Amazon managed (predefined) policies for Amazon Neptune - Amazon Neptune
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Amazon managed (predefined) policies for Amazon Neptune

Amazon addresses many common use cases by providing standalone IAM policies that are created and administered by Amazon. Managed policies grant necessary permissions for common use cases so you can avoid having to investigate what permissions are needed. For more information, see Amazon Managed Policies in the IAM User Guide.

The following Amazon managed policies, which you can attach to users in your account, are for using Amazon Neptune management APIs:

  • NeptuneReadOnlyAccess — Grants read-only access to all Neptune resources for both administrative and data-access purposes in the root Amazon account.

  • NeptuneFullAccess — Grants full access to all Neptune resources for both administrative and data-access purposes in the root Amazon account. This is recommended if you need full Neptune access from the Amazon CLI or SDK, but not for Amazon Web Services Management Console access.

  • NeptuneConsoleFullAccess — Grants full access in the root Amazon account to all Neptune administrative actions and resources, but not to any data-access actions or resources. It also includes additional permissions to simplify Neptune access from the console, including limited IAM and Amazon EC2 (VPC) permissions.

Neptune IAM roles and policies grant some access to Amazon RDS resources, because Neptune shares operational technology with Amazon RDS for certain management features. This includes administrative API permissions, which is why Neptune administrative actions have an rds: prefix.

Updates to Neptune Amazon managed policies

The following table tracks updates to Neptune managed policies starting from the time Neptune began tracking these changes:

Policy Description Date

NeptuneReadOnlyAccess (added permissions)

Added data-access permissions and permissions for new global database APIs.

2022-08-03

NeptuneFullAccess (added permissions)

Added data-access permissions and permissions for new global database APIs.

2022-07-28

NeptuneConsoleFullAccess (added permissions)

Added permissions for new global database APIs.

2022-07-21

Neptune started tracking changes

Neptune began tracking changes to its Amazon managed policies.

2022-07-21