Securing access to an Amazon Neptune cluster
There are multiple ways for you to secure your Amazon Neptune clusters.
Using IAM policies to restrict access to a Neptune DB cluster
To control who can perform Neptune management actions on Neptune DB clusters and DB instances, use Amazon Identity and Access Management (IAM).
When you use an IAM account to access the Neptune console, you must first sign
in to the Amazon Web Services Management Console using your IAM account before opening the Neptune console at
https://console.aws.amazon.com/neptune/home
When you connect to Amazon using IAM credentials, your IAM account must have IAM policies that grant the permissions required to perform Neptune management operations. For more information, see Using different kinds of IAM policies for controlling access to Neptune.
Using VPC security groups to restrict access to a Neptune DB cluster
Neptune DB clusters must be created in an Amazon Virtual Private Cloud (Amazon VPC). To control which devices and EC2 instances can open connections to the endpoint and port of the DB instance for Neptune DB clusters in a VPC, you use a VPC security group. For more information about VPCs, see Create a security group using the VPC console.
Using IAM authentication to restrict access to a Neptune DB cluster
If you enable Amazon Identity and Access Management (IAM) authentication in a Neptune DB cluster, anyone accessing the DB cluster must first be authenticated. See Authenticating your Amazon Neptune databse with Amazon Identity and Access Management for information about setting up IAM authentication.
For information about using temporary credentials to authenticate, including examples for the Amazon CLI, Amazon Lambda, and Amazon EC2, see Using temporary credentials to connect to Amazon Neptune.
The following links provide additional information about connecting to Neptune using IAM authentication with the individual query languages:
Using Gremlin with IAM authentication
Using openCypher with IAM authentication
Using SPARQL with IAM authentication
Connecting to Amazon Neptune databases using IAM autnetication with Java and SPARQL
-
Connecting to Amazon Neptune databases using IAM authentication with Python
Note
This example applies to both Gremlin and SPARQL.