Connect to a private mysql instance from your favorite IDE
Features
The table below explain which features are available for this kind of connection.
- Native - it's when a database client is connecting via protocol (.e.g: IDE, client libraries)
- One Off - it's when a hoop client performs ad hoc executions (e.g: webapp, hoop cli)
Feature | Native | One Off | Description |
TLS Termination Proxy | β
Β (partial) | β
| The local proxy terminates the connection with TLS, enabling the connection with the remote server to be TLS encrypted. |
Audit | β
| β
| The gateway store and audit the queries being issued by the client. |
Data Masking (DLP) | π« | β
| A policy can be enabled to mask sensitive fields dynamically when performing queries in the database. |
Credentials Offload | β
| β
| The user authenticates via SSO instead of using database credentials. |
Interactive Access | β
| β
| Interactive access is available when using an IDE or connecting via a terminal to perform analysis exploration. |
partial: the connection is TLS offloaded until it reaches the agent. However, once it reaches to it, the network connection is established without any encryption with the remote server. It'ss important to ensure that the network running the agent is reliable.
Configuration
Name | Type | Description |
HOST | env-var | The IP or Host of the MySQL server |
PORT | env-var | The port of the MySQL server |
USER | env-var | The user to connect in the MySQL server |
PASS | env-var | The password to connect in the MySQL server |
DB | env-var | The name of the database to connect (Required when using the connection via command line). |
shellhoop admin create conn mysqldb --type mysql -a <agent> \ -e HOST=<host> \ -e PORT=<port> \ -e USER=<user> \ -e PASS=<pass> \ -e DB=<db>
Connect It
shellhoop connect mysqldb
plain textconnection: mysqldb | session: 0ebc7492-94bf-498e-ac9c-430f2d5e89b0 ---------------------mysql-credentials---------------------- host=127.0.0.1 port=5433 user=noop password=noop ------------------------------------------------------------ ready to accept connections!
Connect to mysql using any IDE, example:
shellmysql -h 0 -p 3307
mysql cli
An optional way to connect into MySQL is using the
mysql
client. Itβs possible to create a interactive session or execute one-off commands.Creating the
mysql
type connection allows connecting via IDE and via cli using the same connection.Connection Configuration
Name | Type | Description |
HOST | env-var | The IP or Host of the MySQL server |
PORT | env-var | The port of the MySQL server |
USER | env-var | The user to connect in the MySQL server |
MYSQL_PWD | env-var | The password to connect in the MySQL server |
DB | env-var | The name of the database to connect into |
shellhoop admin create conn mysqlcli -a <agent> -- \ mysql -h$HOST -u$USER --port=$PORT -D$DB
The
MYSQL_PWD
is mapped as an environment variable, thus thereβs no need to include in the command.How to Use It
Start an interactive session with mysql client
shellhoop connect mysql
In the same connection, ad-hoc process can be run as well
shellhoop exec mysql <<EOF SELECT SLEEP(2); SELECT NOW(); EOF
shellhoop exec mysql -f /tmp/myquery.sql hoop exec psql -i 'SELECT NOW()'