Integrate Amazon Kendra with AEM as a cloud | Community
Skip to main content
Prashardan
Prashardan
New Participant
August 5, 2025
Solved

Integrate Amazon Kendra with AEM as a cloud

  • August 5, 2025
  • 3 replies
  • 691 views

Hi Team

I have a requirement to integration Amazon Kendra Search solution with AEM as a cloud. I have seen the documentation on Amazon however would want to know inputs if anyone integrated recently.

 

Basically to start with I want to do POC on AEM local cloud sdk.

 

Any pointers would be really helpful.

 

Thanks in advance.

Best answer by SantoshSai

Hi @prashardan,

1. Create Amazon Kendra Index

  • Go to AWS Console > Amazon Kendra

  • Create an Index and note down the Index ID

Reference: https://docs.aws.amazon.com/kendra/latest/dg/getting-started.html

2. Add AWS SDK Dependency in core/pom.xml

<dependency> <groupId>software.amazon.awssdk</groupId> <artifactId>kendra</artifactId> <version>2.25.14</version> </dependency>

Reference: https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/services/kendra/KendraClient.html
3. Create Sling Servlet to Query Kendra

Use KendraClient in a servlet to query based on user input.

Basic steps:

  • Read query param

  • Call KendraClient.query(...)

  • Parse results and return JSON

4. Test Endpoint

Access your servlet via:

http://localhost:4502/bin/kendra/search?q=your+query

5. Security Note

For local, use AWS credentials via ~/.aws/credentials.

Reference: https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials.html

More Useful References:

A Sample Servlet to Query Amazon Kendra that might helps you:

@SlingServletPaths("/bin/kendra/search") public class KendraSearchServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String queryText = req.getParameter("q"); Region region = Region.US_EAST_1; KendraClient kendraClient = KendraClient.builder() .region(region) .credentialsProvider(ProfileCredentialsProvider.create()) // Use env or IAM for production .build(); QueryRequest queryRequest = QueryRequest.builder() .indexId("your-kendra-index-id") .queryText(queryText) .build(); QueryResponse queryResponse = kendraClient.query(queryRequest); List<QueryResultItem> items = queryResponse.resultItems(); JSONArray jsonArray = new JSONArray(); for (QueryResultItem item : items) { JSONObject json = new JSONObject(); json.put("title", item.documentTitle().text()); json.put("excerpt", item.documentExcerpt().text()); json.put("uri", item.documentURI()); jsonArray.put(json); } resp.setContentType("application/json"); resp.getWriter().write(jsonArray.toString()); } }

3 replies

kautuk_sahni
kautuk_sahni
Employee
September 2, 2025

@prashardanwere you able to get this resolved? If you found a different way to fix it, sharing your approach would be a great contribution to the community. Your follow-up not only helps close the loop but also ensures others benefit from your experience. Thanks so much for being part of the conversation!

Kautuk Sahni
SantoshSai
SantoshSaiAccepted solution
New Participant
August 5, 2025

Hi @prashardan,

1. Create Amazon Kendra Index

  • Go to AWS Console > Amazon Kendra

  • Create an Index and note down the Index ID

Reference: https://docs.aws.amazon.com/kendra/latest/dg/getting-started.html

2. Add AWS SDK Dependency in core/pom.xml

<dependency> <groupId>software.amazon.awssdk</groupId> <artifactId>kendra</artifactId> <version>2.25.14</version> </dependency>

Reference: https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/services/kendra/KendraClient.html
3. Create Sling Servlet to Query Kendra

Use KendraClient in a servlet to query based on user input.

Basic steps:

  • Read query param

  • Call KendraClient.query(...)

  • Parse results and return JSON

4. Test Endpoint

Access your servlet via:

http://localhost:4502/bin/kendra/search?q=your+query

5. Security Note

For local, use AWS credentials via ~/.aws/credentials.

Reference: https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials.html

More Useful References:

A Sample Servlet to Query Amazon Kendra that might helps you:

@SlingServletPaths("/bin/kendra/search") public class KendraSearchServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String queryText = req.getParameter("q"); Region region = Region.US_EAST_1; KendraClient kendraClient = KendraClient.builder() .region(region) .credentialsProvider(ProfileCredentialsProvider.create()) // Use env or IAM for production .build(); QueryRequest queryRequest = QueryRequest.builder() .indexId("your-kendra-index-id") .queryText(queryText) .build(); QueryResponse queryResponse = kendraClient.query(queryRequest); List<QueryResultItem> items = queryResponse.resultItems(); JSONArray jsonArray = new JSONArray(); for (QueryResultItem item : items) { JSONObject json = new JSONObject(); json.put("title", item.documentTitle().text()); json.put("excerpt", item.documentExcerpt().text()); json.put("uri", item.documentURI()); jsonArray.put(json); } resp.setContentType("application/json"); resp.getWriter().write(jsonArray.toString()); } }
Santosh Sai
    VishalKa5
    VishalKa5
    Level 1
    August 5, 2025

    Hi @prashardan ,

     

    Steps for POC:

    1. Set up a Kendra index in AWS.

    2. Push AEM content (pages or fragments) to Kendra using its API or connector.

    3. Build a search UI in AEM that sends queries to Kendra and shows results.

    4. Handle authentication using AWS IAM or API keys.

     

    Thanks & Regards,

    Vishal

      S
      ShafaliTh
      New Participant
      August 7, 2025

      @santoshsai @vishalka5 @prashardan 
      For our local setup, we're currently using AWS session credentials for the POC.
      From a security and authentication standpoint, do you have any recommendations or best practices for establishing a secure connection between the application and AEM Cloud using the AWS SDK? Specifically, what would be the suggested approach at the application level, and how should we proceed to ensure a secure and scalable integration

      SantoshSai
      SantoshSai
      New Participant
      August 7, 2025

      I would suggest:

      • Use IAM Role with Web Identity (Recommended)

        • Use AWS STS (AssumeRoleWithWebIdentity) to get temporary credentials securely.

        • No hardcoded credentials in AEM.

      • Use Environment Variables / Secrets Manager

        • Store role ARN and config securely.

        • Never embed secrets in code.

      • Least Privilege IAM Policy

        • Grant only kendra:Query and needed actions to the IAM role.

      Santosh Sai
        Terms & ConditionsAccessibility statement

        Loading footer...