NEWDolby Media Processing APIs are now the Media APIs Learn More >


Processing media in AWS Simple Storage Service (S3)

The AWS Simple Storage Service (S3) can be used in media workflows. If your media already resides on S3, you can process it there directly with APIs by providing temporary access credentials to your data.

AWS Simple Storage Service

There are a few ways to achieve this in media workflows.

Public File

A publicly available URL will be accessible with a GET request which then can be used as an input parameter. You can set this up by following the AWS documentation instructions.


Using s3:// URLs

We support s3:// style URLs as an input / outputparameter. This may be easier for any public media than specifying a regular http url.

Pre-Signed URLs

A pre-signed URL can be a convenient way to provide a URL containing temporary credentials as a basic string. The Media APIs will need to GET the input parameter when reading media and PUT on the output parameter to write media. Therefore, to make a request with pre-signed URLs you'll need to generate a separate string for each parameter.

Here's some examples for how to do this:

# pip install boto3

import boto3
from botocore.exceptions import ClientError
def create_presigned_url(bucket_name, object_name,
                         operation='get_object', expiration=3600):
    client = boto3.client('s3')
        return client.generate_presigned_url(operation,
                Params={'Bucket': bucket_name, 'Key': object_name},
    except ClientError as e:

# Use the presigned URL as the input parameter to an Media API request
input_url = presign.create_presigned_url('your-bucket-name', 'object/name.mp3')

# Change the operation to put_object for a write-able location
output_url = presign.create_presigned_url('your-bucket-name', 'object/name.enhanced.mp3',
    operation='put_object', expiration=7200)

media_request = {
 'input': input_url,
 'output': output_url
// npm install aws-sdk

const aws = require('aws-sdk');
const s3 = new aws.S3({ signatureVersion: "v4", region: 'us-west-1' });

const bucket_name = 'your-bucket-name';

// Use getObject for a readable location
let input_url = await s3.getSignedUrlPromise('getObject', {
  Bucket: bucket_name,
  Key: 'your-input-object/name.mp4',
  Expires: 3600

// Use putObject for a writeable location
let output_url = await s3.getSignedUrlPromise('putObject', {
  Bucket: bucket_name,
  Key: 'your-output-object/name.enhanced.mp4',
  Expires: 7200  

let media_request = {
  'input': input_url,
  'output': output_url

For further examples, see the AWS S3 Documentation.


Output Expiration Limit

When setting an expiration on a pre-signed URL you need to allow enough time for the file to complete processing. For longer media files, there may be a delay when a job is queued before processing and it can take up to real-time before a file completes. You should take this into consideration when setting the expiration value of the output url.

Auth Keys

For the input and output parameters you can specify an object dictionary instead of a single string. When you do, you'll include the url as a string but also an auth block where you can identify your access credentials.

  "input": {
    "url": "s3://your-bucket-name/input_file.mp3",
    "auth": {
      "key": "ABCDEIF...ASEOFJHIF",
      "secret": "djkgg39u34i....ogn9gh89w34gh984h",
  "output": {
    "url": "s3://your-bucket-name/output_file.mp3",
    "auth": {
      "key": "ABCDEIF...ASEOFJHIF",
      "secret": "djkgg39u34i....ogn9gh89w34gh984h",

You can learn more about generating these credentials from the AWS Identity and Access Management documentation.

Did this page help you?