Adobe Experience Manager Sites & More

Shankar_K · 5/19/25

Hi ,

We are storing the userdetails in AWS DB, and We have our lambda api which returns userdetails when called ,
To call the API we are sending key and token in headers , the same api is returning data in our AMS environment , local environment as well as in POSTMAN , but the api is not returning any data in Cloud Environment and its running into exception, so is there anything we need to allow in lambda , please advise me on this issue what might be the potential cause for this behaviour.

Regards
Shankar

Shankar_K · 6/26/25

Hi All,
Thanks for all replies

When I revisited the issue with a different perspective and analyzed the Lambda services, I noticed that all requests were being blocked by the WAF. We also observed that our cloud IP was visible in the logs.

To resolve this, we whitelisted our IP, which allowed us to successfully retrieve the data.

However, we encountered another issue: the IP kept changing dynamically due to the nature of cloud infrastructure.

To address this, we configured a dedicated Egress IP and updated our Java code by modifying the HttpClientBuilder to use HttpClients.useSystemProperties(). This change helped stabilize the IP.

After whitelisting the dedicated Egress IP and applying the Java code update, the issue was resolved.

Hope this helps.

View solution in original post

narendiran_ravi · 5/20/25

Hi @Shankar_K ,

Could you please provide more details about the exception?
Additionally, have you checked the Dispatcher and CDN logs to see if the request is being blocked?

AmitVishwakarma · 5/20/25

Hi @Shankar_K ,

To better assist you, could you please confirm the following:
- What is the exact exception/error message in AEM Cloud logs?
- Have you checked if the Dispatcher/CDN (Fastly) is blocking the request?
- Are CORS headers properly configured in your Lambda API?
- Is your AEM Cloud environment IP whitelisted in the Lambda or API Gateway?
- Are there differences in headers or request method from AEM vs Postman?
These details will help narrow down whether it's a networking, security, or configuration issue.

Regards,
Amit

Madhur-Madan · 5/20/25

Hi @Shankar_K ,

fo. Since the API works in local, AMS, and Postman, but fails only from AEM Cloud, this points to an environment-specific issue. To help troubleshoot further, could you confirm:

Is the request from AEM Cloud actually reaching the Lambda (i.e., does it show up in CloudWatch logs)?
Are you seeing the key and token headers arrive in the Lambda event payload when triggered from AEM Cloud?
Is the Lambda function returning a response and failing during DB access, or is it failing before?
Is the AEM Cloud environment possibly using a proxy or different outbound IP range that could affect access or auth?
Are there any differences in the way headers are sent or encoded from AEM Cloud compared to AMS/local?

Shankar_K · 5/21/25

Hi @Madhur-Madan @AmitVishwakarma @narendiran_ravi

x-amzn-RequestId	e7da5dca-2833-4f6a-9870-3db0af4a4384
x-amzn-ErrorType	ForbiddenException
x-amz-apigw-id	K6lWeEWzIAMEELA=

I can see these headers in response what could be the reason

EstebanBustamante · 5/23/25

Hi @Shankar_K

AEMaaCS blocks traffic for non-standards ports, if your API is listening in a non-standard port, you need to configure the Advanced Network Config, please check this: https://aemsimplifiedbynikhil.wordpress.com/2024/06/27/advanced-networking-in-aemaacs-http-https-con...

Hope this helps

Esteban Bustamante

kautuk_sahni · 6/26/25

@Shankar_K Just checking in — were you able to resolve your issue?
We’d love to hear how things worked out. If the suggestions above helped, marking a response as correct can guide others with similar questions. And if you found another solution, feel free to share it — your insights could really benefit the community. Thanks again for being part of the conversation!

Kautuk Sahni

Shankar_K · 6/26/25

Hi All,
Thanks for all replies

When I revisited the issue with a different perspective and analyzed the Lambda services, I noticed that all requests were being blocked by the WAF. We also observed that our cloud IP was visible in the logs.

To resolve this, we whitelisted our IP, which allowed us to successfully retrieve the data.

However, we encountered another issue: the IP kept changing dynamically due to the nature of cloud infrastructure.

To address this, we configured a dedicated Egress IP and updated our Java code by modifying the HttpClientBuilder to use HttpClients.useSystemProperties(). This change helped stabilize the IP.

After whitelisting the dedicated Egress IP and applying the Java code update, the issue was resolved.

Hope this helps.

Adobe Experience Manager Sites & More

Lamda API call Not Returning Data to AEM Cloud Environment

Esteban Bustamante

Kautuk Sahni

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe