aidansteele/rdsconn

Stars
107
Rank 316,717 (Top 7 %)
Language
Go
License
MIT License
Created about 1 year ago
Updated 12 months ago

aidansteele/rdsconn

aidansteele

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

rdsconn makes connecting to an AWS RDS instance inside a VPC from your laptop easier

This app no longer works. The AWS service now blocks any ports other than 22 (SSH) and 3389 (RDP). See issue #5

rdsconn

On June 14th, 2023 AWS launched new connectivity options for EC2 Instance Connect. This functionality also works for non-EC2 resources in VPCs. You could run the official AWS CLI (>= v2.12.0) using the following command, but rdsconn aims to make the RDS experience easier.

aws ec2-instance-connect open-tunnel \
  --private-ip-address 10.1.2.150 \
  --instance-connect-endpoint-id eice-06d8b7ad48example \
  --remote-port 5432 \
  --local-port 5432

Installation

On macOS, brew install aidansteele/taps/rdsconn. On other platforms: see published binaries in the releases tab of the GitHub repo.

Usage

Create an EC2 Instance Connect endpoint in your VPC. Ensure that your RDS DB instance's security group allows the EIC endpoint to connect to it.
Have valid AWS credentials configured. E.g. either as environment variables, default credentials in your config file, or a profile with AWS_PROFILE=name env var set.
Run rdsconn proxy. The CLI will prompt you to select an RDS DB instance from the list of DBs in your account. Hit enter to confirm selection.
The message Proxy running. Now waiting to serve connections to localhost:5432... will appear. You can now run psql ... -h 127.0.0.1 (or mysql ...)

Future plans

Flesh out this README more
Detect incorrect configurations and provide helpful error messages to user. E.g. missing endpoints, security groups, routes, etc.
Add a client subcommand that uses RDS IAM authentication to launch and authenticate a child process psql CLI (using PGPASSWORD etc env vars)

osx-abi-macho-file-format-reference

Mirror of OS X ABI Mach-O File Format Reference

ipv6-ghost-ship

Silly usage of AWS EC2 IPv6 prefixes

MagicKit

MagicKit is an Objective-C file identification framework based on libmagic.

cloudkey

No need for IAM users when we have Yubikeys

flowdog

Framework for inspecting and editing traffic in AWS VPCs

openrolesanywhere

Open-source proof-of-concept client for AWS IAM Roles Anywhere

centralized-logs

Centralizing AWS CloudWatch log forwarding via EventBridge and Step Functions

s3zipper

A tool that allows downloading S3 directories as ZIP files

jwtex

A serverless JWT exchanger and OIDC IdP

freedata

A silly project for free (maybe) egress from EC2 instances using Tailscale and Session Manager

ima.ge.cx

aws_sdk.nim

demo-serverless-aspnetcore

ASP.Net Core 3.1 on AWS Lambda demo

postinvoke

Run in-process code after your Go-powered Lambda function has returned

cloudenv

awsaccountcreds

secretsctx

ses-sidecar

An SMTP server sidecar to allow AWS SES usage with IAM roles

GEBEncoding

An Objective-C BEncoding Library

vpcdelorean

sph

ima.ge.cx-backend

sphlib

serverful

prelink_unpack

Tool for unpacking the prelinked kernel on iOS.

go-xrayprofile

Selective profiling of AWS Lambda functions

lzo

iphone_detect

cwemf-to-honeycomb

matconnect

A silly proof-of-concept for VPC network nonsense

sshcontainers

SSCrypto

Unofficial mirror of the SSCrypto.framework wrapper around OpenSSL

ghcs

ios_sig

freedumb

ghal

ghal allows streaming of live GitHub Actions build logs to your terminal

idp4nathan

for t04glovern's eyes only

vpcjump

Helper tool for connecting to jumpboxes in AWS.

awsdial

gha-stats

lambda

pandaboot

A libusb-based tool to copy bootloaders to the Pandaboard using USB.

demotemplate

ami2docker

Protobuf.framework

update-function-code-bug

Reproduction of AWS Lambda UpdateFunctionCode bug

aidansteele.github.io

stepapi

protobuf-mirror

Unofficial git mirror of the Google Protocol Buffers project