AWS DataSync
User Guide

Requirements for AWS DataSync

In this section, you can find information about the minimum hardware and other settings for your DataSync agent. Unless otherwise noted, the following are required for creating AWS DataSync.

Supported Hypervisors

You run DataSync on-premises as a virtual machine (VM).

DataSync supports the following hypervisor versions and hosts:

  • VMware ESXi Hypervisor (version 6.0 or 6.5 or 6.7) – A free version of VMware is available on the VMware website. You also need a VMware vSphere client to connect to the host.


    When VMware ends general support for an ESXi hypervisor version, DataSync will end support for that version as well. For information about VMware's supported hypervisor versions, see the VMware Lifecycle Product Matrix documentation.

  • EC2 instance – DataSync provides an Amazon Machine Image (AMI) that contains the DataSync VM image. See Amazon EC2 Instance Requirements for the recommended instance types.

Virtual Machine Requirements

When deploying AWS DataSync on-premises, make sure that the underlying hardware on which you are deploying the DataSync VM can dedicate the following minimum resources:

  • Virtual Processors

    Four virtual processors assigned to the VM.

  • Disk Space

    80 GB of disk space for installation of VM image and system data.

  • RAM

    For tasks that will transfer EC2 instance types with up to 20 million files: 32 GB of RAM assigned to the VM.

    For tasks that will transfer more than 20 million files: 64 GB of RAM assigned to the VM.

Amazon EC2 Instance Requirements

When deploying AWS DataSync on Amazon EC2, the instance size must be at least 2xlarge for your AWS DataSync to function.

We recommend using one of the following instance types.

  • m5.2xlarge—for tasks that will transfer up to 20 million files.

  • m5.4xlarge—for tasks that will transfer more than 20 million files.

Giving Access Through Firewalls and Routers

The agent VM requires access to the following endpoints to communicate with AWS. If you use a firewall or router to filter or limit network traffic, you must configure your firewall and router to allow these service endpoints. They're required for outbound communication to AWS.

The following endpoints are required by DataSync for ongoing file transfers.

# API (TCP 443) datasync.$ # Data transfer (TCP 443) $taskId.datasync-dp.$ cp.datasync.$ cp-sync.$ For agent activation only. This endpoint can be blocked after activation (TCP 443). # Agent updates (TCP 443) repo.$ packages.$ # NTP (UDP 123) # Support channel (TCP 22) # Agent activation only. This endpoint can be blocked after activation (TCP 443) activation.datasync.$ activation-sync.$

Network Requirements

DataSync requires the following ports for its operation.





How Used




443 (HTTPS)

For communication from DataSync VM to the AWS service endpoint. For information about regions and service endpoints, see AWS Regions and Endpoints.

Your web browser

DataSync VM


80 (HTTP)

By local systems to obtain the agent activation key. Port 80 is used only during activation of the agent. After successful activation, DataSync closes the agent's port 80.

DataSync VM doesn't require port 80 to be publicly accessible. The required level of access to port 80 depends on your network configuration.


Domain Name Service (DNS) server


53 (DNS)

For communication between DataSync VM and the DNS server.




22 (Support channel)

Allows AWS Support to access your DataSync to help you with troubleshooting DataSync issues. You don't need this port open for normal operation, but it is required for troubleshooting.


NTP server


123 (NTP)

By local systems to synchronize VM time to the host time.


Network File System (NFS) server


2049 (NFS)

By DataSync VM to mount a source NFS file system.

Supports NFS v3.x, NFS v4.0 and NFS v4.1.


Server Message Block (SMB) server


139 (SMB) or 445 (SMB)

By DataSync VM to mount a source SMB file share.

Supports SMB 2 and SMB 3 versions.

Following is an illustration of the ports required by DataSync.