AWS::NeptuneGraph::PrivateGraphEndpoint - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


Create a private graph endpoint to allow private access from to the graph from within a VPC. You can attach security groups to the private graph endpoint.


VPC endpoint charges apply.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "Type" : "AWS::NeptuneGraph::PrivateGraphEndpoint", "Properties" : { "GraphIdentifier" : String, "SecurityGroupIds" : [ String, ... ], "SubnetIds" : [ String, ... ], "VpcId" : String } }


Type: AWS::NeptuneGraph::PrivateGraphEndpoint Properties: GraphIdentifier: String SecurityGroupIds: - String SubnetIds: - String VpcId: String



The unique identifier of the Neptune Analytics graph.

Required: Yes

Type: String

Update requires: Replacement


Security groups to be attached to the private graph endpoint..

Required: No

Type: Array of String

Update requires: Replacement


Subnets in which private graph endpoint ENIs are created.

Required: No

Type: Array of String

Update requires: Replacement


The VPC in which the private graph endpoint needs to be created.

Required: Yes

Type: String

Update requires: Replacement

Return values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the PrivateGraphEndpointIdentifier.

For more information about using the Ref function, see Ref.


The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.


PrivateGraphEndpoint resource identifier generated by concatenating the associated GraphIdentifier and VpcId with an underscore separator. For example, if GraphIdentifier is g-12a3bcdef4 and VpcId is vpc-111122223333aabbc, the generated PrivateGraphEndpointIdentifier will be g-12a3bcdef4_vpc-111122223333aabbc.


VPC endpoint that provides a private connection between the Graph and specified VPC. For example: vpce-aabbaabbaabbaabba.