Launching a Neptune DB Cluster Using the Console - Amazon Neptune

Launching a Neptune DB Cluster Using the Console

The following procedure describes how to use the AWS Management Console to launch an Amazon Neptune DB cluster.

Before you can access the Neptune console and create a Neptune cluster, you must have an IAM user with NeptuneFullAccess permissions. For information about adding these permissions, see AWS Managed (Predefined) Policies for Amazon Neptune.

The NeptuneFullAccess IAM policy does not grant permissions for a virtual private cloud (VPC), VPC endpoints, or Amazon Simple Storage Service (Amazon S3). You must add these permissions to your IAM user or role to operate on other services. For example, if you choose to have the Neptune console create a VPC, the IAM user or role must have VPC permissions.


Neptune requires permission to create a service-linked role the first time you create any Neptune resources. Add the following iam:CreateServiceLinkedRole permissions to the same user or role that you give NeptuneFullAccess.

{ "Action": "iam:CreateServiceLinkedRole", "Effect": "Allow", "Resource": "arn:aws:iam::*:role/aws-service-role/", "Condition": { "StringLike": { "iam:AWSServiceName":"" } } }

For more information, see Using Service-Linked Roles for Neptune.

To launch a Neptune DB cluster using the console

  1. Sign in to the AWS Management Console, and open the Amazon Neptune console at

  2. Navigate to the Databases page.

  3. Choose Create database.

  4. On the Specify DB details page, under Instance specifications you can select a particular DB engine version for your new DB cluster. Unless you have a reason to use an older engine version, you can just leave the default value (the most recent version).

  5. Under Purpose, choose either Production or Development and Testing.

  6. If you selected Production, choose from among the available fixed-performance DB instance classes listed. The DB instance class you choose determines the processing and memory capacity of the primary write instance of your new DB cluster. For a current listing of DB instance classes that Neptune supports in different regions, see the Neptune pricing page. In your region these may include:

    • db.r5.large

    • db.r5.xlarge

    • db.r5.2xlarge

    • db.r5.4xlarge

    • db.r5.8xlarge

    • db.r5.12xlarge


    Starting with Neptune engine release Neptune no longer supports R4 instance types.

    If you selected Development and Testing, you can select a T3 burstable instance class (for example, db.t3.medium). A burstable instance class is the most cost-effective for development, where you generally don't need high capacity all the time. See T3 Burstable Instances.

  7. By default, Neptune will locate read-replica instances you create for a DB cluster in different availability zones (AZs) to improve availability. Unless you prefer not to do that, leave the Enable high availability (Multi-AZ) setting at the default (enabled).

  8. Under Settings, enter a name for the primary write instance in your DB cluster. This identifier is used in the endpoint address of the instance, and must meet the following criteria:

    • It must contain from 1 to 63 alphanumeric characters or hyphens.

    • Its first character must be a letter.

    • It cannot end with a hyphen or contain two consecutive hyphens.

    • It must be unique across all DB instances in your AWS account in a given AWS Region.

  9. Choose Next. On the Configure advanced settings page, you can customize additional settings for your Neptune DB cluster. The following table shows the advanced settings for a DB cluster.

    For this option... Do this

    Virtual Private Cloud (VPC)

    Choose the VPC that will host the DB cluster. Choose Create a new VPC to have Neptune create a VPC for you. You need to create an Amazon EC2 instance in this same VPC to access the Neptune instance. For more information, see Accessing Neptune DB Clusters in an Amazon VPC.

    Subnet group

    Choose the Neptune DB subnet group to use for the DB cluster. If your VPC does not have any subnet groups, Neptune creates a DB subnet group for you. For more information, see Accessing Neptune DB Clusters in an Amazon VPC.

    Availability Zone

    Specify a particular availability zone, or choose No preference to have Neptune choose one for you.

    VPC security groups

    Choose one or more VPC security groups to secure network access to the DB cluster. Choose Create a new VPC security group to have Neptune create a VPC security group for you. For more information, see Creating a Security Group to Provide Access to a Neptune DB Instance in a VPC.

    DB cluster identifier

    The identifier for your DB cluster. If you don't specify this value, Neptune creates one based on the DB instance identifier.


    The port for all HTTP and WebSockets connections. Neptune DB clusters use 8182 as the default.

    DB parameter group

    Select a parameter group. Neptune has a default parameter group you can use, or you can create your own parameter group. For more information about parameter groups, see Parameters.

    IAM DB authentication

    Choose Enable IAM DB authentication to manage access and authentication using AWS Identity and Access Management (IAM).


    This requires that you sign all requests with AWS Signature Version 4 signing. For more information, see Identity and Access Management in Amazon Neptune.


    Choose Enable encryption if you want to enable encryption-at-rest for this DB cluster. For more information, see Encrypting Neptune Resources at Rest.

    Failover priority

    Choose a priority tier for failover. If there is contention within a tier, the replica that is the same size as the primary instance is selected.

    Backup retention period

    Choose the length of time, from 1 to 35 days, that Neptune will retain backup copies of the database. You can use backup copies for point-in-time restores (PITR) of your database down to the second.

    Log exports

    Choose the log types to publish to Amazon CloudWatch logs.

    Auto minor version upgrade

    Choose Enable auto minor version upgrade if you want to enable your Neptune DB cluster to receive minor Neptune DB Engine version upgrades automatically when they become available.

    The Auto minor version upgrade option applies only to upgrades to Neptune minor engine versions for your Amazon Neptune DB cluster, not to regular patches that are applied automatically to maintain system stability.

    Maintenance window

    If you want, you can choose a specific weekly time range during which system maintenance can occur.

    Deletion protection

    Deletion protection blocks your DB cluster from being deleted. Unless you uncheck Enable deletion protection, it is enabled by default.

  10. Choose Create database to launch your Neptune DB instance, and then choose Close to close the wizard.

    On the Amazon Neptune console, the new DB cluster appears in the list of Databases. The DB cluster has a status of Creating until it is created and ready for use. When the state changes to Available, you can connect to the primary instance for your DB cluster. Depending on the DB instance class and store allocated, it can take several minutes for the new instances to be available.

    To view the newly created cluster, choose the Databases view in the Neptune console.


    If you delete all Neptune DB instances in a DB cluster using the AWS Management Console, the DB cluster is deleted automatically. If you are using the AWS CLI or SDK, you must delete the DB cluster manually after you delete the last instance.

    Note the Cluster endpoint value. You need this to connect to your Neptune DB cluster.