AWS Security ChangesHomeSearch

AWS neptune documentation change

Service: neptune · 2025-03-02 · Documentation low

File: neptune/latest/userguide/graph-notebooks.md

Summary

Added documentation for manually setting up Neptune notebooks, including security configuration details for Neptune cluster and EC2 instance security groups

Security assessment

The change adds security-related documentation about configuring security groups for Neptune notebooks, but does not address any specific security vulnerability or incident

Diff

diff --git a/neptune/latest/userguide/graph-notebooks.md
index da6320c07..1bbeb9806 100644
--- a/neptune/latest/userguide/graph-notebooks.md
+++ b/neptune/latest/userguide/graph-notebooks.md
@@ -5 +5 @@
-Using Neptune workbenchEnabling CloudWatch logsLocal hostingMigrating to JupyterLab 3
+Using Neptune workbenchEnabling CloudWatch logsLocal hostingMigrating to JupyterLab 3Setting up Neptune notebooks manually
@@ -9 +9 @@ Using Neptune workbenchEnabling CloudWatch logsLocal hostingMigrating to Jupyter
-To work with Neptune graphs you can use Neptune graph notebook or create a new Neptune database using a AWS CloudFormation [template](./get-started-cfn-create.html).
+To work with Neptune graphs you can use a Neptune graph notebook or create a new Neptune database using an AWS CloudFormation [template](./get-started-cfn-create.html).
@@ -14,0 +15,4 @@ By using the AWS CloudFormation template to set up your Neptune database, and th
+###### Note
+
+Neptune notebooks, managed through Amazon SageMaker AI AI, is not currently available in the Asia Pacific (Malaysia) (ap-southeast-5) region. However, you can still deploy Neptune notebooks through alternative non-managed options. Refer to Setting up Neptune notebooks manually for deploying notebooks manually. 
+
@@ -368,0 +373,37 @@ With the modifications described here to the steps outlined in the blog post, yo
+## Setting up Neptune notebooks manually
+
+You can also use the AWS open-source packages available for graph-notebook and graph-explorer to set up a Neptune notebook environment. While there are multiple ways to set up a notebook using open-source packages, the recommended approach is to: 
+
+  * Set up [graph-notebook](https://github.com/aws/graph-notebook) on your local machine and an Amazon EC2 SSH tunnel that connects your local machine to a Neptune cluster on the same VPC as the Amazon EC2 instance. 
+
+  * Set up [graph-explorer](https://github.com/aws/graph-explorer) on an Amazon EC2 instance within your VPC. 
+
+
+
+
+For detailed instructions on setting up the open-source [graph-notebooks](https://github.com/aws/graph-notebook) and [graph-explorer](https://github.com/aws/graph-explorer) packages, refer to the following official AWS documentation and GitHub repositories: 
+
+  * <https://docs.aws.amazon.com/neptune/latest/userguide/graph-notebooks.html#graph-notebooks-local>
+
+  * <https://docs.aws.amazon.com/neptune/latest/userguide/get-started-connect-ec2-same-vpc.html>
+
+  * [https://github.com/aws/graph-notebook/tree/main/additional-databases/neptune](https://github.com/aws/graph-notebook/tree/main/additional-databases/neptune)
+
+  * [https://github.com/aws/graph-explorer/blob/main/additionaldocs/getting-started/README.md#amazon-ec2-setup](https://github.com/aws/graph-explorer/blob/main/additionaldocs/getting-started/README.md#amazon-ec2-setup)
+
+
+
+
+###### Security configuration
+
+When setting up your environment, please ensure the following security configurations are set accordingly: 
+
+  * **Neptune cluster security group** \- Allow incoming TCP traffic on port 8182 from your Amazon EC2 instance's security group. 
+
+  * **Amazon EC2 instance security group** \- Configure inbound HTTPS rules to enable Graph Explorer access. 
+
+
+
+
+We recommend using a single security group for both your Neptune cluster and Amazon EC2 instance. This simplifies configuration and reduces potential connectivity issues. However, remember to add a self-referencing rule to allow communication between resources within the group. 
+