IAM resource types for administering Amazon Neptune
Neptune supports the resource types in the following table for use in the
Resource
element of IAM administration policy statements. For more
information about the Resource
element, see IAM JSON Policy Elements:
Resource.
The list of Neptune administration actions identifies the resource types that can be specified with each action. A resource type also determines which condition keys you can include in a policy, as specified in the last column of the table below.
The ARN
column in the table below specifies the Amazon Resource Name
(ARN) format that you must use to reference resources of this type. The portions that
are preceded by a $
must be replaced by the actual values for your scenario.
For example, if you see $user-name
in an ARN, you must replace that string
either with the actual IAM user's name or with a policy variable that contains an IAM
user name. For more information about ARNs, see IAM ARNs, and
Working with administrative ARNs in Amazon Neptune.
The Condition Keys
column specifies condition context keys that you can
include in an IAM policy statement only when both this resource and a compatible supporting
action are included in the statement.
Resource Types | ARN | Condition Keys |
---|---|---|
(a DB cluster) |
arn: |
|
(a DB cluster parameter group) |
arn: |
|
(a DB cluster snapshot) |
arn: |
|
(a DB instance) |
arn: |
|
(an event subscription) |
arn: |
|
(a DB parameter group) |
arn: |
|
(a DB subnet group) |
arn: |