Security
Topics
Section titled “Topics”- Overview
- Managing access to Amazon Neptune
- Managing access to Amazon OpenSearch Serverless
- Managing access to Amazon Bedrock
Overview
Section titled “Overview”When building an application with the lexical-graph library, you are responsible for securing access to your source data, and to the graph store, vector store, and foundation model APIs that you use. The following sections provide guidance on using AWS Identity and Access Management (IAM) policies to control access to Amazon Neptune, Amazon OpenSearch Serverless, and Amazon Bedrock.
Managing access to Amazon Neptune
Section titled “Managing access to Amazon Neptune”Index operations require read and write access to your Amazon Neptune database. Query operations require only read access to the database.
To allow your application to read data from an Amazon Neptune database, attach the following example IAM policy to the AWS identity under which your application runs. Replace <account-id> with your AWS account ID, <region> with the name of the AWS Region in which your Amazon Neptune database cluster is located, and <cluster-resource-id> with the cluster resource id of your database cluster.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "NeptuneDBReadAccessStatement", "Effect": "Allow", "Action": [ "neptune-db:ReadDataViaQuery" ], "Resource": "arn:aws:neptune-db:<region>:<account-id>:<cluster-resource-id>/*", "Condition": { "StringEquals": { "neptune-db:QueryLanguage": "OpenCypher" } } } ]}To allow your application to write data to an Amazon Neptune database, attach the following example IAM policy to the AWS identity under which your application runs. Replace <account-id> with your AWS account ID, <region> with the name of the AWS Region in which your Amazon Neptune database cluster is located, and <cluster-resource-id> with the cluster resource id of your database cluster.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "NeptuneDBWriteAccessStatement", "Effect": "Allow", "Action": [ "neptune-db:WriteDataViaQuery", "neptune-db:DeleteDataViaQuery" ], "Resource": "arn:aws:neptune-db:<region>:<account-id>:<cluster-resource-id>/*", "Condition": { "StringEquals": { "neptune-db:QueryLanguage": "OpenCypher" } } } ]}See Managing access to Amazon Neptune databases using IAM policies for more details on protecting access to Amazon Neptune using IAM policies.
Managing access to Amazon OpenSearch Serverless
Section titled “Managing access to Amazon OpenSearch Serverless”To allow your application to read from and write data to an Amazon OpenSearch Serverless collection, you must associate data access, network and encryption policies with the collection. On top of that, an associated principal must also be granted access to the IAM permission aoss:APIAccessAll, which you can do using an IAM policy.
See Overview of security in Amazon OpenSearch Serverless for more details on protecting access to Amazon OpenSearch Serverless collections.
OpenSearch API operations IAM policy
Section titled “OpenSearch API operations IAM policy”To allow data plane access to the OpenSearch API operations, attach the following example IAM policy to the AWS identity under which your application runs. Replace <account-id> with your AWS account ID, <region> with the name of the AWS Region in which your Amazon OpenSearch Serverless collection is located, and <collection-id> with the id (not the name) of your collection.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "OpenSearchServerlessAPIAccessAllStatement", "Effect": "Allow", "Action": [ "aoss:APIAccessAll" ], "Resource": [ "arn:aws:aoss:<region>:<account>:collection/<collection-id>" ] } ]}Data access policy
Section titled “Data access policy”A data access policy controls access to the OpenSearch operations that OpenSearch Serverless supports.
You can use an existing data access policy or you can create a new one using the example policy below. Replace <collection-name> with the name of your OpenSearch Serverless collection, and <principal-arn> with the ARN of the IAM role or user attached to your application.
[ { "Rules": [ { "Resource": [ "collection/<collection-name>" ], "Permission": [ "aoss:DescribeCollectionItems", "aoss:CreateCollectionItems", "aoss:UpdateCollectionItems" ], "ResourceType": "collection" }, { "Resource": [ "index/<collection-name>/*" ], "Permission": [ "aoss:UpdateIndex", "aoss:DescribeIndex", "aoss:ReadDocument", "aoss:WriteDocument", "aoss:CreateIndex" ], "ResourceType": "index" } ], "Principal": [ "<principal-arn>" ] }]Network access policy
Section titled “Network access policy”A network access policy defines network access to an OpenSearch Serverless collection’s endpoint. The network settings for an Amazon OpenSearch Serverless collection determine whether the collection is accessible over the internet from public networks, or whether it must be accessed privately via a VPC endpoint.
You can use an existing network access policy or you can create a new one using the example policy below. This example policy provides public access to a collection’s OpenSearch endpoint. Replace <collection-name> with the name of your OpenSearch Serverless collection:
[ { "Rules": [ { "Resource": [ "collection/<collection-name>" ], "ResourceType": "collection" } ], "AllowFromPublic": true }]Encryption policy
Section titled “Encryption policy”An encryption policy assigns an encryption key to the collection. Collections are encrypted using either an AWS owned key or a customer managed key.
You can use an existing encryption policy or you can create a new one using the example policy below. This example policy uses an AWS owned key to encrypt a collection. Replace <collection-name> with the name of your OpenSearch Serverless collection:
[ { "Rules":[ { "ResourceType":"collection", "Resource":[ "collection/<collection-name>" ] } ], "AWSOwnedKey": true }]Managing access to Amazon Bedrock
Section titled “Managing access to Amazon Bedrock”To allow your application to invoke the Amazon Bedrock foundation models used by the graphrag-toolkit, attach the following example IAM policy to the AWS identity under which your application runs. Replace <region> with the name of the AWS Region in which Amazon Bedrock is located, and <geography> with the Region prefix that represents the geography covered by an inference profile (e.g. us for US-based AWS REgiosn such as us-east-1 and us-west-2).
This example IAN policy assumes that you are using the toolkit’s default models: us.anthropic.claude-3-7-sonnet-20250219-v1:0 and cohere.embed-english-v3. Before running your applictaion, you must enable access to these models. See Supported Regions and models for inference profiles for details on predefined inference profiles that you can use and the Regions and models that support application inference profiles.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "BedrockInvokeModelStatement", "Effect": "Allow", "Action": [ "bedrock:InvokeModel" ], "Resource": [ "arn:aws:bedrock:*::foundation-model/anthropic.claude-3-7-sonnet-20250219-v1:0", "arn:aws:bedrock:<region>::inference-profile/<geography>.anthropic.claude-3-7-sonnet-20250219-v1:0", "arn:aws:bedrock:<region>::foundation-model/cohere.embed-english-v3" ] } ]}