Amazon Neptune

Last modified on August 10, 2022

See our main guide, Add a Datasource, for general information on adding a Datasource in the Admin UI.

Amazon Neptune

Note the following fields and configuration information, which are specific to Amazon Neptune:

Add Datasource Dialog for Amazon Neptune
Add Datasource Dialog for Amazon Neptune
  • Display Name (Required): Enter a meaningful name for this resource, such as “amazon-neptune.” This name displays throughout strongDM. Do not include special characters like quotes (") or angle brackets (< or >).
  • Datasource Type (Required): Select Neptune.
  • Endpoint (Required): Enter the endpoint (e.g., <ENDPOINT>.<REGION>.neptune.amazonaws.com). Note that the endpoint must be accessible to a Gateway or Relay.
  • Port (Required): Enter the port to connect to the service (default: 8182).
  • Port Override: After this Datasource has been created, this field will be automatically filled with a port between 1024-59999 that is not in use by another Datasource. You can optionally overwrite it with your own preferred port later in the Port Overrides settings.
  • Resource Tags (Optional): Assign tags to the Datasource by entering key-value pairs in the format <KEY>=<VALUE> (e.g., env=dev).

Amazon Neptune (IAM)

If you use the Neptune (IAM) Datasource Type, you will have the following fields:

Add Datasource Dialog for Amazon Neptune (IAM)
Add Datasource Dialog for Amazon Neptune (IAM)
  • Display Name (Required): Enter a meaningful name for this resource, such as “amazon-neptune.” This name displays throughout strongDM. Do not include special characters like quotes (") or angle brackets (< or >).
  • Datasource Type (Required): Select Neptune.
  • Endpoint (Required): Enter the endpoint (e.g., <ENDPOINT>.<REGION>.neptune.amazonaws.com). Note that the endpoint must be accessible to a Gateway or Relay.
  • Port (Required): Enter the port to connect to the service (default: 8182).
  • Port Override: After this Datasource has been created, this field will be automatically filled with a port between 1024-59999 that is not in use by another Datasource. You can optionally overwrite it with your own preferred port later in the Port Overrides settings.
  • Region (Required): Enter the region where the database is being hosted (e.g., us-east-1).
  • Secret Store: This field lets you specify where the credentials for this Resource are stored (i.e., strongDM, AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, HashiCorp Vault, etc.). This field is only displayed if Secret Store integration is configured in the Admin UI. The default Secret Store type is strongDM. Selecting any other Secret Store type causes properties unique to that Secret Store to appear, such as Username (path), Password (path), and so forth. For more detailed information about path to the secrets you’ve stored in a particular Secret Store, see the Secret Store integration configuration guide for the one you are using.
  • Access Key ID (Required): This field is shown when Secret Store integration is not configured for your organization, or when it is and strongDM is the selected Secret Store type. Enter the access key ID that is configured for the database (e.g., AKIAIOSFODNN7EXAMPLE).
  • Access Key ID (path) (Required): If Secret Store integration is configured for your organization and you selected a Secret Store type that is not strongDM, enter the path to the secret in your Secret Store (e.g., path/to/credential?key=optionalKeyName). The key argument is optional.
  • Secret Access Key (Required): This field is shown when Secret Store integration is not configured for your organization, or when it is and strongDM is the selected Secret Store type. Enter the secret access key associated with your access key ID.
  • Secret Access Key (path) (Required): If Secret Store integration is configured for your organization and you selected a Secret Store type that is not strongDM, enter the path to the secret in your Secret Store (e.g., path/to/credential?key=optionalKeyName). The key argument is optional.
  • Assume Role ARN (Optional): This field is shown when Secret Store integration is not configured for your organization, or when it is and strongDM is the selected Secret Store type. Provide the Role ARN (e.g., arn:aws:iam::000000000000:role/RoleName) to allow users accessing this resource to assume a role using AWS AssumeRole functionality. The Assume Role ARN is required when the Elasticsearch master user to be used by this Datasource is a Role ARN.
  • Assume Role ARN (path) (Optional): If Secret Store integration is configured for your organization and you selected a Secret Store type that is not strongDM, enter the path to the secret in your Secret Store (e.g., path/to/credential?key=optionalKeyName). The key argument is optional.
  • Assume Role External ID (Optional): This field is shown when Secret Store integration is not configured for your organization, or when it is and strongDM is the selected Secret Store type. Provide the external ID (e.g., 12345) if leveraging an external ID to users assuming a role from another account. Note that this is optional, but if used, it must be used in conjunction with Assume Role ARN. See the AWS Documentation on using External IDs for more information.
  • Assume Role External ID (path) (Optional): If Secret Store integration is configured for your organization and you selected a Secret Store type that is not strongDM, enter the path to the secret in your Secret Store (e.g., path/to/credential?key=optionalKeyName). The key argument is optional.
  • Resource Tags (Optional): Assign tags to the Datasource by entering key-value pairs in the format <KEY>=<VALUE> (e.g., env=dev).

If any errors occur, please copy them into an email and send them to support@strongdm.com.

Top