Connections define how private services are exposed based on their type and the agent they are associated with.

Command Line

This type enables remote command line executions on external services. Users can either execute ad-hoc commands or launch an interactive console.

Examples include: rails console, kubectl, aws, psql, and so on.

Postgres

Postgres is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.

MySQL

MySQL is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.

MSSQL

Microsoft SQL Server is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.

MongoDB

MongoDB is a unique type that enables ad-hoc executions and connections via IDE or with familiar database client libraries.

TCP

This type enables port forwarding any TCP service.

Environment Variables (Secrets)

Environment variables are values that are made available when interacting with a connection. They are exposed during execution. There are several ways in which environment variables can be exposed:

As an environment variable. e.g.: MYVAR=val

As a temporary file in the filesystem. e.g.: MYVAR=/tmp/<session-id>.envfs

💡

The temporary file is saved with 0600 permissions and removed after execution.

AWS Secrets Manager

It is possible to use external sources to load environment variables. For example:

HOST=_aws:PG_CONFIG:PG_HOST

_aws defines the provider (aws secrets manager)

PG_CONFIG the name of the secret id to lookup

PG_HOST the name of the secret id

💡

The agent must have an instance profile with the following permissions to query this service:

secretsmanager:GetSecretValue

secretsmanager:GetResourcePolicy

secretsmanager:DescribeSecret

secretsmanager:ListSecretVersionIds

Connection Management

The hoop command line can be used to manage connections.

Create a command line connection

shell
hoop admin create connection bash -a default -- bash

it creates a command-line connection named bash, associated with the agent default and uses the command bash as entrypoint.

Create a Postgres connection

shell
hoop admin create connection pg --type database/postgres -a default \
  -e HOST=192.168.10.20 \
  -e USER=root \
  -e PASS=mydbpasswd \
  -e DB=postgres

it creates a postgres connection named pg, associated with the agent default with the environment variables HOST, USER, PASS and DB.

This creates a connection by loading environments from the AWS Secrets Manager.

shell
hoop admin create conn mysql --type database/mysql -a default \
  -e HOST=_aws:MYSQL_SECRET:MYSQL_HOST \
  -e USER=_aws:MYSQL_SECRET:MYSQL_USER \
  -e PASS=_aws:MYSQL_SECRET:MYSQL_PASSWD \
  -e DB=_aws:MYSQL_SECRET:MYSQL_DB

it creates a mysql connection with the name mysql, associated with the agent default and with the environment variables HOST, USER, PASS and DB loading from the secret id MYSQL_SECRET.