https://github.com/awslabs/time-addressable-media-store
A sample implementation of the Time-addressable Media Store API
Science Score: 26.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (13.8%) to scientific vocabulary
Repository
A sample implementation of the Time-addressable Media Store API
Basic Info
Statistics
- Stars: 26
- Watchers: 9
- Forks: 2
- Open Issues: 2
- Releases: 11
Metadata Files
README.md
Time-addressable Media Store implementation
This solution deploys the AWS Infrastructure required to create a sample implementation of the BBC TAMS API.
Pre-requisites
Before deploying this solution a CloudWatch log role ARN needs to be created and API Gateway configured to make use of it in your chosen region.
Verify your VPC configuration
If you choose the option to deploy the solution in an existing VPC, you must ensure that the TAMS API Lambda functions running in the private subnets of your VPC can connect to other AWS services. This can be achieved with NAT gateways. However, this solution does not require internet access as long the required VPC Endpoints are available.
VPC Endpoints
If you choose to let this solution deploy a new VPC all the required VPC Endpoints will be created automatically.
If you are choosing to use an existing VPC then you should ensure that the subnets being supplied are able to access the internet or ensure you have the following VPC Endpoints in place:
| Service | Endpoint Type | | -------- | ------------- | | s3 | Gateway | | dynamodb | Gateway | | sqs | Interface | | events | Interface | | ssm | Interface | | lambda | Interface |
Deploy the sample application
NOTE: When deploying this solution please be sure to get the latest version from the Releases page in GitHub. The main branch often contains pre-release code that may not be fully stable.
The Serverless Application Model Command Line Interface (SAM CLI) is an extension of the AWS CLI that adds functionality for building and testing Lambda applications. It uses Docker to run your functions in an Amazon Linux environment that matches Lambda. It can also emulate your application's build environment and API.
To use the SAM CLI, you need the following tools.
- SAM CLI - Install the SAM CLI
- Docker - Install Docker community edition
To build and deploy your application for the first time, run the following in your shell:
bash
sam build --use-container
sam deploy --guided
NOTE: The Neptune database takes approximately 20mins to create. Neptune also requires a VPC which is why there are VPC parameters mentioned below.
The first command will build the source of your application. The second command will package and deploy your application to AWS, with a series of prompts:
- Stack Name: The name of the stack to deploy to CloudFormation. This should be unique to your account and region, and a good starting point would be something matching your project name.
- AWS Region: The AWS region you want to deploy your app to.
- EnableWebhooks: Specify whether you want the solution deployed with Webhooks.
- VpcId: Specify an existing VPC Id, leave blank to have one created.
- VpcAZs: Specify a comma-separated list of availability zones (for example
us-east-1a,us-east-1b) to use when a VPC is specified. The number of AZs must match the number of private subnets specified in PrivateSubnetIds. Leave blank if VPC being created. - PrivateSubnetIds: Specify a comma-delimited list of the Private Subnet Ids to be used in the existing VPC.
- NeptuneDBInstanceClass: Neptune Cluster Instance class, for example
db.serverlessordb.r7g.large - NeptuneServerlessConfiguration: Neptune Serverless Scaling Configuration. Must be a list of two values, MinCapacity and MaxCapacity, separated by commas. Valid values between 1–128.
- DeployWaf: Specify whether you want the solution behind a WAF.
- Confirm changes before deploy: If set to yes, any change sets will be shown to you before execution for manual review. If set to no, the AWS SAM CLI will automatically deploy application changes.
- Allow SAM CLI IAM role creation: Many AWS SAM templates, including this example, create AWS IAM roles required for the AWS Lambda function(s) included to access AWS services. By default, these are scoped down to minimum required permissions. To deploy an AWS CloudFormation stack which creates or modifies IAM roles, the
CAPABILITY_IAMvalue forcapabilitiesmust be provided. If permission isn't provided through this prompt, to deploy this example you must explicitly pass--capabilities CAPABILITY_IAMto thesam deploycommand. - Save arguments to samconfig.toml: If set to yes, your choices will be saved to a configuration file inside the project, so that in the future you can just re-run
sam deploywithout parameters to deploy changes to your application.
You can find your API Gateway Endpoint URL in the output values displayed after deployment.
Usage
Note: An associated repository time-addressable-media-store-tools is available to be used as a sample to give you a basic Web UI to help visualize your TAMS Store.
Access to the API is controlled by Cognito. The solution comes with an App Client already created for you. If required, you can create others for differing access patterns as required.
Whether you are using the pre-configured App Client or whether you create your own, you will need to authenticate with the API using an Authorization header. The header follows the traditional Bearer {token} syntax.
