AWS IoT Greengrass V1 endpoints and quotas
The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
Service endpoints
Control Plane Operations
The following table contains AWS Region-specific endpoints that AWS IoT Greengrass supports for group management operations.
Region Name | Region | Endpoint | Protocol |
---|---|---|---|
US East (Ohio) | us-east-2 | greengrass.us-east-2.amazonaws.com | HTTPS |
US East (N. Virginia) | us-east-1 | greengrass.us-east-1.amazonaws.com | HTTPS |
US West (Oregon) | us-west-2 | greengrass.us-west-2.amazonaws.com | HTTPS |
Asia Pacific (Mumbai) | ap-south-1 | greengrass.ap-south-1.amazonaws.com | HTTPS |
Asia Pacific (Seoul) | ap-northeast-2 | greengrass.ap-northeast-2.amazonaws.com | HTTPS |
Asia Pacific (Singapore) | ap-southeast-1 | greengrass.ap-southeast-1.amazonaws.com | HTTPS |
Asia Pacific (Sydney) | ap-southeast-2 | greengrass.ap-southeast-2.amazonaws.com | HTTPS |
Asia Pacific (Tokyo) | ap-northeast-1 | greengrass.ap-northeast-1.amazonaws.com | HTTPS |
Europe (Frankfurt) | eu-central-1 | greengrass.eu-central-1.amazonaws.com | HTTPS |
Europe (Ireland) | eu-west-1 | greengrass.eu-west-1.amazonaws.com | HTTPS |
Europe (London) | eu-west-2 | greengrass.eu-west-2.amazonaws.com | HTTPS |
AWS GovCloud (US-East) | us-gov-east-1 |
greengrass.us-gov-east-1.amazonaws.com greengrass.us-gov-east-1.amazonaws.com greengrass-ats.iot.us-gov-east-1.amazonaws.com greengrass-fips.us-gov-east-1.amazonaws.com |
HTTPS HTTPS MQTT and HTTPS HTTPS |
AWS GovCloud (US-West) | us-gov-west-1 |
greengrass.us-gov-west-1.amazonaws.com greengrass-ats.iot.us-gov-west-1.amazonaws.com greengrass.us-gov-west-1.amazonaws.com |
HTTPS MQTT and HTTPS HTTPS |
AWS IoT Device Operations
The following table contains AWS Region-specific Amazon Trust Services (ATS) endpoints for AWS IoT device management operations, such as shadow sync. This is a data plane API.
To look up your account-specific endpoint, use the aws iot describe-endpoint --endpoint-type iot:Data-ATS command.
Region Name | Region | Endpoint | Protocol |
---|---|---|---|
US East (Ohio) | us-east-2 | prefix-ats.iot.us-east-2.amazonaws.com |
HTTPS, MQTT |
US East (N. Virginia) | us-east-1 | prefix-ats.iot.us-east-1.amazonaws.com |
HTTPS, MQTT |
US West (Oregon) | us-west-2 | prefix-ats.iot.us-west-2.amazonaws.com |
HTTPS, MQTT |
Asia Pacific (Mumbai) | ap-south-1 | prefix-ats.iot.ap-south-1.amazonaws.com |
HTTPS, MQTT |
Asia Pacific (Seoul) | ap-northeast-2 | prefix-ats.iot.ap-northeast-2.amazonaws.com |
HTTPS, MQTT |
Asia Pacific (Singapore) | ap-southeast-1 | prefix-ats.iot.ap-southeast-1.amazonaws.com |
HTTPS, MQTT |
Asia Pacific (Sydney) | ap-southeast-2 | prefix-ats.iot.ap-southeast-2.amazonaws.com |
HTTPS, MQTT |
Asia Pacific (Tokyo) | ap-northeast-1 | prefix-ats.iot.ap-northeast-1.amazonaws.com |
HTTPS, MQTT |
China (Beijing) | cn-north-1 | prefix.ats.iot.cn-north-1.amazonaws.com.cn | HTTPS, MQTT |
Europe (Frankfurt) | eu-central-1 | prefix-ats.iot.eu-central-1.amazonaws.com |
HTTPS, MQTT |
Europe (Ireland) | eu-west-1 | prefix-ats.iot.eu-west-1.amazonaws.com |
HTTPS, MQTT |
Europe (London) | eu-west-2 | prefix-ats.iot.eu-west-2.amazonaws.com |
HTTPS, MQTT |
AWS GovCloud (US-West) | us-gov-west-1 | prefix-ats.iot.us-gov-west-1.amazonaws.com | HTTPS, MQTT |
AWS GovCloud (US-East) | us-gov-east-1 | prefix-ats.iot.us-gov-east-1.amazonaws.com | HTTPS, MQTT |
Note
Legacy Verisign endpoints are currently supported for some Regions, but we recommend that you use ATS endpoints with ATS root certificate authority (CA) certificates. For more information, see Server Authentication in the AWS IoT Developer Guide.
Discovery Operations
The following table contains AWS Region-specific ATS endpoints for device discovery operations using the AWS IoT Greengrass Discovery API. This is a data plane API.
