Amazon Neptune
User Guide (API Version 2017-11-29)

Amazon Neptune Limits

Regions

Amazon Neptune is available in the following AWS Regions:

  • US East (N. Virginia)

  • US East (Ohio)

  • US West (Oregon)

  • EU (Ireland)

  • EU (London)

  • EU (Frankfurt)

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Tokyo)

  • Asia Pacific (Mumbai)

  • Asia Pacific (Seoul)

DB Instance Sizes Supported

Neptune supports different DB instance classes in different AWS Regions. To find out what classes are supported in a given Region, see Amazon Neptune Pricing and choose the Region that you are interested in.

Limits for Each AWS Account

For certain management features, Amazon Neptune uses operational technology that is shared with Amazon Relational Database Service (Amazon RDS).

Each AWS account has limits for each Region on the number of Amazon Neptune and Amazon RDS resources that you can create. These resources include DB instances and DB clusters.

After you reach a limit for a resource, additional calls to create that resource fail with an exception.

For a list of limits shared between Amazon Neptune and Amazon RDS, see Limits in Amazon RDS in the Amazon RDS User Guide.

Connection to Neptune Requires a VPC

Amazon Neptune is a virtual private cloud (VPC)–only service.

Additionally, instances do not allow access from outside the VPC.

Connection to Neptune Requires SSL in Some Regions

The following Regions require Secure Sockets Layer (SSL) for all connections.

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Tokyo)

  • Asia Pacific (Mumbai)

  • Asia Pacific (Seoul)

Availability Zones and DB Subnet Groups

Amazon Neptune requires a DB subnet group for each cluster that has subnets in at least two supported Availability Zones.

We recommend using three or more subnets in different Availability Zones.

HTTP Request Payload Maximum (150 MB)

The total size of Gremlin and SPARQL HTTP requests must be less than 150 MB. If a request exceeds this size, Neptune returns HTTP 400: BadRequestException.

This limit does not apply to Gremlin WebSockets connections.

Gremlin Implementation Differences

The Amazon Neptune Gremlin implementation has specific implementation details that might differ from other Gremlin implementations.

For more information, see Neptune Gremlin Implementation Differences.

SPARQL UPDATE LOAD from URI

SPARQL UPDATE LOAD from URI works only with resources that are within the same VPC.

This includes Amazon S3 URLs in the same Region as the cluster with an Amazon S3 VPC endpoint created.

The Amazon S3 URL must be HTTPS, and any authentication must be included in the URL. For more information, see Authenticating Requests: Using Query Parameters in the Amazon Simple Storage Service API Reference.

For information about creating a VPC endpoint, see Creating an Amazon S3 VPC Endpoint.

If you need to load data from a file, we recommend that you use the Amazon Neptune loader API. For more information, see Loading Data into Amazon Neptune.

Note

The Amazon Neptune loader API is non-ACID.

IAM Authentication and Access Control

IAM authentication and access control are only supported at the DB cluster level. They are not supported for Gremlin or SPARQL. For more information, see IAM Database Authentication for Neptune

The Amazon Neptune console requires NeptuneReadOnlyAccess permissions. You can restrict access to IAM users by revoking this access. For more information, see AWS Managed (Predefined) Policies for Amazon Neptune

Amazon Neptune does not support user name/password–based access control.

WebSocket Concurrent Connections and Maximum Connection Time

The maximum number of concurrent WebSocket connections per database instance is 60,000. When that limit is reached, Neptune throttles any request to open a new WebSocket connection.

When a client properly closes a connection, the closure is immediately reflected in the open connections count. If the client doesn't close a connection, the connection may be closed automatically after a 60-minute idle timeout. The idle timeout is the time elapsed since the last message was received from the client.

In any case, a WebSocket connection is always disconnected 36 hours after it was established, which is the maximum WebSocket connection time.