The guide below assumes you are using Client credentials OAuth 2.0 grant for "machine-to-machine" access using the pre-configured App Client. It also describes how to generate the access token you will need to place in the header.
To request an access token, you will require 4 pieces of information:
Client Id: This can be retrieved from the Outputs of the Cloudformation Stack created during deployment or by browsing to the Cognito User Pool console and locating the App Client named
server-to-server.Client Secret: This can be retrieved from the Cognito User Pool console and locating the App Client named
server-to-server. Click on this App Client to view its details and you will see an option to copy the Client secret. NOTE: This Client secret is confidential, and care should be taken to store this value securely so that 3rd parties are not able to access it.Token URL: This can be retrieved from the Outputs of the Cloudformation Stack created during deployment.
OAuth scope(s): Access to API methods is controlled by specific scopes. The options available are:
- tams-api/read - required for GET and HEAD methods
- tams-api/write - required for PUT and POST methods
- tams-api/delete - required for DELETE methods
NOTE: Supplying more than one scope is allowed, it just means the resulting token will be able to call a combination of allowed methods.
To request a token, you need to POST to the TOKEN Url:
bash
curl -X POST -d 'client_id=XXX&client_secret=XXX&grant_type=client_credentials&scope=tams-api/read' https://XXXXX
This request will return JSON that will contain the access_token. Take the value of this token and create the Authorization header. Pass this header on all requests to the API to be authenticated.
Currently Authorization is purely handled by which OAuth scopes are assigned to the App Client within Cognito. Creating a new client with only tams-api/read will result in "read only" access to the API.
Addtional Storage
Version 7 of the TAMS API specification introduced new functionality that allows the client to choose between different "storage backends" where available.
This solution deploys with a default storage backend using a dedicated S3 bucket.
If desired, addtional S3 buckets can be deployed as separate TAMS storage backends. This is done by deploying separate Cloudformation Stacks with this template. It only takes a single parameter and that is the name of the main TAMS API stack.
Note: This template does NOT require the SAM cli to deploy it. It can be done directly in the Cloudformation Console or via any other Cloudformation create stack option.
Architecture Diagram

Cleanup
To delete the solution, use the SAM CLI, you can run the following:
bash
sam delete
After using
sam deletethe S3 Bucket and DynamoDB table(s) will still need to be deleted manually via the AWS Console if you do not want to retain the data.
Security
See CONTRIBUTING for more information.
License
This library is licensed under the MIT-0 License. See the LICENSE file.
Owner
- Name: Amazon Web Services - Labs
- Login: awslabs
- Kind: organization
- Location: Seattle, WA
- Website: http://amazon.com/aws/
- Repositories: 914
- Profile: https://github.com/awslabs
AWS Labs
GitHub Events
Total
- Create event: 44
- Issues event: 13
- Release event: 9
- Watch event: 11
- Delete event: 40
- Issue comment event: 19
- Push event: 136
- Pull request review event: 84
- Pull request review comment event: 87
- Pull request event: 65
- Fork event: 1
Last Year
- Create event: 44
- Issues event: 13
- Release event: 9
- Watch event: 11
- Delete event: 40
- Issue comment event: 19
- Push event: 136
- Pull request review event: 84
- Pull request review comment event: 87
- Pull request event: 65
- Fork event: 1
Issues and Pull Requests
Last synced: 10 months ago
All Time
- Total issues: 9
- Total pull requests: 32
- Average time to close issues: 23 days
- Average time to close pull requests: 2 days
- Total issue authors: 4
- Total pull request authors: 5
- Average comments per issue: 1.22
- Average comments per pull request: 0.13
- Merged pull requests: 26
- Bot issues: 0
- Bot pull requests: 1
Past Year
- Issues: 9
- Pull requests: 32
- Average time to close issues: 23 days
- Average time to close pull requests: 2 days
- Issue authors: 4
- Pull request authors: 5
- Average comments per issue: 1.22
- Average comments per pull request: 0.13
- Merged pull requests: 26
- Bot issues: 0
- Bot pull requests: 1
Top Authors
Issue Authors
- danjhd (7)
- MartynGilbertTR (1)
- andypmatrox (1)
- samdbmg (1)
Pull Request Authors
- danjhd (27)
- sprkem (3)
- ctd (1)
- Dhruv-Bajaj-code (1)
- dependabot[bot] (1)
Top Labels
Issue Labels
Pull Request Labels
Dependencies
- mediatimestamp *
- requests *
- requests *
- boto3 *
- mediatimestamp *
- pytest *
- requests *