Hi Team
I have a requirement to integration Amazon Kendra Search solution with AEM as a cloud. I have seen the documentation on Amazon however would want to know inputs if anyone integrated recently.
Basically to start with I want to do POC on AEM local cloud sdk.
Any pointers would be really helpful.
Thanks in advance.
Views
Replies
Total Likes
Hi @Prashardan ,
Set up a Kendra index in AWS.
Push AEM content (pages or fragments) to Kendra using its API or connector.
Build a search UI in AEM that sends queries to Kendra and shows results.
Handle authentication using AWS IAM or API keys.
Thanks & Regards,
Vishal
@SantoshSai @VishalKa5 @Prashardan
For our local setup, we're currently using AWS session credentials for the POC.
From a security and authentication standpoint, do you have any recommendations or best practices for establishing a secure connection between the application and AEM Cloud using the AWS SDK? Specifically, what would be the suggested approach at the application level, and how should we proceed to ensure a secure and scalable integration
Views
Replies
Total Likes
I would suggest:
Use IAM Role with Web Identity (Recommended)
Use AWS STS (AssumeRoleWithWebIdentity) to get temporary credentials securely.
No hardcoded credentials in AEM.
Use Environment Variables / Secrets Manager
Store role ARN and config securely.
Never embed secrets in code.
Least Privilege IAM Policy
Grant only kendra:Query and needed actions to the IAM role.
Hi @Prashardan,
1. Create Amazon Kendra Index
Go to AWS Console > Amazon Kendra
Create an Index and note down the Index ID
Reference: https://docs.aws.amazon.com/kendra/latest/dg/getting-started.html
2. Add AWS SDK Dependency in core/pom.xml
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>kendra</artifactId>
<version>2.25.14</version>
</dependency>
Reference: https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/services/kendra/KendraClient.html
3. Create Sling Servlet to Query Kendra
Use KendraClient in a servlet to query based on user input.
Basic steps:
Read query param
Call KendraClient.query(...)
Parse results and return JSON
4. Test Endpoint
Access your servlet via:
http://localhost:4502/bin/kendra/search?q=your+query
5. Security Note
For local, use AWS credentials via ~/.aws/credentials.
Reference: https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials.html
More Useful References:
A Sample Servlet to Query Amazon Kendra that might helps you:
@SlingServletPaths("/bin/kendra/search")
public class KendraSearchServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String queryText = req.getParameter("q");
Region region = Region.US_EAST_1;
KendraClient kendraClient = KendraClient.builder()
.region(region)
.credentialsProvider(ProfileCredentialsProvider.create()) // Use env or IAM for production
.build();
QueryRequest queryRequest = QueryRequest.builder()
.indexId("your-kendra-index-id")
.queryText(queryText)
.build();
QueryResponse queryResponse = kendraClient.query(queryRequest);
List<QueryResultItem> items = queryResponse.resultItems();
JSONArray jsonArray = new JSONArray();
for (QueryResultItem item : items) {
JSONObject json = new JSONObject();
json.put("title", item.documentTitle().text());
json.put("excerpt", item.documentExcerpt().text());
json.put("uri", item.documentURI());
jsonArray.put(json);
}
resp.setContentType("application/json");
resp.getWriter().write(jsonArray.toString());
}
}
@Prashardanwere you able to get this resolved? If you found a different way to fix it, sharing your approach would be a great contribution to the community. Your follow-up not only helps close the loop but also ensures others benefit from your experience. Thanks so much for being part of the conversation!
Views
Replies
Total Likes