This is the new *Amazon CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [Amazon CloudFormation User Guide](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/Welcome.html).

# AWS::NeptuneGraph::PrivateGraphEndpoint
<a name="aws-resource-neptunegraph-privategraphendpoint"></a>

Create a private graph endpoint to allow private access from to the graph from within a VPC. You can attach security groups to the private graph endpoint.

**Note**  
VPC endpoint charges apply.

## Syntax
<a name="aws-resource-neptunegraph-privategraphendpoint-syntax"></a>

To declare this entity in your Amazon CloudFormation template, use the following syntax:

### JSON
<a name="aws-resource-neptunegraph-privategraphendpoint-syntax.json"></a>

```
{
  "Type" : "AWS::NeptuneGraph::PrivateGraphEndpoint",
  "Properties" : {
      "[GraphIdentifier](#cfn-neptunegraph-privategraphendpoint-graphidentifier)" : {{String}},
      "[SecurityGroupIds](#cfn-neptunegraph-privategraphendpoint-securitygroupids)" : {{[ String, ... ]}},
      "[SubnetIds](#cfn-neptunegraph-privategraphendpoint-subnetids)" : {{[ String, ... ]}},
      "[VpcId](#cfn-neptunegraph-privategraphendpoint-vpcid)" : {{String}}
    }
}
```

### YAML
<a name="aws-resource-neptunegraph-privategraphendpoint-syntax.yaml"></a>

```
Type: AWS::NeptuneGraph::PrivateGraphEndpoint
Properties:
  [GraphIdentifier](#cfn-neptunegraph-privategraphendpoint-graphidentifier): {{String}}
  [SecurityGroupIds](#cfn-neptunegraph-privategraphendpoint-securitygroupids): {{
    - String}}
  [SubnetIds](#cfn-neptunegraph-privategraphendpoint-subnetids): {{
    - String}}
  [VpcId](#cfn-neptunegraph-privategraphendpoint-vpcid): {{String}}
```

## Properties
<a name="aws-resource-neptunegraph-privategraphendpoint-properties"></a>

`GraphIdentifier`  <a name="cfn-neptunegraph-privategraphendpoint-graphidentifier"></a>
The unique identifier of the Neptune Analytics graph.  
*Required*: Yes  
*Type*: String  
*Update requires*: [Replacement](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

`SecurityGroupIds`  <a name="cfn-neptunegraph-privategraphendpoint-securitygroupids"></a>
Security groups to be attached to the private graph endpoint..  
*Required*: No  
*Type*: Array of String  
*Update requires*: [Replacement](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

`SubnetIds`  <a name="cfn-neptunegraph-privategraphendpoint-subnetids"></a>
Subnets in which private graph endpoint ENIs are created.  
*Required*: No  
*Type*: Array of String  
*Update requires*: [Replacement](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

`VpcId`  <a name="cfn-neptunegraph-privategraphendpoint-vpcid"></a>
 The VPC in which the private graph endpoint needs to be created.  
*Required*: Yes  
*Type*: String  
*Update requires*: [Replacement](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

## Return values
<a name="aws-resource-neptunegraph-privategraphendpoint-return-values"></a>

### Ref
<a name="aws-resource-neptunegraph-privategraphendpoint-return-values-ref"></a>

When you pass the logical ID of this resource to the intrinsic `Ref` function, `Ref` returns the PrivateGraphEndpointIdentifier.

For more information about using the `Ref` function, see [https://docs.amazonaws.cn/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html](https://docs.amazonaws.cn/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html).

### Fn::GetAtt
<a name="aws-resource-neptunegraph-privategraphendpoint-return-values-fn--getatt"></a>

The `Fn::GetAtt` intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the `Fn::GetAtt` intrinsic function, see [https://docs.amazonaws.cn/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html](https://docs.amazonaws.cn/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html).

#### 
<a name="aws-resource-neptunegraph-privategraphendpoint-return-values-fn--getatt-fn--getatt"></a>

`PrivateGraphEndpointIdentifier`  <a name="PrivateGraphEndpointIdentifier-fn::getatt"></a>
PrivateGraphEndpoint resource identifier generated by concatenating the associated GraphIdentifier and VpcId with an underscore separator. For example, if GraphIdentifier is `g-12a3bcdef4` and VpcId is `vpc-111122223333aabbc`, the generated PrivateGraphEndpointIdentifier will be `g-12a3bcdef4_vpc-111122223333aabbc`.

`VpcEndpointId`  <a name="VpcEndpointId-fn::getatt"></a>
VPC endpoint that provides a private connection between the Graph and specified VPC. For example: `vpce-aabbaabbaabbaabba`.