zoukankan      html  css  js  c++  java
  • Connect to RDS using an SSH Tunnel

    转载来自: https://medium.com/@michalisantoniou6/connect-to-an-aws-rds-using-an-ssh-tunnel-22f3bd597924

    There’s two common ways one can connect to RDS:

    1. Write inbound rules to allow an IP to connect to RDS (IP Whitelist). However, IPs constantly change, so very quickly this will become a chore.
    2. Use an SSH Tunnel

    This guide will help you set up an SSH Tunnel, and then use it to connect to your remote RDS instance through Sequel Pro, or the Terminal.

    As always, please leave a comment if you have any issues with this guide, and I’ll do my best to help out.

    Set up an SSH Tunnel

    Essentially what we will do, is connect to RDS through a Webserver that already has access to the database. We will map a local port, to the remote port RDS listens to for connections, and connect to RDS through the Webserver that hosts your application, and already has access to RDS.

    This is a template of the command:

    ssh -N -L localPort:rdsHost:remotePort user@remoteHost -i ~/path/to/key

    Explanation

    -N 
    do not execute a remote command (useful for forwarding ports)
    -L
    forward localPort to remotePort
    localPort
    the port your local database connects to. You can set this to any available port such as 1234, 3306 and so on. 
    rdsHost
    your RDS endpoint (url)
    remotePort
    the port your remote database listens to for connections. For MySQL databases the default is 3306. For PostgreSQL databases, the default is 5432.
    user@remoteHost
    the username and the remote instance your tunnel will connect to the database through. These are the credentials you use to ssh into your web server (ec2)
    -i
    identity (key file)

    Example

    ssh -N -L 1234:my-awesome-rds.us-east-1.rds.amazonaws.com:3306 janeDoe@ec2server.com -i ~/.ssh/AwesomeServerKey.pem

    or 

    ssh -CfN -L 3307:e-test-prod-r1.ch5.us-west-2.rds.amazonaws.com:3306 ubuntu@internal.abc.com  -i /home/user/.ssh/pem/abc.com.aws.pem

    Running this command “opens” the ssh tunnel, which I can now use. For convenience, I’d recommend setting up an alias for this command.

    Use an SSH tunnel

    Connect using SequelPro

    To connect with SequelPro, specify the localPort from earlier (1234), and connect through localhost (127.0.0.1) using your RDS username and password.

    Connect using the Command Line

    mysql -u awesomeRdsUsername -p -h 127.0.0.1 -P 1234
  • 相关阅读:
    java 字符串截取
    字符编码Unicode-正则表达式验证
    APP数据加密解密
    ThreadLocal线程局部变量
    用Eclipse进行远程Debug代码
    JPA对应关系
    JPA名称规则
    dubbo环境搭建
    历史表更新数据
    api加密算法
  • 原文地址:https://www.cnblogs.com/dcb3688/p/4610650.html
Copyright © 2011-2022 走看看