Select Page

So, I recently had a project to create a Roku channel with some videos that were hosted on Amazon Web Services S3 storage. I wanted to keep the links to the video’s somewhat hidden and secured, knowing that the easier they are to get at, the quicker they will be plastered all over file sharing sites. I decided to use the expiring signed links which are available with S3. I needed to then generate these links on the fly and create an XML feed with them for the Roku app to point at to retrieve its content.

I hosted my XML feeds on a linux host and created a PHP page that produces the category feed and runs a function that creates the signed AWS S3 expiring links.  I have to thank Tournas Dimitrios for his original work on the function to create the links. I just had a few tweaks to his function to switch the organization of the URL and use & instead of &’s for the XML and then was able to write the code to spit out the XML feed calling s3url function. The result turned out nicely, just fill in the variables with your specific info and Video files and point the Roku app, or any other app for that matter to the php page for its content.

Now, by no means is this Fort Knox, but it does add a layer of deterrence to would-be thieves. Some extra items to secure it further would be to host the AWS credential information (esp. the secret key) out side the web documents directory and pull the information in. Also, have the calling app, in my case the Roku app call the feed with a password parameter and check for it to display the feed. Requiring secure https would also help keep that information secure.

Here is the script with the calling password  url parameters. The feed would be called with http://url/feed.php?feedPwd=PASSWORD



Hopefully this may be helpful to someone. Thanks!