Skip to content


Folders and files

Last commit message
Last commit date

Latest commit



8 Commits

Repository files navigation

This app no longer works. The AWS service now blocks any ports other than 22 (SSH) and 3389 (RDP). See issue #5


On June 14th, 2023 AWS launched new connectivity options for EC2 Instance Connect. This functionality also works for non-EC2 resources in VPCs. You could run the official AWS CLI (>= v2.12.0) using the following command, but rdsconn aims to make the RDS experience easier.

aws ec2-instance-connect open-tunnel \
  --private-ip-address \
  --instance-connect-endpoint-id eice-06d8b7ad48example \
  --remote-port 5432 \
  --local-port 5432


On macOS, brew install aidansteele/taps/rdsconn. On other platforms: see published binaries in the releases tab of the GitHub repo.


  1. Create an EC2 Instance Connect endpoint in your VPC. Ensure that your RDS DB instance's security group allows the EIC endpoint to connect to it.
  2. Have valid AWS credentials configured. E.g. either as environment variables, default credentials in your config file, or a profile with AWS_PROFILE=name env var set.
  3. Run rdsconn proxy. The CLI will prompt you to select an RDS DB instance from the list of DBs in your account. Hit enter to confirm selection.
  4. The message Proxy running. Now waiting to serve connections to localhost:5432... will appear. You can now run psql ... -h (or mysql ...)

Future plans

  • Flesh out this README more
  • Detect incorrect configurations and provide helpful error messages to user. E.g. missing endpoints, security groups, routes, etc.
  • Add a client subcommand that uses RDS IAM authentication to launch and authenticate a child process psql CLI (using PGPASSWORD etc env vars)


rdsconn makes connecting to an AWS RDS instance inside a VPC from your laptop easier