amazon-web-services cors aws-sdk aws-media-convert

AWS Elemental MediaConvert Client SDK not working

Since I have fallen into the AWS trap and not ignoring the info message on the Elastic Transcoder Page saying that, we should start using Elemental MediaConverter instead, pretty much nothing is working as expected.

I have set up the Elemental MediaConvert following these steps. I have to admit that setting up everything in the console was pretty easy and I was soon able to transcode my videos which are stored on my S3 bucket.

Unfortunately, the time had to come when I was forced to do the transcoding from my web application, using the @aws-sdk/client-mediaconvert. Apart from not finding any docs on how to use the SDK, I cannot even successfully connect to the service, since apparently MediaConvert does not support CORS.

So my question is, did anyone use MediaConvert with the SDK successfully? And if yes, could you please tell me what to do?

Here is my configuration so far:

try {
  const client = new MediaConvertClient({
    region: params.region,
    credentials: fromCognitoIdentityPool({
      client: new CognitoIdentityClient({ region: params.region }),
      identityPoolId: params.cognitoPoolId,
    }),
  });

  const data = new CreateJobCommand({
    JobTemplate: "Test Template",
    Role: "Cognito_TestTranscodeUnauth_Role",
    Settings: {
      Inputs: [
        {
          FileInput: "s3://some-bucket/files/video.mp4",
        },
      ],
    },
  });

  return await client.send(data);
} catch (error) {}

I have used the template successfully within the console
The cognito role has all the rights necessary for operating MediaConvert and the S3
The input does exist and works in the console

If I just run the script I get a CORS not allowed error. However, if I disable CORS in my browser, I just get an Access denied error without further explanation. It's really driving me mad!

Any help appreciated!

Solution

So, after almost two entire days of trial and error plus digging into the source code, I finally found a solution! To make it short: unauthenticated access and MediaConvert will not work!

The entire problem is Cognito which does not allow access to MediaConvert operations on unauthenticated access. Here is the access list.

My solution

Since I am using Auth0 for my user authentication I was simply following this guide and basically all my problems were gone! To attach the token I was using

// React state variable
[token, setToken] = useState<string>();

// Using the Auth0 SDK to set the 
const { getIdTokenClaims } = useAuth0();
getIdTokenClaims().then(j => setToken(j.__raw));

// use this in eg. useEffect hook
fromCognitoIdentityPool({
  client: new CognitoIdentityClient({ region: region }),
  identityPoolId: identyPoolId,
  logins: {
    "<your-auth0-domnain>": token,
  },
});

It seems that if we have an authenticated user,

we have no CORS errors
we can attach any role to the federated Identity pool we want

I guess there are other solutions asa well and I'm convinced that if you use the built in user service from the AWS for your app authentication, you probably will have less problems here.

Anyway, hope this helps someone!

P.S: the example from the original question does work without problems!