Expand my Community achievements bar.

SOLVED

AEM Cloud Config Pipeline Failed due to YAML parsing error

Avatar

Community Advisor
Community Advisor
9/26/24 6:00:48 AM

We tried to whitelist domains only for specific IP addresses. Given the large number of domains and IP addresses, we aimed to make the configuration more readable and manageable by separating the lists into different files using the YAML lookup method as shown below: 

- name: domains-ip-restriction
  when:
    allOf:
      - reqProperty: domain
        in: "{{ lookup('file', 'restricted_domains.yaml') }}"
      - reqProperty: clientIp
        notIn: "{{ lookup('file', 'whitelisted_ips.yaml') }}"
  action:
    type: block

restricted_domains.yaml:

- dev.domain1.com
- dev.domain2.com

whitelisted_ips.yaml:

- 172.143.23.10/32

However, the config pipeline failed with the following error logs: 

2024-09-24T18:22:28+0000 Summary of events during the deployment step:
2024-09-24T18:22:28+0000 Begin deployment in sites-dev [CorrelationId: XXX]
2024-09-24T18:23:15+0000 Config Pipeline update status is failed
2024-09-24T18:23:15+0000 Error details are present:
2024-09-24T18:23:15+0000 Could not parse yaml file in 'restricted_domains.yaml'. Please check that you are using valid YAML syntax and check the documentation
2024-09-24T18:23:15+0000 Finished deployment in aaaem-sites-dev

We are aware that IP Allowlist can be configured via Cloud Manager for restricted websites. However, in our case, some domains need to be publicly accessible, which is why we are using this approach with CDN configuration.

Any suggestions on how to proceed with separate files for the IPs and domain lists, or is the only approach to duplicate these lists directly in the cdn.yaml file?

 

 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Experience Manager as a Cloud Service

Views

491

Replies

6
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
10/10/24 10:56:20 PM
In response to Mahedi_Sabuj

From Adobe Support Team

I just heard back from the team and they mentioned that we do not support this kind of syntax unfortunately, therefore only 1 file can be used. Also they mentioned that this is not a YAML feature per say but an extension of YAML that some softwares, like Ansible, provide. So, I think the solution here would be to use Inline config.

 

View solution in original post

Views

208

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
6 Replies

Avatar

Community Advisor
Community Advisor
9/27/24 2:50:13 AM

Hi @Mahedi_Sabuj ,

Have you tried to inline lists directly in yaml file  and check if the build is happening fine  ? This is to rule out any lookup file issue. 

 

- name: domains-ip-restriction
  when:
    allOf:
      - reqProperty: domain
        in: ["dev.domain1.com", "dev.domain2.com"]
      - reqProperty: clientIp
        notIn: ["172.143.23.10/32"]
  action:
    type: block

Thanks,

Somen

Views

413

Replies

4
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
9/27/24 9:36:03 AM
In response to somen-sarkar

Inline config works fine, but we prefer managing IP addresses in a separate file for better reusability across different rules. This approach allows us to use the same IP addresses in multiple rules without duplication.

Views

394

Replies

3
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
9/27/24 10:47:13 PM
In response to Mahedi_Sabuj

In this case the issue can be in the format of the lookup  file  that you are trying to attach  or  pipeline script might have some specific conditions that it checks.  As per current documentation every yaml file has a common syntax like  below . 

  kind: "LogForwarding"
  version: "1"
  metadata:
    envTypes: ["dev"]

As you are passing yaml file what changes were done to pass the list as an array to the required property field ? In publicly available documentation don't see any option to append a lookup file or valid "kind" type for lookup.  Suggest  to raise an Adobe support ticket  to get further inputs from the engineering team.

Thanks,

Somen

Views

367

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
9/28/24 12:32:19 AM
In response to somen-sarkar

I have already raised a ticket with the Adobe Support team and awaiting their response. Thanks.

Views

348

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
10/10/24 10:56:20 PM
In response to Mahedi_Sabuj

From Adobe Support Team

I just heard back from the team and they mentioned that we do not support this kind of syntax unfortunately, therefore only 1 file can be used. Also they mentioned that this is not a YAML feature per say but an extension of YAML that some softwares, like Ansible, provide. So, I think the solution here would be to use Inline config.

 

Views

209

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Administrator
Administrator
10/9/24 1:37:49 AM

@Mahedi_Sabuj Did you find the suggestion helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!



Kautuk Sahni

Views

214

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Passing parameters to Sling Model methods Solved

Views

88

Likes

0

Replies

2
Best Site Search Engine with AEM

Views

47

Likes

0

Replies

2
Invalidate Cache Error

Views

45

Likes

0

Replies

1
TemplatedResource binding to Resource

Views

100

Likes

0

Replies

7
Sitecore to AEM cloud migration reference implementation

Views

52

Likes

0

Replies

0