Multi-tenancy in Neptune

Question

I am trying to use Neptune for my SaaS application. My application includes data from multiple users. I want to restrict the user's access and allow a user to access only to vertices/ edges that contain his data. I read AWS Neptune documentation and I couldn't find anything that relates to tenant isolation/access restriction.
Is it possible to limit access within the graph vertices/edges?

Answer

Hello, currently the IAM policies that Neptune supports, allow access to the entire database and do not allow fine grained access control where a given user can only read certain graph elements based on a label or property key/predicate name. We are definitely interested in use cases for this level of support. At the moment you will need to manage this within your application.

Answer

According to the documentation, fine-grain access control is not support at the database/IAM level: [IAM Policy Limitations](https://docs.aws.amazon.com/neptune/latest/userguide/security-iam-access-manage.html#iam-policy-limits)

Answer

I know this question is a couple years old, but adding this answer as it appears high on searches for this topic.  The free AWS Skill Builder Course ["Data Modeling for Amazon Neptune"](https://explore.skillbuilder.aws/learn/course/external/view/elearning/16133/data-modeling-for-amazon-neptune) discusses multi-tenancy strategies that work for most ISV customers in the "Advanced Modeling Considerations" section.

Multi-tenancy in Neptune

相關內容