Expand my Community achievements bar.

SOLVED

Custom cloud config in aemaacs

Avatar

Level 1
Level 1
11/23/22 8:40:32 AM

We're migrating to aemaacs from AEM 6.5. We have a custom cloud configuration in place for datalayer. We followed this guide - https://experienceleague.adobe.com/docs/experience-manager-64/developing/extending-aem/extending-clo... in initial setup. 
Is there any such guide for aemaacs? We're not able to get the existing config work for cloud publisher. While running repoinit script to set ACL for anonymous user we're facing PathNotFoundException for /etc/cloudservices/*.

Any help appreciated.
Thanks!

Views

553

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
9/4/23 11:13:03 PM

hello @vmanohar23 

 

repo-init scripts execute at the time of deployment on AEM Images. Thus, they are capable of setting permissions on both mutable and immutable paths.

 

The repo-init can set ACL only if a node already exists. Thus, if we receive PathNotFoundException, it means that /etc/cloudservices/* isn't available when repo-init is executing, during deployment

 

To resolve the same, create these paths with proper primaryType via repo-init. This would assure that the path is available, while setting ACLs. Example:

 

 

{
    "scripts": [
          "create path /etc/cloudservices(sling:Folder)\n\n",
          "create path /etc/cloudservices/aemdatalayer(cq:Page)\n create path  /etc/cloudservices/aemdatalayer/jcr:content(cq:PageContent)\n\n",
          "set ACL on /etc/cloudservices/aemdatalayer\n\tallow jcr:read for \"anonymous\"" ] }

 

Aanchal Sikka

View solution in original post

Views

284

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
4 Replies

Avatar

Community Advisor
Community Advisor
11/23/22 8:58:30 AM

Hi @vmanohar23 ,

Can you just pass script from init if possible?

Regards,

Santosh

Views

536

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
11/23/22 9:04:51 AM
In response to SantoshSai 
{
    "scripts": [
        "set ACL on /etc/cloudservices/aemdatalayer\n\tallow jcr:read for \"anonymous\""
    ]
}

This is under config.publish by name org.apache.sling.jcr.repoinit.RepositoryInitializer~<project-name>.cfg.json

Views

530

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
11/23/22 9:37:50 AM
In response to vmanohar23

@vmanohar23 - 

The problem would be because the repo init statements mention mutable content in the documentation[0].

/apps and /libs are immutable at runtime and ACLs are stored under the respective nodes that need the permission in AEM. 

shivanigarg111_0-1618544020728.png

[0]: https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/developing/basics/mut...

 

Views

517

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
9/4/23 11:13:03 PM

hello @vmanohar23 

 

repo-init scripts execute at the time of deployment on AEM Images. Thus, they are capable of setting permissions on both mutable and immutable paths.

 

The repo-init can set ACL only if a node already exists. Thus, if we receive PathNotFoundException, it means that /etc/cloudservices/* isn't available when repo-init is executing, during deployment

 

To resolve the same, create these paths with proper primaryType via repo-init. This would assure that the path is available, while setting ACLs. Example:

 

 

{
    "scripts": [
          "create path /etc/cloudservices(sling:Folder)\n\n",
          "create path /etc/cloudservices/aemdatalayer(cq:Page)\n create path  /etc/cloudservices/aemdatalayer/jcr:content(cq:PageContent)\n\n",
          "set ACL on /etc/cloudservices/aemdatalayer\n\tallow jcr:read for \"anonymous\"" ] }

 

Aanchal Sikka

Views

285

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply