- Implementing Applications for AEM as a Cloud Service
- Using Cloud Manager
- Managing Environments
- Configuring your CI/CD Pipeline
- Deploying your Code
- Understanding your Test Results
- Accessing and Managing Logs
- Understanding Notifications
- Managing SSL Certificates
- Managing Custom Domain Names
- Introduction
- Getting a Custom Domain Name
- Adding a Custom Domain Name
- Adding a TXT Record
- Checking Custom Domain Name Status
- Configuring DNS Settings
- Checking DNS Record Status
- Viewing & Updating & Replacing a Custom Domain Name
- Updating a Custom Domain Name’s SSL Certificate
- Deleting a Custom Domain Name
- Managing IP Allow Lists
- Cloud Manager FAQs
- Managing your Code
- Developing for AEM as a Cloud Service
- AEM Project Structure
- AEM Project Repository Structure Package
- AEM as a Cloud Service SDK
- AEM as a Cloud Service Development Guidelines
- Logging
- Configurations and the Configuration Browser
- AEM Technical Foundations
- AEM as a Cloud Service API
- Generating Access Tokens for Server Side APIs
- Headless Developer Journey
- Headful and Headless in AEM
- Full Stack AEM Development
- Getting Started Developing AEM Sites - WKND Tutorial
- Structure of the AEM UI
- Sling Cheatsheet
- Using Sling Adapters
- Using the Sling Resource Merger in AEM as a Cloud Service
- Overlays in AEM as a Cloud Service
- Using Client-Side Libraries
- Page Diff
- Editor Limitations
- Naming Conventions
- Components and Templates
- AEM Tagging Framework
- Building Tagging into AEM Applications
- Search
- Custom Error Pages
- AEM Node Types
- Java API Guidelines
- Hybrid AEM Development
- Hybrid and SPA with AEM
- Enabling JSON Export for a Component
- SPA Introduction and Walkthrough
- SPA WKND Tutorial
- Getting Started using React
- Getting Started using Angular
- SPA Deep Dives
- Developing SPAs for AEM
- SPA Editor Overview
- SPA Blueprint
- SPA Page Component
- Dynamic Model to Component Mapping
- Model Routing
- The RemotePage Component
- Editing an External SPA within AEM
- Composite Components in SPAs
- Server Side Rendering
- Enabling JSON Export for a Component
- Launch Integration
- SPA Reference Documents
- Headless Experience Management
- Headless and AEM
- Getting Started Guides
- Content Fragments
- Headless Delivery with Content Fragments and GraphQL
- Working with Content Fragments
- Enable Content Fragment Functionality for your Instance
- Content Fragment Models
- Managing Content Fragments
- Variations - Authoring Fragment Content
- Markdown
- Using Associated Content
- Metadata - Fragment Properties
- Structure Tree
- Preview - JSON Representation
- Delivery API
- Developer Tools
- Personalization
- Configuring and Extending AEM as a Cloud Service
- Deploying to AEM as a Cloud Service
- Author Tier
- Content Delivery Overview
CDN in AEM as a Cloud Service
AEM as Cloud Service is shipped with a built-in CDN. Its main purpose is to reduce latency by delivering cacheable content from the CDN nodes at the edge, near the browser. It is fully managed and configured for optimal performance of AEM applications.
The AEM managed CDN will satisfy most customer’s performance and security requirements. For the publish tier, customers can optionally point to it from their own CDN, which they will need to manage. This will be allowed on a case-by-case basis, based on meeting certain pre-requisites including, but not limited to, the customer having a legacy integration with their CDN vendor that is difficult to abandon.
AEM Managed CDN
Follow the sections below to use Cloud Manager self-service UI to prepare for content delivery by using AEM’s out-of-the-box CDN:
Restricting traffic
By default, for an AEM managed CDN setup, all public traffic can make its way to the publish service, for both production and non-production (development and stage) environments. If you wish to limit traffic to the publish service for a given environment (for example, limiting staging by a range of IP addresses) you can do this in a self-service way via Cloud Manager UI.
Refer to Managing IP Allow Lists to learn more.
Only requests from the allowed IPs will be served by AEM’s managed CDN. If you point your own CDN to the AEM managed CDN, then make sure the IPs of your CDN are included in the allowlist.
Customer CDN points to AEM Managed CDN
If a customer must use its existing CDN, they may manage it and point it to the AEM managed CDN, providing the following are satisfied:
- Customer must have an existing CDN that would be onerous to replace.
- Customer must manage it.
- Customer must be able to configure the CDN to work with AEM as a Cloud Service - see the configuration instructions below.
- Customer must have engineering CDN experts that are on call in case related issues arise.
- Customer must perform and successfully pass a load test before going to production.
Configuration instructions:
- Set the
X-Forwarded-Hostheader with the domain name. For example:X-Forwarded-Host:example.com. - Set Host header with the origin domain, which is the AEM CDN’s ingress. For example:
Host:publish-p<PROGRAM_ID>-e<ENV-ID>.adobeaemcloud.com. - Send the SNI header to the origin. Like the Host header, the SNI header must be the origin domain.
- Set either the
X-Edge-Keyor theX-AEM-Edge-Key(if your CDN stripsX-Edge-*). The value should come from Adobe.- This is needed so that the Adobe CDN can validate the source of the requests and pass the
X-Forwarded-*headers to the AEM application. For example,X-Forwarded-Hostis used by AEM to determine the Host header andX-Forwarded-Foris used to determine the client IP. So, it becomes the responsibility of the trusted caller (i.e. the customer-managed CDN) to ensure the correctness of theX-Forwarded-*headers (see the note below). - Optionally, access to Adobe CDN’s ingress can be blocked when an
X-Edge-Keyis not present. Please inform Adobe if you need direct access to Adobe CDN’s ingress (to be blocked).
- This is needed so that the Adobe CDN can validate the source of the requests and pass the
Before accepting live traffic, you should validate with Adobe’s customer support that the end-to-end traffic routing is functioning correctly.
Customers that manage their own CDN should ensure the integrity of the headers that are sent through to AEM’s CDN. For instance, it is recommended that customers clear all X-Forwarded-* headers and set them to known and controlled values. For example, X-Forwarded-For should contain the client’s IP address, while X-Forwarded-Host should contain the site’s host.
There is potentially a small performance hit due to the extra hop, although hops from the customer CDN to the AEM managed CDN are likely to be efficient.
Please note that this customer CDN configuration is supported for the publish tier, but not in front of the author tier.
Geolocation Headers
The AEM managed CDN adds headers to each request with:
- country code:
x-aem-client-country - continent code:
x-aem-client-continent
The values for the country codes are the Alpha-2 codes described here.
The values for the continent codes are:
- AF Africa
- AN Antarctica
- AS Asia
- EU Europe
- NA North America
- OC Oceania
- SA South America
This information may be useful for use cases such as redirecting to a different url based on the origin (country) of the request. Use the Vary header for caching responses that are dependent on geo information. For example, redirects to a specific country landing page should always contain Vary: x-aem-client-country. If needed, you can use Cache-Control: private to prevent caching. See also Caching.
Resources on adobe.com
Resources
Adobe Account