Region Name | Region | Endpoint | Protocol |
---|---|---|---|
US East (Ohio) | us-east-2 | greengrass-ats.iot.us-east-2.amazonaws.com | HTTPS |
US East (N. Virginia) | us-east-1 | greengrass-ats.iot.us-east-1.amazonaws.com | HTTPS |
US West (Oregon) | us-west-2 | greengrass-ats.iot.us-west-2.amazonaws.com | HTTPS |
Asia Pacific (Mumbai) | ap-south-1 | greengrass-ats.iot.ap-south-1.amazonaws.com | HTTPS |
Asia Pacific (Seoul) | ap-northeast-2 | greengrass-ats.iot.ap-northeast-2.amazonaws.com | HTTPS |
Asia Pacific (Singapore) | ap-southeast-1 | greengrass-ats.iot.ap-southeast-1.amazonaws.com | HTTPS |
Asia Pacific (Sydney) | ap-southeast-2 | greengrass-ats.iot.ap-southeast-2.amazonaws.com | HTTPS |
Asia Pacific (Tokyo) | ap-northeast-1 | greengrass-ats.iot.ap-northeast-1.amazonaws.com | HTTPS |
China (Beijing) | cn-north-1 | greengrass.ats.iot.cn-north-1.amazonaws.com.cn | HTTPS |
Europe (Frankfurt) | eu-central-1 | greengrass-ats.iot.eu-central-1.amazonaws.com | HTTPS |
Europe (Ireland) | eu-west-1 | greengrass-ats.iot.eu-west-1.amazonaws.com | HTTPS |
Europe (London) | eu-west-2 | greengrass-ats.iot.eu-west-2.amazonaws.com | HTTPS |
AWS GovCloud (US-West) | us-gov-west-1 | greengrass-ats.iot.us-gov-west-1.amazonaws.com | HTTPS |
AWS GovCloud (US-East) | us-gov-east-1 | greengrass-ats.iot.us-gov-east-1.amazonaws.com | HTTPS |
Note
Legacy Verisign endpoints are currently supported for some Regions, but we recommend that you use ATS endpoints with ATS root CA certificates. For more information, see Server authentication in the AWS IoT Developer Guide.
Supported Legacy Endpoints
We recommend that you use the ATS endpoints in the preceding tables with ATS root CA certificates. For backward compatibility, AWS IoT Greengrass currently supports legacy Verisign endpoints in the following AWS Regions. This support is expected to end in the future. For more information, see Server authentication in the AWS IoT Developer Guide.
When using legacy Verisign endpoints, you must use Verisign root CA certificates.
Service quotas
AWS IoT Greengrass Cloud API
Description | Default |
---|---|
Maximum number of AWS IoT devices per AWS IoT Greengrass group. | 2500 |
Maximum number of Lambda functions per group. | 200 |
Maximum number of resources per Lambda function. | 20 |
Maximum number of resources per group. | 200 |
Maximum number of transactions per second (TPS) on the AWS IoT Greengrass APIs. |
See TPS. |
Maximum number of subscriptions per group. | 10000 |
Maximum number of subscriptions that specify Cloud
as the source per group. |
50 |
Maximum length of a core thing name. | 124 bytes of UTF-8 encoded characters. |
TPS
The default quota for the maximum number of transactions per second on the AWS IoT Greengrass APIs depends on the API and the AWS Region where AWS IoT Greengrass is used.
For most APIs and supported AWS Regions, the default quota is 30. Exceptions are noted in the following tables.
API | Default |
---|---|
CreateDeployment | 20 |
AWS Region | Default |
---|---|
China (Beijing) | 10 |
AWS GovCloud (US-West) | 10 |
AWS GovCloud (US-East) | 10 |
This quota applies per AWS account. For example, in the US East (N. Virginia) Region, each
account has a default quota of 30 TPS. Each API (such as CreateGroupVersion
or
ListFunctionDefinitions
) has a quota of 30 TPS. This includes
control plane and data plane operations. Requests that exceed the account or API
quotas are throttled. To request account and API quota increases, including
quotas for specific APIs, contact your AWS Enterprise Support
representative.
AWS IoT Greengrass Core
Description | Default |
---|---|
Maximum number of routing table entries that specify
Cloud as the source. |
50 (matches AWS IoT subscription quota) |
Maximum size of messages sent by an AWS IoT device. | 128 KB (matches AWS IoT message size quota) |
Minimum message queue size in the Greengrass core router. | 256 KB |
Maximum length of a topic string. | 256 bytes of UTF-8 encoded characters. |
Maximum number of forward slashes (/) in a topic or topic filter. | 7 |
Minimum disk space needed to run the Greengrass Core software. |
128 MB 400 MB when using OTA updates |
Minimum RAM to run the Greengrass Core software. |
128 MB 198 MB when using stream manager |
The Greengrass Core software provides a service to detect the IP addresses of your Greengrass core devices. It sends this information to the AWS IoT Greengrass cloud service and allows AWS IoT devices to download the IP address of the Greengrass core they need to connect to.
Do not use this feature if any of the following is true:
-
The IP address of a Greengrass core device changes frequently.
-
The Greengrass core device is not always available to AWS IoT devices in its group.
-
The Greengrass core has multiple IP addresses and an AWS IoT device is unable to reliably determine which address to use.
-
Your organization's security policies don't allow you to send devices' IP addresses to the AWS Cloud.