Connecting to your Amazon Neptune graph
Once you have created a Neptune DB cluster, the next step is to set up the ways you want to connect to it.
Setting up curl
or awscurl
to communicate with your Neptune endpoint
Having a command-line tool for submitting queries to your Neptune DB cluster
is very handy, as illustrated in many of the examples in this documentation. The curl--aws-sigv4
option for
signing requests when IAM authentication is enabled.
For endpoints where IAM authentication is enabled, you can
also use awscurlcurl
but supports signing requests as required
for IAM authentication. Because of the added security that IAM authentication
provides, it is generally a good idea to enable it.
For information about how to use curl
(or awscurl
),
see the curl man page
To connect using HTTPS (which Neptune requires), curl
needs access
to appropriate certificates. As long as curl
can locate the appropriate
certificates, it handles HTTPS connections just like HTTP connections, without extra
parameters. The same is true for awscurl
. Examples in this documentation
are based on that scenario.
To learn how to obtain such certificates and how to format them properly into
a certificate authority (CA) certificate store that curl
can use, see
SSL Certificate Verificationcurl
documentation.
You can then specify the location of this CA certificate store using the
CURL_CA_BUNDLE
environment variable. On Windows, curl
automatically looks for it in a file named curl-ca-bundle.crt
. It looks first in
the same directory as curl.exe
and then elsewhere on the path. For more
information, see SSL Certificate
Verification
Different ways to connect to a Neptune DB cluster
An Amazon Neptune DB cluster can only be created in an Amazon Virtual Private Cloud (Amazon VPC). Unless you enable and set up Neptune public endpoints for the DB cluster, its endpoints are accessible only within that VPC.
There are several different ways to set up access to your Neptune DB cluster in its VPC: