On June 14th, 2023 AWS launched new connectivity options for
EC2 Instance Connect. This functionality also works for non-EC2 resources in
VPCs. You could run the official AWS CLI (>= v2.12.0) using the following command,
but rdsconn
aims to make the RDS experience easier.
aws ec2-instance-connect open-tunnel \
--private-ip-address 10.1.2.150 \
--instance-connect-endpoint-id eice-06d8b7ad48example \
--remote-port 5432 \
--local-port 5432
On macOS, brew install aidansteele/taps/rdsconn
. On other platforms: see
published binaries in the releases tab of the GitHub repo.
- Create an EC2 Instance Connect endpoint in your VPC. Ensure that your RDS DB instance's security group allows the EIC endpoint to connect to it.
- Have valid AWS credentials configured. E.g. either as environment variables,
default credentials in your config file, or a profile with
AWS_PROFILE=name
env var set. - Run
rdsconn proxy
. The CLI will prompt you to select an RDS DB instance from the list of DBs in your account. Hit enter to confirm selection. - The message
Proxy running. Now waiting to serve connections to localhost:5432...
will appear. You can now runpsql ... -h 127.0.0.1
(ormysql ...
)
- Flesh out this README more
- Detect incorrect configurations and provide helpful error messages to user. E.g. missing endpoints, security groups, routes, etc.
- Add a
client
subcommand that uses RDS IAM authentication to launch and authenticate a child processpsql
CLI (using PGPASSWORD etc env vars)