By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Failed to retrieve MediaPackage credentials for channel ID

0

I cant seem to get MediaLive to Connect to MediaPackage.

I start off with a:

Failed to retrieve MediaPackage credentials for channel ID fullstack-3

MPEGTS muxer for mediaID [1] unable to open output or stream [mediapackage://fullstack-3/channel_output_720p60.m3u8].

MPEGTS muxer for mediaID [1] unable to close output or stream.

and the list goes on for a while repeating.

I am using the default "MediaLiveAccessRole" which had the update button once, and I clicked it, but it didn't fix anything. My guess is that the policy needs to be updated, but it doesn't say anywhere what that policy should be.

Only info I can find is:
https://docs.aws.amazon.com/medialive/latest/ug/role-and-remember-arn.html

The policy I have is:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "mediastore:ListContainers",
                "mediastore:PutObject",
                "mediastore:GetObject",
                "mediastore:DeleteObject",
                "mediastore:DescribeObject"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
                "logs:DescribeLogStreams",
                "logs:DescribeLogGroups"
            ],
            "Resource": "arn:aws:logs:*:*:*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "mediaconnect:ManagedDescribeFlow",
                "mediaconnect:ManagedAddOutput",
                "mediaconnect:ManagedRemoveOutput"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ec2:describeSubnets",
                "ec2:describeNetworkInterfaces",
                "ec2:createNetworkInterface",
                "ec2:createNetworkInterfacePermission",
                "ec2:deleteNetworkInterface",
                "ec2:deleteNetworkInterfacePermission",
                "ec2:describeSecurityGroups"
            ],
            "Resource": "*"
        }
    ]
}

and an ssm policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ssm:GetParameters",
                "ssm:GetParameter"
            ],
            "Resource": "arn:aws:ssm:*:*:parameter/medialive/*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "ssm:DescribeParameters",
            "Resource": "*"
        }
    ]
}

I dont have direct access to edit the policy, but I can request it. I assume I just need to add a section on mediapackage or something.

Topics
Media Services
Tags
AWS Elemental MediaLive
Language
English
rbalhorn
asked 5 years ago605 views
2 Answers
0

Hi rbalhorn,

You are correct, the following needs to be added to the MediaLiveCustomPolicy:

        {
            "Effect": "Allow",
            "Action": [
                "mediapackage:DescribeChannel"
            ],
            "Resource": "*"
        },

I've reported the issue with the "update" button on the console to the engineering team.

Thanks,
Steve

AWS
Steve_W
answered 5 years ago
0

That did the trick. Thanks!

rbalhorn
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content