Posted On: Jul 27, 2022

You can now configure fine grained access control for data plane actions when using Amazon Identity and Access Management (IAM) to connect to Amazon Neptune.

Amazon Neptune is a fast, reliable, and fully managed graph database service that helps customers build applications for fraud detection, identity resolution, knowledge management, and security posture assessment using highly connected datasets. Starting with Neptune’s engine release, you can provide fine grained access to users accessing Neptune data plane APIs with IAM for performing graph-data actions such as reading, writing, and deleting data from the graph, and non graph-data actions such as starting and monitoring NeptuneML activities and checking the status of ongoing data plane activities. For example, you can create a policy with ‘read only’ access for data analysts who do not need to manipulate the graph data, a policy for ‘read and write’ access to developers using the graph for their applications, and a policy for data scientists who need access to NeptuneML commands.

To get started, just create an IAM policy with the required permissions and resources for your Neptune clusters. To learn more about changes to the IAM policy, see the documentation. This feature is available to Neptune customers in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD. For more information on pricing and region availability, refer to the Neptune pricing page.