Before you start
To get the most out of this guide, you will need to:- Either create an account in our managed instance or deploy your own hoop.dev instance
- You must be your account administrator to perform the following commands
Features
The table below outlines the features available for this type of connection.- Native - This refers to when a database client connects through a specific protocol, such as an IDE or client libraries through
hoop connect <connection-name>
. - One Off - This term refers to accessing this connection from hoop web panel.
Feature | Native | One Off | Description |
---|---|---|---|
TLS Termination Proxy | The local proxy terminates the connection with TLS, enabling the connection with the remote server to be TLS encrypted. | ||
Audit | The gateway stores and audits the queries being issued by the client. | ||
Data Masking (Google DLP) | A policy can be enabled to mask sensitive fields dynamically when performing queries in the database. | ||
Data Masking (MS Presidio) | A policy can be enabled to mask sensitive fields dynamically when performing queries in the database. | ||
Credentials Offload | The user authenticates via SSO instead of using database credentials. | ||
Interactive Access | Interactive access is available when using an IDE or connecting via a terminal to perform analysis exploration. |
Configuration
Name | Type | Required | Description |
---|---|---|---|
KUBECONFIG | filesystem | yes | A Kubeconfig File with permission to access the cluster |
KUBERNETES_RESOURCE | env-var | yes | The Kubernetes resource to target for interactive access (e.g., deployment/myapp, pod/mypod, statefulset/myapp) |
Connection Setup
Interactive access can be achieved by using thekubectl exec
command with the --stdin
and --tty
flags.
To narrow down the scope to a specific command, you can use the name of the command you want to run.
E.g.:
-- bash
or -- rails console
.In this example users could use any runtime command inside the specified Kubernetes resource.Command Line Usage Examples
Note that
kubectl exec
is used with -tty
and --stdin
arguments.
These flags are required when using hoop connect