Developer Guides Getting Started Getting Started What is a Graph Database? Intro to Graph DBs Video Series Concepts: RDBMS to Graph Concepts: NoSQL to Graph Getting Started Resources Neo4j Graph Platform Graph Platform Overview Neo4j Desktop Intro Neo4j Browser Intro… Read more →

Developer Guides

Want to Speak? Get $ back.

Hosting Neo4j on EC2 on AWS

This guide explains how to deploy Neo4j on Amazon’s EC2 platform.
You should know how to run and operate Neo4j locally. Knowledge of remote drivers to access Neo4j from your application helps you connect to your cloud-hosted database.

Before continuing with the guide make sure you’ve installed the AWS Command Line Interface. If you’re not comfortable using the command line you can install Neo4j using the AWS web console.

Let’s get started!

Create EC2 key pair

First, we need to create an EC2 key pair that we will use to connect to our instance via SSH.

export KEY_NAME="Neo4j-AWSMarketplace-Key"
aws ec2 create-key-pair \
  --key-name $KEY_NAME \
  --query 'KeyMaterial' \
  --output text > $KEY_NAME.pem

If you have an existing key that you’d like to use instead, you can set KEY_NAME to the name of that key pair and ignore the 2nd command.

Create security group

Now we’ll create a security group, which will allow us to control access to our instance. Run the following command to create a new security group:

export GROUP="neo4j-sg"
aws ec2 create-security-group \
  --group-name $GROUP \
  --description "Neo4j security group"

Next let’s open Neo4j’s HTTP, HTTPS, and Bolt ports so we can access the server from our application. We will also open the SSH port so we can remotely access the instance.

for port in 22 7474 7473 7687; do
  aws ec2 authorize-security-group-ingress --group-name $GROUP --protocol tcp --port $port --cidr

If you have an existing group that you’d like to use instead, set GROUP to the name of that group and ignore the rest of the commands.

Locate the AMI ID you want to launch

To start the instance, we’ll need the ID of an Amazon Machine Image (AMI).

Neo4j publishes many different versions, and the AMI ID depends on which region you want to launch in. AMI IDs are specific to regions, so you need to locate the right ID for your version and region needs. For that reason, in the instructions below we will provide just a placeholder AMI Here “ami-XYZ”.

To get the right AMI ID, you can follow these instructions:

  • Open the AWS EC2 console, and select Images > AMIs on the left-hand nav bar.
  • In the filter, select “Public images” and search for either “neo4j-enterprise” or “neo4j-community” depending on which version you’d like to use.
  • You’ll know you’re using the right one when you see the “Owner” field showing this number: 385155106615
  • Locate the version you want, and use the AMI ID in the script below.
  • As an example: Neo4j Enterprise 3.5.1 is AMI ID ami-009272c7ac939919d in region us-west-2. As new versions are published, they will be mentioned in the the Cloud topic on the Neo4j community site.

If you would like to use the CLI to do this same step, the following command locates all image IDs and names for the images Neo4j publishes in us-east-1. By changing the region, you can find AMI IDs near you.

aws ec2 describe-images \
   --region us-east-1 \
   --owner 385155106615 \
   --query "Images[*].{ImageId:ImageId,Name:Name}"

Start up the instance

We are now ready to start up a Neo4j instance.

Make sure to substitute ami-XYZ with your chosen AMI ID from the directions above!

aws ec2 run-instances \
  --image-id ami-XYZ \
  --count 1 \
  --instance-type m3.medium \
  --key-name $KEY_NAME \
  --security-groups $GROUP \
  --query "Instances[*].InstanceId" \
  --region us-east-1

We don’t yet have a Public DNS Name but it should be available in a few seconds.

We can run the following command to find out what it is:

aws ec2 describe-instances \
  --instance-ids [InstanceId] \
  --query "Reservations[*].Instances[*].PublicDnsName" \
  --region us-east-1

Please note that your security group settings may affect whether or not a public DNS name is associated with your instance. If this command does not work for you, check to make sure your security group is properly configured, and is not associated with a VPC.

Now let’s navigate to https://[PublicDnsName]:7473 and login with the user name neo4j and password neo4j.

Note that in some methods of launching neo4j on AWS, such as via the AWS marketplace, the password of an instance will be automatically set to the instance ID you launched. In other cases, such as when launching enteprise AMIs directly, the password is left as the default “neo4j”. In either case, we recommend changing the password immediately after you launch.

How do I SSH into the instance?

You can run the following command to SSH into the instance:

ssh -i $KEY_NAME.pem ubuntu@[PublicDnsName]

You might get an error about the permissions on the pem file so don’t forget to make sure it isn’t accessible by any other users.

chmod 600 $KEY_NAME.pem

How the AWS Virtual Machine Works

Please consult Neo4j Cloud VMs for details on internals of AWS VMs, including how to stop and start system services, configure Neo4j inside of the VM, and more.

Terminating the instance

Once we’ve finished using the instance we can run the following command to terminate it:

aws ec2 terminate-instances \
  --instance-ids [InstanceId] \
  --region us-east-1


You can ask questions and connect with other people launching Neo4j in the cloud at the cloud topic on the Community Site.