AWS Amazon Neptune Cluster

This page shows how to write Terraform and CloudFormation for Amazon Neptune Cluster and write them securely.

aws_neptune_cluster (Terraform)

The Cluster in Amazon Neptune can be configured in Terraform with the resource name aws_neptune_cluster. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

github-iconSonarSource/sonar-iac
resource "aws_neptune_cluster" "neptune_noncompliant_wrong" {
  enable_cloudwatch_logs_exports = []  # Noncompliant {{Make sure that disabling logging is safe here.}}
  #                                ^^
}

# Noncompliant@+1 {{Omitting enable_cloudwatch_logs_exports makes logs incomplete. Make sure it is safe here.}}
github-iconstelligent/config-lint
resource "aws_neptune_cluster" "storage_encrypted_set_to_true" {
  storage_encrypted = true
  kms_key_arn       = "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
}

# WARN: Encryption is enabled without KMS
github-iconffsclyh/config-lint
resource "aws_neptune_cluster" "storage_encrypted_set_to_true" {
  storage_encrypted = true
  kms_key_arn       = "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
}

# WARN: Encryption is enabled without KMS
github-icongilyas/infracost
resource "aws_neptune_cluster" "fiveDaysRetenPeriod" {
  cluster_identifier                  = "neptune-cluster-demo"
  engine                              = "neptune"
  backup_retention_period             = 5
  preferred_backup_window             = "07:00-09:00"
  skip_final_snapshot                 = true
github-iconleonidweinbergcx/mykics
resource "aws_neptune_cluster" "positive1" {
  cluster_identifier                  = "neptune-cluster-demo"
  engine                              = "neptune"
  backup_retention_period             = 5
  preferred_backup_window             = "07:00-09:00"
  skip_final_snapshot                 = true

Parameters

Explanation in Terraform Registry

Provides an Neptune Cluster Resource. A Cluster Resource defines attributes that are applied to the entire cluster of Neptune Cluster Instances. Changes to a Neptune Cluster can occur when you manually change a parameter, such as backup_retention_period, and are reflected in the next maintenance window. Because of this, Terraform may report a difference in its planning phase because a modification has not yet taken place. You can use the apply_immediately flag to instruct the service to apply the change immediately (see documentation below).

AWS::Neptune::DBCluster (CloudFormation)

The DBCluster in Neptune can be configured in CloudFormation with the resource name AWS::Neptune::DBCluster. The following sections describe how to use the resource and its parameters.

Parameters

Explanation in CloudFormation Registry

The AWS::Neptune::DBCluster resource creates an Amazon Neptune DB cluster. Neptune is a fully managed graph database.

Note Currently, you can create this resource only in AWS Regions in which Amazon Neptune is supported.

If no DeletionPolicy is set for AWS::Neptune::DBCluster resources, the default deletion behavior is that the entire volume will be deleted without a snapshot. To retain a backup of the volume, the DeletionPolicy should be set to Snapshot. For more information about how AWS CloudFormation deletes resources, see DeletionPolicy Attribute.

You can use AWS::Neptune::DBCluster.DeletionProtection to help guard against unintended deletion of your DB cluster.

Frequently asked questions

What is AWS Amazon Neptune Cluster?

AWS Amazon Neptune Cluster is a resource for Amazon Neptune of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Neptune Cluster?

For Terraform, the SonarSource/sonar-iac, stelligent/config-lint and ffsclyh/config-lint source code examples are useful. See the Terraform Example section for further details.