Simple SSH Tunnel tool for connecting to RDS. Supports MySQL and PostgreSQL.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sbekx from gravatar.com sbekx

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

🚀 RDS Tunnel

A simple command-line interface (CLI) tool designed to establish and manage SSH tunnels to Amazon RDS (Relational Database Service) instances. This tool supports connecting to MySQL and PostgreSQL databases via an SSH bastion host, facilitating secure local development and testing.

✨ Features

  • Secure SSH Tunneling: Establishes a secure tunnel through an SSH bastion host to your RDS instance.
  • Flexible Configuration: Supports loading configuration from config.json, environment variables, or AWS Secrets Manager.
  • MySQL Support: Built-in test connection for MySQL databases.
  • Multi-process Design: Runs the SSH tunnel in a separate background process, allowing your main application to run independently.
  • CLI Interface: Easy-to-use command-line arguments for different environments and tasks.

Supported OS

Name Status
Mac
Raspberry Pi 🤷🏼‍♂️
Ubuntu 🤷🏼‍♂️
Windows

🛠️ Installation

pip install rds-tunnel

Build it Locally

To run rds-tunnel locally, follow these steps:

  1. Clone the Repository (if applicable):

    git clone https://github.com/sbekx/rds-tunnel.git
cd rds-tunnel

  2. Build the Wheel Package: Ensure you have uv installed (brew install uv). Navigate to the root directory of the project (where pyproject.toml is located) and run:

    uv build

    This command will create a distributable wheel file (e.g., rds_tunnel-1.0.0-py3-none-any.whl) in the dist/ directory.

  3. Install the Package: Install the generated wheel file using pip:

    pip install dist/rds_tunnel-1.0.0-py3-none-any.whl # Adjust filename if different

    This will install rds-tunnel as an executable command on your system.

⚙️ Configuration & Usage

The rds-tunnel tool looks for configuration in the following order:

  1. config.json file: A config.json file in the same directory as tunnel.py.
    • This will be located at ~/.rdstunnel_config.json
    • The package will store and use it here
  2. Environment Variables: System environment variables.
  3. AWS Secrets Manager: If the above are insufficient, it attempts to fetch secrets from AWS Secrets Manager using the secret name tool/rds-tunnel-staging and region us-east-1 (these can be overridden if provided in config.json or environment variables).
    • If relying on the Secrets Manager appoach to set the config, ensure you have created the AWS Secret and your local AWS CLI is configured to access the same AWS account.

config.json Example:

{
  "SSH_HOST": "your-ssh-bastion-host-ip",
  "SSH_USER": "ec2-user",
  "SSH_PRIVATE_KEY_PATH": "/path/to/your/ssh/private/key.pem",
  "DB_HOST": "your-rds-database-endpoint",
  "DB_PORT": 3306,
  "DB_USER": "your-db-username",
  "DB_PASSWORD": "your-db-password",
  "DB_NAME": "your-database-name",
  "LOCAL_PORT": 3306,
  "SECRETS_MANAGER_SECRET_NAME": "tool/rds-tunnel-staging",
  "AWS_REGION": "us-east-1"
}

Environment Variables

Alternatively, you can set these variables in your shell environment, note that they will still be pulled and set by the load_env_and_secrets() function:

export SSH_HOST="your-ssh-bastion-host-ip"
export SSH_USER="ec2-user"
export SSH_PRIVATE_KEY_PATH="/path/to/your/ssh/private/key.pem"
export DB_HOST="your-rds-database-endpoint"
export DB_PORT="3306"
export DB_USER="your-db-username"
export DB_PASSWORD="your-db-password"
export DB_NAME="your-database-name"
export LOCAL_PORT="3306"
export SECRETS_MANAGER_SECRET_NAME="tool/rds-tunnel-staging"
export AWS_REGION="us-east-1"

Running the Staging Tunnel

This command starts the SSH tunnel and attempts to connect to the database specified in your configuration. It will keep the tunnel active until you terminate the process (e.g., by pressing Ctrl+C).

rds-tunnel --staging

Upon successful connection, the tool will print environment variables you can use to connect your local applications, such as Lambda's that use SQL clients or ORMs, to the tunneled database:

🔑 To connect locally, run:
export DB_USER='your-db-username'
export DB_PASSWORD='your-db-password'
export DB_HOST='127.0.0.1'
export DB_PORT='3306'
export DB_NAME='your-database-name'

Loading Environment Variables (Development)

This command loads the configuration variables (from config.json or Secrets Manager) and prints them to your console. This is useful for debugging or manually setting environment variables for other applications.

rds-tunnel --loaddev

Help

To see all available commands:

rds-tunnel --help

🤝 Contributing

Contributions are welcome! Please feel free to open issues or submit pull requests.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sbekx from gravatar.com sbekx

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

2.0.0

1.0.2

1.0.2rc1 pre-release

1.0.1

1.0.1rc2 pre-release

1.0.1rc1 pre-release

1.0.0

This version

0.1.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rds_tunnel-0.1.0.tar.gz (6.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rds_tunnel-0.1.0-py3-none-any.whl (7.1 kB view details)

Uploaded Python 3

File details

Details for the file rds_tunnel-0.1.0.tar.gz.

File metadata

  • Download URL: rds_tunnel-0.1.0.tar.gz
  • Upload date:
  • Size: 6.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for rds_tunnel-0.1.0.tar.gz
Algorithm Hash digest
SHA256 94d46682c17fd8b54f28494ae62023bee7a60ae5869abc30589c9f74bb3fc2ea
MD5 3ff1bfc7abbacc368d75fee433cceb8f
BLAKE2b-256 2a04169c0abe73088521000e7bbb641b70ea5786cd08ad73ed80c0dae5e2601c

See more details on using hashes here.

Provenance

The following attestation bundles were made for rds_tunnel-0.1.0.tar.gz:

Publisher: release.yml on sbekx/rds-tunnel

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file rds_tunnel-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: rds_tunnel-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 7.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for rds_tunnel-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 7bbd99df462aaaa272093d96f6f61227a57fe4af3d56b6c0c9ff75666383a7e4
MD5 806fb53905fe06c2a6e31e99f574c9fa
BLAKE2b-256 92659ce868eb62a6db8ea3554fe76e36a7d453798ddfbc6843b404760f3cdff9

See more details on using hashes here.

Provenance

The following attestation bundles were made for rds_tunnel-0.1.0-py3-none-any.whl:

Publisher: release.yml on sbekx/rds-tunnel

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page