Skip to content

Infra Deployment

In this section, we will walk through the steps to set up and deploy YourCloud in your AWS cloud account.

Before we begin, ensure the following prerequisites are met:

  1. Your AWS account has been whitelisted by Indee.

    This is required to access Indee's container images and Lambda code.

  2. The target region for deployment is supported by Indee.

    At present, we support us-east-1, us-west-1, and ap-southeast-1.

    Additional regions can be supported upon request.

  3. You have received the latest CloudFormation templates from Indee.

  4. AWS CLI is installed and configured with administrator permissions for the designated AWS account.

Finally, we recommend reviewing the infra components section to gain a better understanding.

Processing Stack

Requirements

  1. An existing S3 bucket (We recommend hosting the bucket closer to your user base.) with the following bucket policy applied is required: 

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "*",
            "Resource": "arn:aws:s3:::<bucket-name>/*",
            "Condition": {
                "StringEquals": {
                    "s3:DataAccessPointAccount": "<account-id>"
                }
            }
        }
    ]
}
    Make sure to replace the <bucket-name> and <account-id> placeholder with appropriate values. Checkout this link to know why this permission is recommended by AWS.

  2. Create a CloudWatch log group named mediaprocessor/logs in the region where you intend to host the processing stack.

    Do not modify the name of the log group name.

    aws --region <region-name> logs create-log-group --log-group-name mediaprocessor/logs
    Make sure to replace the <region-name> with your desired target region.

Steps

  1. With the requirements in place, head to the CloudFormation console in your desired region.

    Keeping the processing stack and S3 bucket in the same region helps avoid S3 data transfer charges. Otherwise, charges will apply as outlined in the AWS pricing table.

  2. Choose the option to create a new stack using the processing.yaml template as shown below:

    Stack Creation

  3. Fill in the stack details, ensuring the stack name is unique for the region. Review the parameter descriptions carefully before continuing.

    Stack Details
    Make sure to enter the name of the S3 bucket you created in the requirements section.

    The ApiKey you provide here will be used to secure the API endpoints. You will need to include it as the x-api-key header when interacting with the processing stack APIs.

    The provided ApiKey cannot be reused multiple times within the same region, and it must be at least 20 characters long.

  4. You may optionally add custom tags. At the end, acknowledge the additional capabilities required by CloudFormation.

    Stack Capabilities

  5. Check the configurations and submit your request.

  6. Wait for the stack creation to finish. Once done, review the stack's outputs section.

    Stack Outputs
    Make a note of the SubmitJobEndpoint for future reference.

Streaming Global Stack

Requirements

  1. Create a secret named streaming/keys in AWS Secrets Manager in the us-east-1 region, with replication to 12 regions that serve as CloudFront regional caches:

    SECRET_ID=$(aws --region us-east-1 secretsmanager create-secret --name 'streaming/keys' --secret-string '{"enc_key_primary":"xxx","enc_key_secondary":"xxx","signing_key_primary":"yyy","signing_key_secondary":"yyy"}' --query 'ARN' --output text) && aws --region us-east-1 secretsmanager replicate-secret-to-regions --secret-id $SECRET_ID --add-replica-regions Region=ap-northeast-1 Region=ap-northeast-2 Region=ap-south-1 Region=ap-southeast-1 Region=ap-southeast-2 Region=eu-central-1 Region=eu-west-1 Region=eu-west-2 Region=sa-east-1 Region=us-east-2 Region=us-west-1 Region=us-west-2
    Ensure that you replace xxx and yyy with a strong secret value.

    Do not modify the name of the secret. Your account should not contain any other secrets with the prefix streaming/keys.

Steps

  1. With the requirements in place, head to the CloudFormation console in us-east-1 region.

    The Streaming Global stack must be deployed in us-east-1.

  2. Choose the option to create a new stack using the streaming-global.yaml template.

  3. Fill in the stack details.

  4. You may optionally add custom tags. At the end, acknowledge the additional capabilities required by CloudFormation.

  5. Check the configurations and submit your request.

  6. Wait for the stack creation to finish. Once done, review the stack's outputs section.

    Stack Outputs
    Please take note of these outputs, as we will be feeding them into the regional stack.

Streaming Regional Stack

Steps

  1. Go to the CloudFormation console in the region where your S3 bucket is hosted.

    The Streaming Regional stack must be deployed in the same region as your S3 bucket.

  2. Choose the option to create a new stack using the streaming-regional.yaml template.

  3. Fill in the stack details.

    Stack Details
    Make sure to enter the name of the S3 bucket you created in the requirements section.

  4. You may optionally add custom tags. At the end, acknowledge the additional capabilities required by CloudFormation.

  5. Check the configurations and submit your request.

  6. Wait for the stack creation to finish. Once done, review the stack's outputs section.

    Stack Outputs
    Make sure to note these outputs for the manifest call.