AWS managed (predefined) policies for Amazon Neptune - Amazon Neptune

AWS managed (predefined) policies for Amazon Neptune

AWS addresses many common use cases by providing standalone IAM policies that are created and administered by AWS. Managed policies grant necessary permissions for common use cases so you can avoid having to investigate what permissions are needed. For more information, see AWS Managed Policies in the IAM User Guide.

The following AWS managed policies, which you can attach to users in your account, are for using Amazon Neptune management APIs:

  • NeptuneReadOnlyAccess — Grants read-only access to all Neptune resources for both administrative and data-access purposes in the root AWS account.

  • NeptuneFullAccess — Grants full access to all Neptune resources for both administrative and data-access purposes in the root AWS account. This is recommended if you need full Neptune access from the AWS CLI or SDK, but not for AWS Management Console access.

  • NeptuneConsoleFullAccess — Grants full access in the root AWS account to all Neptune administrative actions and resources, but not to any data-access actions or resources. It also includes additional permissions to simplify Neptune access from the console, including limited IAM and Amazon EC2 (VPC) permissions.

Neptune IAM roles and policies grant some access to Amazon RDS resources, because Neptune shares operational technology with Amazon RDS for certain management features. This includes administrative API permissions, which is why Neptune administrative actions have an rds: prefix.

Updates to Neptune AWS managed policies

The following table tracks updates to Neptune managed policies starting from the time Neptune began tracking these changes:

Policy Description Date

NeptuneReadOnlyAccess (added permissions)

Added data-access permissions and permissions for new global database APIs.

2022-08-03

NeptuneFullAccess (added permissions)

Added data-access permissions and permissions for new global database APIs.

2022-07-28

NeptuneConsoleFullAccess (added permissions)

Added permissions for new global database APIs.

2022-07-21

Neptune started tracking changes

Neptune began tracking changes to its AWS managed policies.

2022-07-21