Connections define how private services are exposed based on their type and the agent they are associated with.
Command Line
This type enables remote command line executions on external services. Users can either execute ad-hoc commands or launch an interactive console.
Examples include:
rails console
, kubectl
, aws
, psql
, and so on.Postgres
Postgres is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.
MySQL
MySQL is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.
MSSQL
Microsoft SQL Server is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.
MongoDB
MongoDB is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.
TCP
This type enables port forwarding any TCP service.
Environment Variables (Secrets)
Environment variables are values that are made available when interacting with a connection. They are exposed during execution. There are several ways in which environment variables can be exposed:
- As an environment variable. e.g.:
MYVAR=val
- As a temporary file in the filesystem. e.g.:
MYVAR=/tmp/<session-id>.envfs
The temporary file is saved with
0600
permissions and removed after execution.AWS Secrets Manager
It is possible to use external sources to load environment variables. For example:
HOST=_aws:PG_CONFIG:PG_HOST
_aws
defines the provider (aws secrets manager)
PG_CONFIG
the name of the secret id to lookup
PG_HOST
the name of the secret id
The agent must have an instance profile with the following permissions to query this service:
- secretsmanager:GetSecretValue
- secretsmanager:GetResourcePolicy
- secretsmanager:DescribeSecret
- secretsmanager:ListSecretVersionIds
Connection Management
The hoop command line can be used to manage connections.
Create a command line connection
shellhoop admin create connection bash -a default -- bash
command-line
connection named bash
, associated with the agent default
and uses the command bash
as entrypoint.Create a Postgres connection
shellhoop admin create connection pg --type database/postgres -a default \ -e HOST=192.168.10.20 \ -e USER=root \ -e PASS=mydbpasswd \ -e DB=postgres
postgres
connection named pg
, associated with the agent default
with the environment variables HOST
, USER
, PASS
and DB
.This creates a connection by loading environments from the AWS Secrets Manager.
shellhoop admin create conn mysql --type database/mysql -a default \ -e HOST=_aws:MYSQL_SECRET:MYSQL_HOST \ -e USER=_aws:MYSQL_SECRET:MYSQL_USER \ -e PASS=_aws:MYSQL_SECRET:MYSQL_PASSWD \ -e DB=_aws:MYSQL_SECRET:MYSQL_DB
mysql
connection with the name mysql
, associated with the agent default
and with the environment variables HOST, USER, PASS and DB loading from the secret id MYSQL_SECRET
.