Creating a new Neptune Analytics notebook using the AWS Management Console - Neptune Analytics
Create an IAM roleCreate the notebook

Creating a new Neptune Analytics notebook using the AWS Management Console

You can create a new notebook manually using the AWS Management Console if you aren't able to use AWS CloudFormation. The first thing you need is an IAM role to use for the notebook. If you already have one, you can skip the following section.

Create an IAM role for a Neptune Analytics notebook

To create an IAM role for a Neptune Analytics notebook

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, expand Access management, then choose Roles.

  3. Select Create role.

  4. Under Trusted entity type, select Custom trust policy and copy in the following trust policy:

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "sagemaker.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

  5. Choose Next, and then Next again.

  6. Enter a name and description for the role, and select Create role.

  7. Go back to the Roles page, search for the name of the role you just created, and open it.

  8. On the Permissions tab Under Permissions policies, select Add permissions and choose Create inline policy.

  9. In the Policy editor, switch to the JSON option, and copy in the following policy:

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::aws-neptune-notebook-(AWS region)",
        "arn:aws:s3:::aws-neptune-notebook-(AWS region)/*",
        "arn:aws:s3:::aws-neptune-customer-samples-(AWS region)",
        "arn:aws:s3:::aws-neptune-customer-samples-(AWS region)/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "neptune-graph:*",
      "Resource": [
        "arn:aws:neptune-graph:(AWS region):(AWS account ID):graph/(Neptune Graph resource ID)"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents"
      ],
      "Resource": [
        "arn:aws:logs:*:*:log-group:/aws/sagemaker/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "sagemaker:DescribeNotebookInstance",
      "Resource": [
        "arn:aws:sagemaker:(AWS region):(AWS account ID):notebook-instance/*"
      ]
    }
  ]
}

  10. Choose Next.

  11. Give a name to the inline policy.

  12. Select Create policy. Make note of the name of the policy you just created.

Next, create the Neptune Analytics notebook in SageMaker AI

  1. Open the Amazon SageMaker AI console at https://console.aws.amazon.com/sagemaker/.

  2. In the navigation pane, expand Notebook, then choose Notebook instances.

  3. Choose Create notebook instance.

  4. In Notebook instance settings, under Notebook instance name, give the notebook a name prefixed by aws-neptune- (for example, aws-neptune-my-test-notebook).

  5. Under Platform identifier, select Amazon Linux 2, JupyterLab 3.

  6. Select Additional configuration.

  7. Under Lifecycle configuration, choose Create a new lifecycle configuration.

  8. In Configuration, under Name enter the notebook instance name from step 4.

  9. In Scripts, under Start notebook, replace the existing script with this:

    #!/bin/bash

sudo -u ec2-user -i <<'EOF'

echo "export GRAPH_NOTEBOOK_AUTH_MODE=IAM" >> ~/.bashrc
echo "export GRAPH_NOTEBOOK_SSL=True" >> ~/.bashrc
echo "export GRAPH_NOTEBOOK_SERVICE=neptune-graph" >> ~/.bashrc
echo "export GRAPH_NOTEBOOK_HOST=(Neptune Analytics graph endpoint, public or private)" >> ~/.bashrc
echo "export GRAPH_NOTEBOOK_PORT=8182" >> ~/.bashrc
echo "export NEPTUNE_LOAD_FROM_S3_ROLE_ARN=" >> ~/.bashrc
echo "export AWS_REGION=(AWS region)" >> ~/.bashrc

aws s3 cp s3://aws-neptune-notebook-(AWS region)/graph_notebook.tar.gz /tmp/graph_notebook.tar.gz
rm -rf /tmp/graph_notebook
tar -zxvf /tmp/graph_notebook.tar.gz -C /tmp
/tmp/graph_notebook/install.sh

EOF

  10. Select Create configuration.

  11. In Permissions and encryption, under IAM Role, select the role you created above.

  12. In Network, if you are using a private graph endpoint:

    1. Under VPC, select the VPC where the Neptune Analytics graph resides.

    2. Under Subnet, select a subnet associated with the Neptune Analytics graph.

    3. Under Security Group(s), select all the security groups associated with the Neptune Analytics graph.

  13. Choose Create notebook instance.

  14. After 5 or 10 minutes, when your new notebook reaches Ready status, select it. Choose Open Jupyter or Open JupyterLab.