Amazon has added token based access to the cloudfront rtmp servers here: http://docs.amazonwebservices.com/AmazonCloudFront/latest/DeveloperGuide/index.html?PrivateContent.html

This means you can put some control around who accesses your content.

Here is one way to set up flowplayer to use this:

<script type="text/javascript" src="http://static.flowplayer.org/js/flowplayer-3.1.4.min.js"></script>
<div class="player" id="id_flowplayer" style="width:640px;height:320px;">
</div>
<script language='javascript'>
flowplayer("id_flowplayer", "http://releases.flowplayer.org/swf/flowplayer-3.1.5.swf", {
 log: { level:"debug",filter:'org.flowplayer.rtmp.*' },
 clip: {
   autoPlay:false,
   // This is the path to the video file
   url: encodeURIComponent('flv:test.mp4?Expires=1258237200&Signature=TBD&Key-Pair-Id=PK123456789754'),
   provider: 'aws'
 },
 // streaming plugins are configured under the plugins node
 plugins: {
   // here is our rtmp plugin configuration, configured for AWS
   aws: {
      url: 'http://releases.flowplayer.org/swf/flowplayer.rtmp-3.1.3.swf',
      // netConnectionUrl defines where the streams are found
      netConnectionUrl: 'rtmp://your aws hostname.cloudfront.net/cfx/st'
   }
 }
});
</script>