Rules of AEM

  Cache Invalidation in Hybrid AEM: Keeping EDS and AMS in Sync on AWS CloudFront Introduction In a hybrid AEM setup where EDS and AMS serve different parts of the same website through AWS CloudFront, cache invalidation is one of the trickiest problems to solve. Both systems have completely different invalidation mechanisms — and if you don't coordinate them properly, editors end up seeing stale content, confused about why their published changes aren't showing up. This post explains how cache invalidation works in each system, why hybrid setups make it harder, and how to build a reliable invalidation strategy across both origins. The Core Problem In a single-origin AEM setup, invalidation is straightforward: Editor publishes in AEM Dispatcher flush agent clears the Dispatcher cache CloudFront invalidation clears the CDN layer Done In a hybrid setup you have two completely separate invalidation pipelines that must never interfere with each other: EDS publish event ...

aemrules.com Hybrid AEM CDN Architecture: Routing EDS + AMS on AWS CloudFront 8 min read  ·  Anuj Gangwar  ·  AEM Architect @ Adobe TL;DR Ask AI 5 things to know in 30 seconds 1 AWS CloudFront acts as a single traffic cop — routing every request to either EDS or AMS based on the URL path pattern. 2 EDS paths like /blog/* go to hlx.live origin. AMS paths like /products/* go to the Dispatcher origin. Default catch-all points to AMS. 3 Consolidate all EDS static assets under /eds/* — fonts, scripts, styles, blocks, icons all under one folder. One CloudFront rule instead of six. 4 A CloudFront Edge Function handles .html to clean URL 301 redirects at the edge — before any origin is contacted. 5 Always pass X-Forwarded-Host to both origins. AMS needs it for vhost matching. EDS Franklin Bot needs it for site resolution. Ask a question in the Ask AI tab for more details on a...

  AEM Edge Delivery Services + AI: The Future of Content Delivery Introduction AEM Edge Delivery Services (EDS) — formerly known as Project Franklin / Helix — is Adobe's modern, high-performance content delivery layer. It decouples content authoring from delivery, serving pages at the edge with near-perfect Lighthouse scores. When you combine EDS with AI, you unlock capabilities like real-time content personalization, AI-generated blocks, and intelligent A/B testing — all at the edge. In this post, we'll walk through how to integrate AI into an EDS project with practical code examples. How Edge Delivery Services Works (Quick Recap) Author (Google Docs / SharePoint / AEM) ↓ AEM Pipeline (Franklin Bot) ↓ Content stored at Edge (Fastly CDN) ↓ User Request → Edge Worker → HTML served in <100ms EDS pages are built with plain HTML/CSS/JS blocks. There's no traditional AEM dispatcher — content is served directly from the CDN edge.       ...

  Using AI Tools for AEM Development: Code Faster with Copilot & Claude Introduction AEM development has always required deep expertise — Sling models, OSGi configurations, HTL templates, Oak queries, and dispatcher rules all have their own nuances. AI coding assistants like GitHub Copilot , Claude , and ChatGPT now understand AEM well enough to dramatically speed up day-to-day development tasks. In this post, we'll look at practical examples of how to use AI tools effectively for AEM development — including the right prompts that produce high-quality AEM code.          1. Writing Sling Models with AI Prompt that works well: Write an AEM Sling Model for a component called "HeroComponent". It should: - Be adaptable from Resource - Inject title, description, ctaLabel, ctaLink from the component's JCR properties - Use @PostConstruct to build a full link with a .html extension - Include @Optional annotations where appropriate - Follow AEM best pract...

  AEM Security in the Age of AI: New Threats & How to Defend Against Them Introduction AI is changing the security landscape for AEM deployments in two important ways. First, attackers are using AI to make their attacks smarter — faster credential scanning, AI-generated phishing payloads, and automated vulnerability probing. Second, as AEM teams integrate AI features (chatbots, content generation, RAG pipelines), they introduce a new class of vulnerabilities that didn't exist before. In this post, we'll cover both: how to harden your existing AEM setup against AI-powered attacks, and how to secure the new AI integrations you're building.             1. Prompt Injection — The New XSS If you've built a chatbot or AI assistant on top of AEM content (like the RAG pipeline from our previous post), prompt injection is your biggest risk. It's the AI equivalent of XSS — an attacker embeds malicious instructions inside content that your AI system the...

  Building a RAG Chatbot on AEM Content using LangChain + OpenAI Introduction Imagine a chatbot that can answer questions like "What is our return policy?" or "How do I configure the Dispatcher?" — drawing answers directly from your AEM-managed content. This is exactly what Retrieval-Augmented Generation (RAG) enables. RAG combines a vector database (to store and search your content semantically) with an LLM (to generate natural language answers). The result is an AI assistant grounded in your actual AEM content, not hallucinated facts. In this post, we'll build a complete RAG pipeline that ingests AEM content fragments, stores them in a vector database, and serves answers via a chatbot API. Architecture AEM Content Fragments / Pages ↓ AEM Content API (JSON exporter) ↓ Python Ingestion Pipeline (chunking + embedding) ↓ Vector Database (Pinecone / ChromaDB) ↓ Query → Semantic Search → Top-K chunks ↓ ...

  AI-Powered Dispatcher & CDN Optimization for AEM Introduction AEM's Dispatcher and CDN layer is the frontline of performance and security. Traditionally, caching rules, TTLs, and security filters are all manually configured. But with AI and machine learning entering the infrastructure space, it's now possible to make smarter, dynamic decisions — from predicting cache invalidation patterns to detecting bot traffic and anomalous requests automatically. In this post, we'll cover practical ways to integrate AI/ML into your AEM Dispatcher and CDN stack.           1. AI-Based Anomaly Detection in Access Logs The first and most immediately useful application is analyzing Dispatcher/Apache access logs using AI to detect DDoS patterns, credential stuffing, or scraping bots. Log Parser Script (Python + OpenAI) Instead of manually writing regex rules, feed your access logs to an LLM to identify suspicious patterns: # log_analyzer.py import openai import...