Amazon Neptune
User Guide (API Version 2017-11-29)

AWS Managed (Predefined) Policies for Amazon Neptune

AWS addresses many common use cases by providing standalone IAM policies that are created and administered by AWS. Managed policies grant necessary permissions for common use cases so you can avoid having to investigate what permissions are needed. For more information, see AWS Managed Policies in the IAM User Guide.

The following AWS managed policies, which you can attach to users in your account, are for using Amazon Neptune mangement APIs:

  • NeptuneReadOnlyAccess – Grants read-only access to all Amazon Neptune resources for the root AWS account.

  • NeptuneFullAccess – Grants full access to all Amazon Neptune resources for the root AWS account. This is recommended if you need full Neptune access from the AWS CLI or SDK, but not AWS Management Console access.

  • NeptuneConsoleFullAccess – Grants full access to all Amazon Neptune resources for the root AWS account and includes additional permissions to simplify Neptune access from the console, including limited IAM and EC2 (VPC) permissions.

You can also create custom IAM policies that allow users to access the required Amazon Neptune API actions and resources. You can attach these custom policies to the IAM users or groups that require those permissions.

Neptune IAM roles and policies grant some access to Amazon RDS resources, because Neptune shares operational technology with Amazon RDS for certain management features. This includes management API permissions. To restrict access to a specific set of actions, see Access Control Overview in the Amazon RDS User Guide.