AWS DataSync
User Guide

Requirements

Unless otherwise noted, the following are required for creating AWS DataSync.

Hardware Requirements

When deploying AWS DataSync on-premises, make sure that the underlying hardware on which you are deploying the DataSync VM can dedicate the following minimum resources:

  • Virtual Processors

    4 virtual processors assigned to the VM.

  • Disk Space

    80 GB of disk space for installation of VM image and system data.

  • RAM

    For tasks that will transfer up to 20 million files: 32 GB of RAM assigned to the VM.

    For tasks that will transfer more than 20 million files: 64 GB of RAM assigned to the VM.

Supported Hypervisors

You run DataSync on-premises as a virtual machine (VM).

DataSync supports the following hypervisor versions and hosts:

  • VMware ESXi Hypervisor (version 6.0 or 6.5 or 6.7) – A free version of VMware is available on the VMware website. You also need a VMware vSphere client to connect to the host.

    Note

    When VMware ends general support for an ESXi hypervisor version, DataSync will end support for that version as well. For information about VMware's supported hypervisor versions, see the VMware Lifecycle Product Matrix documentation.

Giving Access Through Firewalls and Routers

The agent VM requires access to the following endpoints to communicate with AWS. If you use a firewall or router to filter or limit network traffic, you must configure your firewall and router to allow these service endpoints for outbound communication to AWS.

The following endpoints are required by DataSync for ongoing file transfers.

# API (TCP 443) datasync.$region.amazonaws.com # Data transfer (TCP 443) $taskId.datasync-dp.$region.amazonaws.com cp.datasync.$region.amazonaws.com cp-sync.$region.amazonaws.com # Agent updates (TCP 443) repo.$region.amazonaws.com repo.default.amazonaws.com packages.$region.amazonaws.com # NTP (UDP 123) 0.amazon.pool.ntp.org 1.amazon.pool.ntp.org 2.amazon.pool.ntp.org 3.amazon.pool.ntp.org # Support channel (TCP 22) 54.201.223.107 # Agent activation only. This endpoint can be blocked after activation (TCP 443) https://d4kdq0yaxexbo.cloudfront.net/ activation.datasync.$region.amazonaws.com activation-sync.$region.amazonaws.com

Network Requirements

DataSync requires the following ports for its operation.

From

To

Protocol

Port

How Used

Agent

AWS

TCP

443 (HTTPS)

For communication from DataSync VM to the AWS service endpoint. For information about regions and service endpoints, see AWS Regions and Endpoints.

Your web browser

DataSync VM

TCP

80 (HTTP)

By local systems to obtain the agent activation key. Port 80 is used only during activation of the agent. After successful activation, DataSync closes the agent's port 80.

DataSync VM doesn't require port 80 to be publicly accessible. The required level of access to port 80 depends on your network configuration.

Agent

Domain Name Service (DNS) server

TCP/UDP

53 (DNS)

For communication between DataSync VM and the DNS server.

Agent

AWS

TCP

22 (Support channel)

Allows AWS Support to access your DataSync to help you with troubleshooting DataSync issues. You don't need this port open for normal operation, but it is required for troubleshooting.

Agent

NTP server

UDP

123 (NTP)

By local systems to synchronize VM time to the host time.

Agent

NFS Server

TCP/UDP

2049 (NFS)

By DataSync VM to mount a source NFS file system.

Supports NFS v3.x, NFS v4.0 and NFS v4.1.

Following is an illustration of the ports required by DataSync.