Specifying resources in Neptune IAM data-access policy statements - Amazon Neptune
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Specifying resources in Neptune IAM data-access policy statements

Data resources, like data actions, have a neptune-db: prefix.

In a Neptune data-access policy, you specify the DB cluster that you are giving access to in an ARN with the following format:

arn:aws:neptune-db:region:account-id:cluster-resource-id/*

Such a resource ARN contains the following parts:

  • region is the Amazon Region for the Amazon Neptune DB cluster.

  • account-id is the Amazon account number for the DB cluster.

  • cluster-resource-id is a resource id for the DB cluster.

    Important

    The cluster-resource-id is different from the cluster identifier. To find a cluster resource ID in the Neptune Amazon Web Services Management Console, look in the Configuration section for the DB cluster in question.