Amazon Neptune

This feature set is currently in closed-access beta. Functionality and documentation may change. Please contact your Customer Success Manager if you are interested in this beta!

See our main guide, Add a Datasource, for general information on adding a Datasource in the Admin UI.

By default, Neptune access is unauthenticated, with the assumption that anything inside the VPC that can connect to the cluster can connect to the Neptune API. However, Amazon also offers an IAM-based configuration. Both configurations are fully supported by strongDM, and you can choose which type when selecting a Datasource Type. Both configurations are detailed in the sections that follow.

Amazon Neptune

Note the following fields and configuration information, which are specific to Amazon Neptune:

Add Datasource Dialog for Amazon Neptune
Add Datasource Dialog for Amazon Neptune
  • Display Name (Required): Enter a meaningful name for this resource (e.g., “amazon-neptune”). This name will show up in the Admin UI.
  • Datasource Type (Required): Select Neptune.
  • Endpoint (Required): Enter the endpoint (e.g., <ENDPOINT>.<REGION> Note that the endpoint must be accessible to a Gateway or Relay.
  • Port (Required): Enter the port to connect to the service (default: 8182).

Amazon Neptune (IAM)

If you use the Neptune (IAM) Datasource Type, you will have the fields previously indicated and the following additional fields:

Add Datasource Dialog for Amazon Neptune (IAM)
Add Datasource Dialog for Amazon Neptune (IAM)
  • Region (Required): Enter the region where the database is being hosted (e.g., us-east-1).
  • Access Key ID (Required): Type in the access key ID that's configured for the database (e.g., AKIAIOSFODNN7EXAMPLE).
  • Secret Access Key (Required): Type in the secret access key associated with your access key ID.
  • Assume Role ARN (Optional): You may allow users accessing this resource to assume a role using the AWS AssumeRole functionality by providing the role ARN in this field.
  • Assume Role External ID (Optional): If you are leveraging an external ID to users assuming a role from another account, you may provide that in this field. Note that this is optional, but if used, it must be used in conjunction with Assume Role ARN. See the AWS documentation on using external IDs for more information.

If any errors occur, please copy them into an email and send them to

Amazon MQ