This app no longer works. The AWS service now blocks any ports other than 22 (SSH) and 3389 (RDP). See issue #5
On June 14th, 2023 AWS launched new connectivity options for
EC2 Instance Connect. This functionality also works for non-EC2 resources in
VPCs. You could run the official AWS CLI (>= v2.12.0) using the following command,
but rdsconn aims to make the RDS experience easier.
aws ec2-instance-connect open-tunnel \
--private-ip-address 10.1.2.150 \
--instance-connect-endpoint-id eice-06d8b7ad48example \
--remote-port 5432 \
--local-port 5432
On macOS, brew install aidansteele/taps/rdsconn. On other platforms: see
published binaries in the releases tab of the GitHub repo.
- Create an EC2 Instance Connect endpoint in your VPC. Ensure that your RDS DB instance's security group allows the EIC endpoint to connect to it.
- Have valid AWS credentials configured. E.g. either as environment variables,
default credentials in your config file, or a profile with
AWS_PROFILE=nameenv var set. - Run
rdsconn proxy. The CLI will prompt you to select an RDS DB instance from the list of DBs in your account. Hit enter to confirm selection. - The message
Proxy running. Now waiting to serve connections to localhost:5432...will appear. You can now runpsql ... -h 127.0.0.1(ormysql ...)
- Flesh out this README more
- Detect incorrect configurations and provide helpful error messages to user. E.g. missing endpoints, security groups, routes, etc.
- Add a
clientsubcommand that uses RDS IAM authentication to launch and authenticate a child processpsqlCLI (using PGPASSWORD etc env vars)