Amazon Neptune
User Guide (API Version 2017-11-29)

Getting Started with Neptune

Welcome to Amazon Neptune. This section helps you find what you are looking for in the Neptune documentation.

Creating a Neptune Cluster

The quickest way to get started with Amazon Neptune is to use the AWS CloudFormation template in the Amazon Neptune Quick Start Using AWS CloudFormation. The AWS CloudFormation template performs much of the setup for you, including creating an Amazon Elastic Compute Cloud (Amazon EC2) instance.

For information about creating an Amazon Neptune cluster manually using the AWS Management Console, see Launching a Neptune DB Cluster.

For information about the general management of clusters and instances in Neptune, see Working with Amazon Neptune DB Clusters.

Connecting to Neptune

Amazon Neptune supports two different graph query languages: Gremlin (Apache TinkerPop3) and SPARQL (SPARQL 1.1). In the Neptune documentation, the instructions for accessing the Neptune graph on a running Neptune DB instance are divided into sections for Gremlin and SPARQL.

Gremlin and SPARQL data can be stored on the same cluster. However, they are separated on the cluster, and any data that is loaded or stored with one query language cannot be queried by the other.

Gremlin

Gremlin is a graph traversal language. As such, a query in Gremlin is a traversal made up of discrete steps. Each step follows an edge to a node. To learn about connecting to Neptune using Gremlin, see Accessing the Neptune Graph with Gremlin.

For a walkthrough of basic Gremlin commands, see the Gremlin Walkthrough section of the Amazon Neptune Quick Start.

The Neptune implementation of Gremlin has some differences from other implementations, especially when you are using Gremlin-Groovy (Gremlin queries sent as serialized text). For more information, see Neptune Gremlin Implementation Differences.

SPARQL

SPARQL is a declarative query language that is based on the graph pattern matching that is standardized by the World Wide Web Consortium (W3C) and described in the SPARQL 1.1 Query Language specification.

To learn about connecting to Neptune using SPARQL, see Accessing the Neptune Graph with SPARQL.

Connecting to Neptune Using IAM Authentication

For information about setting up AWS Identity and Access Management (IAM) authentication, see IAM Database Authentication for Neptune.

For information about using temporary credentials to authenticate, including examples for the AWS CLI, AWS Lambda, and Amazon EC2, see IAM Authentication using Temporary Credentials.

The following links provide information about connecting to Neptune using IAM authentication.

Loading Data

Amazon Neptune provides a process for loading data from external files directly into a Neptune DB instance. You can use this process instead of executing a large number of INSERT statements, addVertex and addEdge steps, or other API calls.

The following are links to additional loading information.

Neptune Security

There are multiple ways for you to secure your Amazon Neptune clusters.

IAM Permissions for Cluster Management

To control who can perform Neptune management actions on Neptune DB clusters and DB instances, you use AWS Identity and Access Management (IAM). When you connect to AWS using IAM credentials, your IAM account must have IAM policies that grant the permissions that are required to perform Neptune management operations. For more information, see Manage Access with IAM.

If you are using an IAM account to access the Neptune console, you must first sign in to the AWS Management Console using your IAM account. Then open the Neptune console at https://console.aws.amazon.com/neptune/home.

VPC and VPC Security Groups

Neptune DB clusters must be created in an Amazon Virtual Private Cloud (Amazon VPC). To control which devices and EC2 instances can open connections to the endpoint and port of the DB instance for Neptune DB clusters in a VPC, you use a VPC security group. For more information about VPCs, see Creating a Security Group to Provide Access to the Neptune DB Instance in the VPC .

IAM Authentication

You can use IAM database authentication for Neptune. With IAM database authentication, you authenticate to your Neptune DB cluster with an IAM user. For more information, see IAM Database Authentication for Neptune.

Encryption at Rest

You can use AWS Key Management Service (AWS KMS) to create encryption keys and then use those keys to encrypt Neptune cluster data at rest. For more information, see Encrypting Neptune Resources.

Monitoring Neptune

Amazon Neptune supports the following monitoring methods.

Troubleshooting and Best Practices

The following links might be helpful for resolving issues with Amazon Neptune.