Dev Tools
Dev Tools is a top-level platform section for self-serve developer utilities. The first tool is the SQL Console: browser-based query access to RDS Postgres and MySQL databases running inside your own AWS account, a pgAdmin-style workflow with no standing infrastructure and no shared database passwords.
SQL Console
Each connection has two independent dimensions: how it authenticates to the database, and how it reaches the database over the network. You choose each one separately.
Database authentication
- IAM: the backend assumes the account role and generates a short-lived 15-minute RDS auth token, so no password is stored.
- basic: a username and password held encrypted in the central vault and never returned by the API.
Network path
- SSH bastion: the host key is pinned on first use and verified every session.
- SSM port-forwarding session: for VPCs with no bastion.
- direct TLS connection: a direct connection to the database.
Access through profiles
Access is granted through profiles that are read-only or read-write, assigned per person. You can give developers read-only access and time-box write access by revoking it later.
Working in the console
- Users get private saved queries and visual schema introspection.
- Read-only is enforced at the transaction level.
- Queries have a statement timeout and a selectable row cap.
- Engines supported: Postgres and MySQL.
Permissions
Permissions live under a Dev Tools category:
devtools.sql.viewdevtools.sql.querydevtools.sql.writedevtools.sql.manage