Amazon Neptune
User Guide (API Version 2017-11-29)

Amazon Neptune Limits


Amazon Neptune is available in the following regions:

  • US East (N. Virginia)

  • US East (Ohio)

  • US West (Oregon)

  • EU (Ireland)

  • EU (London)

  • EU (Frankfurt)

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Tokyo)

Instance Sizes

Neptune supports the db.r4.large , db.r4.xlarge, db.r4.2xlarge, db.r4.4xlarge, and db.r4.8xlarge DB instance classes.

Per Account Limits

For certain management features, Amazon Neptune uses operational technology that is shared with Amazon RDS.

Each AWS account has limits, for each AWS Region, on the number of Amazon Neptune and Amazon RDS resources that can be created. This includes resources such as DB instances and DB clusters.

Once a limit for a resource has been reached, additional calls to create that resource fail with an exception.

For a list of limits shared between Amazon Neptune and Amazon RDS, see Limits in Amazon RDS.

VPC Required

Amazon Neptune is a virtual private cloud (VPC)–only service. Additionally, instances do not allow access from outside the VPC.

SSL Required

The following regions require SSL for all connections.

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Tokyo)

Availability Zones and DB Subnet Groups

Amazon Neptune requires a DB subnet group for each cluster that has subnets in at least two supported Availability Zones. We recommend using three or more subnets in different Availability Zones.

HTTP Request Payload Maximum (150MB)

Gremlin and SPARQL HTTP requests must be less than 150 MB total size. If a request exceeds this size, Neptune will return HTTP 400: BadRequestException. This limit does not apply to Gremlin WebSockets connections.

Gremlin Implementation

The Amazon Neptune Gremlin implementation has specific implementation details. For more information, see Neptune Gremlin Implementation Differences.


SPARQL UPDATE LOAD from URI works only with resources that are within the same VPC. This includes Amazon S3 URLs in the same region as the cluster with an Amazon S3 VPC endpoint created. For information about creating a VPC endpoint, see Creating an Amazon S3 VPC Endpoint.

The Amazon S3 URL must be HTTPS, and any authentication must be included in the URL. For more information, see Authenticating Requests: Using Query Parameters.

If you need to load data from a file, we recommend that you use the Amazon Neptune loader API. For more information, see Loading Data into Amazon Neptune.


The Amazon Neptune loader API is non-ACID.

Authentication and Access

IAM authentication and access control are not supported for Gremlin, SPARQL. It is only supported at the DB Cluster level. See IAM Database Authentication for Neptune

The Amazon Neptune console requires NeptuneReadOnlyAccess permissions. You can restrict access to IAM users by revoking this access. For more information, see AWS Managed (Predefined) Policies for Amazon Neptune

Amazon Neptune does not support user name/password–based access control.

WebSocket Concurrent Connections

The maximum number of concurrent websocket connections per database instance is 60,000. When the limit is reached Neptune will throttle a request to open a new websocket connection.

If a client properly closes a connection then it will be reflected in the open connections count immediately. If the client does not close the connection then the connection will remain open until it is closed after a 60 minute idle timeout. The idle timeout is the time elapsed since the last message was received from the client.

WebSocket Maximum Connection Time

WebSocket connections are disconnected 36 hours after the connection is established.