Getting Started Accessing Your Neptune Graph - Amazon Neptune

Getting Started Accessing Your Neptune Graph

After you create an instance in Amazon Elastic Compute Cloud (Amazon EC2), you can log into your EC2 instance using SSH and connect to the Amazon Neptune graph. For information about connecting to an EC2 instance using SSH, see Connect to Your Linux Instance in the Amazon EC2 User Guide for Linux Instances.

If you are using a Linux or macOS command line to connect to the EC2 instance, you can paste the SSH command from the SSHAccess item in the Outputs section of the AWS CloudFormation stack. You must have the PEM file in the current directory and the PEM file permissions must be set to 400 (chmod 400 keypair.pem).

After you are connected, you can use one of the two graph query languages supported by Neptune to access your new graph: Gremlin and SPARQL.


You can store Gremlin and SPARQL data on the same cluster. However, they are separated on the cluster, and any data that is loaded or stored with one query language cannot be queried by the other.

You might want to use IAM authentication to connect to Gremlin or SPARQL. For more information about this option, see Connecting to Neptune Using IAM Authentication.

Setting Up curl to Communicate with Your Neptune Endpoint

As illustrated in many of the examples in this documentation, the curl command line tool is a handy option for communicating with your Neptune endpoint. For information about the tool, see the curl man page, and the book Everything curl.

To connect using HTTPS (as we recommend and as Neptune requires in most Regions), curl needs access to appropriate certificates. To learn how to obtain these certificates and how to format them properly into a certificate authority (CA) certificate store that curl can use, see SSL Certificate Verification in the curl documentation.

You can then specify the location of this CA certificate store using the CURL_CA_BUNDLE environment variable. On Windows, curl automatically looks for it in a file named curl-ca-bundle.crt. It looks first in the same directory as curl.exe and then elsewhere on the path. For more information, see SSL Certificate Verification.

As long as curl can locate the appropriate certificates, it handles HTTPS connections just like HTTP connections, without extra parameters. Examples in this documentation are based on that scenario.