Simple SSH Tunnel tool for connecting to RDS. Supports MySQL and PostgreSQL.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sbekx from gravatar.com sbekx

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

🚀 RDS Tunnel

A simple command-line interface (CLI) tool designed to establish and manage SSH tunnels to Amazon RDS (Relational Database Service) instances. This tool supports connecting to MySQL and PostgreSQL databases via an SSH bastion host, facilitating secure local development and testing.

✨ Features

  • Secure SSH Tunneling: Establishes a secure tunnel through an SSH bastion host to your RDS instance.
  • Flexible Configuration: Supports loading configuration from config.json, environment variables, or AWS Secrets Manager.
  • MySQL Support: Built-in test connection for MySQL databases.
  • Multi-process Design: Runs the SSH tunnel in a separate background process, allowing your main application to run independently.
  • CLI Interface: Easy-to-use command-line arguments for different environments and tasks.

Supported OS

Name Status
Mac
Raspberry Pi 🤷🏼‍♂️
Ubuntu 🤷🏼‍♂️
Windows

🛠️ Installation

pip install rds-tunnel

Build it Locally

To run rds-tunnel locally, follow these steps:

  1. Clone the Repository (if applicable):

    git clone https://github.com/sbekx/rds-tunnel.git
cd rds-tunnel

  2. Build the Wheel Package: Ensure you have uv installed (brew install uv). Navigate to the root directory of the project (where pyproject.toml is located) and run:

    uv build

    This command will create a distributable wheel file (e.g., rds_tunnel-1.0.0-py3-none-any.whl) in the dist/ directory.

  3. Install the Package: Install the generated wheel file using pip:

    pip install dist/rds_tunnel-1.0.0-py3-none-any.whl # Adjust filename if different

    This will install rds-tunnel as an executable command on your system.

⚙️ Configuration & Usage

The rds-tunnel tool looks for configuration in the following order:

  1. config.json file: A config.json file in the same directory as tunnel.py.
    • This will be located at /Users/USER/.pyenv/versions/X.X.X/lib/pythonX.X/site-packages/rds_tunnel/config.json or somewhere similar.
  2. Environment Variables: System environment variables.
  3. AWS Secrets Manager: If the above are insufficient, it attempts to fetch secrets from AWS Secrets Manager using the secret name tool/rds-tunnel-staging and region us-east-1 (these can be overridden if provided in config.json or environment variables).
    • If relying on the Secrets Manager appoach to set the config, ensure you have created the AWS Secret and your local AWS CLI is configured to access the same AWS account.

config.json Example:

{
  "SSH_HOST": "your-ssh-bastion-host-ip",
  "SSH_USER": "ec2-user",
  "SSH_PRIVATE_KEY_PATH": "/path/to/your/ssh/private/key.pem",
  "DB_HOST": "your-rds-database-endpoint",
  "DB_PORT": 3306,
  "DB_USER": "your-db-username",
  "DB_PASSWORD": "your-db-password",
  "DB_NAME": "your-database-name",
  "LOCAL_PORT": 3306,
  "SECRETS_MANAGER_SECRET_NAME": "tool/rds-tunnel-staging",
  "AWS_REGION": "us-east-1"
}

Environment Variables

Alternatively, you can set these variables in your shell environment, note that they will still be pulled and set by the load_env_and_secrets() function:

export SSH_HOST="your-ssh-bastion-host-ip"
export SSH_USER="ec2-user"
export SSH_PRIVATE_KEY_PATH="/path/to/your/ssh/private/key.pem"
export DB_HOST="your-rds-database-endpoint"
export DB_PORT="3306"
export DB_USER="your-db-username"
export DB_PASSWORD="your-db-password"
export DB_NAME="your-database-name"
export LOCAL_PORT="3306"
export SECRETS_MANAGER_SECRET_NAME="tool/rds-tunnel-staging"
export AWS_REGION="us-east-1"

Running the Staging Tunnel

This command starts the SSH tunnel and attempts to connect to the database specified in your configuration. It will keep the tunnel active until you terminate the process (e.g., by pressing Ctrl+C).

rds-tunnel --staging

Upon successful connection, the tool will print environment variables you can use to connect your local applications, such as Lambda's that use SQL clients or ORMs, to the tunneled database:

🔑 To connect locally, run:
export DB_USER='your-db-username'
export DB_PASSWORD='your-db-password'
export DB_HOST='127.0.0.1'
export DB_PORT='3306'
export DB_NAME='your-database-name'

Loading Environment Variables (Development)

This command loads the configuration variables (from config.json or Secrets Manager) and prints them to your console. This is useful for debugging or manually setting environment variables for other applications.

rds-tunnel --loaddev

Help

To see all available commands:

rds-tunnel --help

🤝 Contributing

Contributions are welcome! Please feel free to open issues or submit pull requests.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sbekx from gravatar.com sbekx

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

2.0.0

1.0.2

1.0.2rc1 pre-release

1.0.1

1.0.1rc2 pre-release

1.0.1rc1 pre-release

1.0.0

0.1.0

This version

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rds_tunnel-0.0.1.tar.gz (6.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rds_tunnel-0.0.1-py3-none-any.whl (7.1 kB view details)

Uploaded Python 3

File details

Details for the file rds_tunnel-0.0.1.tar.gz.

File metadata

  • Download URL: rds_tunnel-0.0.1.tar.gz
  • Upload date:
  • Size: 6.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for rds_tunnel-0.0.1.tar.gz
Algorithm Hash digest
SHA256 6f8fe896f19f358d8f1ac9900d0057dc103475c090b3d92203094b2f6ddd9462
MD5 5f6d61696954d54874a085c90b7f2694
BLAKE2b-256 048b97f95b7521940c6211dac8a4543aafa3a08a55bef09430dc93e482169bb2

See more details on using hashes here.

Provenance

The following attestation bundles were made for rds_tunnel-0.0.1.tar.gz:

Publisher: release.yml on sbekx/rds-tunnel

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file rds_tunnel-0.0.1-py3-none-any.whl.

File metadata

  • Download URL: rds_tunnel-0.0.1-py3-none-any.whl
  • Upload date:
  • Size: 7.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for rds_tunnel-0.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 137ea7062111bf07c5f2989ad4d803a8616bd711673fc86f2d60b12e15bee1c9
MD5 abd6f43e2fd796554e2a06248e22ad03
BLAKE2b-256 082befa2d5f3b559f48f609f8f847343e4ba72b8bd104640c346980a57e594fb

See more details on using hashes here.

Provenance

The following attestation bundles were made for rds_tunnel-0.0.1-py3-none-any.whl:

Publisher: release.yml on sbekx/rds-tunnel

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page