisvideo:DescribeSignalingChannel",
"kinesisvideo:DeleteSignalingChannel",
"kinesisvideo:GetSignalingChannelEndpoint"
],
"Resource": "arn:aws:kinesisvideo:*:*:channel/*"
}
Thanks
from amazon-kinesis-video-streams-webrtc-sdk-c.
Thanks, BTW how about the TURN server, do I need to set it up or config myself, or it is transparent to KVS webrtc sdk user.
from amazon-kinesis-video-streams-webrtc-sdk-c.
@ek9852 It should be transparent to the KVS WebRTC SDK User!
We provide an API signalingClientGetIceConfigInfo
where you pull your ICE Servers from and copy them into your RtcConfig, you can see it happening here
from amazon-kinesis-video-streams-webrtc-sdk-c.
@Sean-Der
How can I specify the policy to use thingsname arm ?
"Resource": "arn:aws:kinesisvideo:::channel/" =>
"Resource": "arn:aws:kinesisvideo:::channel/${credentials-iot:ThingName}/" ??
And how can I specify that in the KVS webrtc API ?
from amazon-kinesis-video-streams-webrtc-sdk-c.
Hi @ek9852 ,
Yes, you can specify
"Resource": "arn:aws:kinesisvideo:*:*:channel/\${credentials-iot:ThingName}/*"
And then use it in the iot credentials provider:
https://github.com/awslabs/amazon-kinesis-video-streams-producer-sdk-cpp/blob/0888c666efbe7f20891a86c9e64a677f73e33b17/kinesis-video-c-producer/src/include/com/amazonaws/kinesis/video/common/Include.h#L530-L543
A sample policy would looks like
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"kinesisvideo:DescribeSignalingChannel",
"kinesisvideo:CreateSignalingChannel",
"kinesisvideo:GetSignalingChannelEndpoint",
"kinesisvideo:GetIceServerConfig",
"kinesisvideo:ConnectAsMaster",
"kinesisvideo:ConnectAsViewer"
],
"Resource":"arn:aws:kinesisvideo:*:*:channel/\${credentials-iot:ThingName}/*"
}
]
}
You can use aws iot describe-endpoint --endpoint-type iot:CredentialProvider --output text
to get the iot credentials endpoint and curl 'https://www.amazontrust.com/repository/SFSRootCAG2.pem' --output cacert.pem
to get CA cert.
Then replace the credentials provider here with iot credentials provider like https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-c/blob/master/samples/Common.c#L486-L490
createLwsIotCredentialProvider(
"cor13xxxxx168.credentials.iot.us-west-2.amazonaws.com", // iot credentials endpoint
"/Users/username/Downloads/iot-signaling/certificate.pem", // path to iot certificate
"/Users/username/Downloads/iot-signaling/private.pem.key", // path to iot private key
"/Users/username/Downloads/iot-signaling/cacert.pem", // path to CA cert
"KinesisVideoSignalingCameraIoTRoleAlias", // iot role alias
channelName, // iot thing name
&pSampleConfiguration->pCredentialProvider));
from amazon-kinesis-video-streams-webrtc-sdk-c.
@zhiyua-git When you get a chance would you mind updating the documentation (or maybe having a sample) that does this?
I am not familiar with the IoT stuff at all, but this could be really helpful in the future.
thanks!
from amazon-kinesis-video-streams-webrtc-sdk-c.
Related Issues (20)
- [Bug]: [2024/05/23 15:19:40:0909] W: [wsicli|5a|WS/h1/default/m-579da5db.kinesisvideo.ap-southeast-]: lws_client_ws_upgrade: got bad HTTP response '403' 2024-05-23 15:19:40.091 VERBOSE lwsWssCallbackRoutine(): WSS callback with reason 1 2024-05-23 15:19:40.091 WARN lwsWssCallbackRoutine(): Client connection failed. Connection error string: HS: ws upgrade response not 101 HOT 9
- softphone signaling server HOT 4
- [Bug]: how to ensure the functon "wakeLwsServiceEventLoop " thread safety,because of "lws_callback_on_writable" is not thread-safe HOT 1
- [Bug]: how to ensure the functon "wakeLwsServiceEventLoop " thread safety,because of "lws_callback_on_writable" is not thread-safe
- [Bug]: decryptSrtcpPacket(): Decrypting rtcp packet failed with error code 9 on srtp session HOT 4
- [Bug]: TURN_STATE_GET_CREDENTIALS fails after update from 1.7.2. to 1.10.2 of the SDK HOT 17
- [Bug]: Windows build fails at openssl HOT 1
- [Bug]: Seemingly SessionDescription creation bug HOT 2
- [Feature request]: Reduce the time it takes to connect to live view. HOT 1
- [Bug]: Close peer connection:ERROR fromCheckConnectionIceAgentState(): operation returned status code: 0x5a00000d HOT 4
- [Bug]: Call serializeSessionDescriptionInit and return STATUS_BUFFER_TOO_SMALL HOT 2
- [Bug]: 1.10.2, kvsWebrtcClientMasterGstSample continually increases CPU usage HOT 7
- [Bug]: Wrong SDP answer when the codec doesn't match with viewer HOT 5
- 【Question】Why H265 payloadType changed by DEFAULT_PAYLOAD_H265? HOT 1
- [Bug]: unable to stream H265 webrtc on test page HOT 3
- [Bug]: testing
- [Bug]: v1.10.x TURN Connection Issue
- [QUESTION] Is there a timeline for updating openssl to 3.x? HOT 1
- kvsWebrtcClientViewer: sampleVideoFrameHandler and sampleAudioFrameHandler are not printing logs HOT 1
- How to control bitrate in AWS Kinesis? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amazon-kinesis-video-streams-webrtc-sdk-c.