[{"data":1,"prerenderedAt":969},["ShallowReactive",2],{"navigation_docs":3,"-engineering-database-connection":209,"-engineering-database-connection-surround":964},[4,8,50,75,133,149,162,171,205],{"title":5,"path":6,"stem":7},"Introduction","\u002Fintroduction","0.introduction",{"title":9,"path":10,"stem":11,"children":12,"page":49},"Company","\u002Fcompany","1.company",[13,17,21,25,29,33,37,41,45],{"title":14,"path":15,"stem":16},"About","\u002Fcompany\u002Fabout","1.company\u002F0.about",{"title":18,"path":19,"stem":20},"Values","\u002Fcompany\u002Fvalues","1.company\u002F1.values",{"title":22,"path":23,"stem":24},"Communication","\u002Fcompany\u002Fcommunication","1.company\u002Fcommunication",{"title":26,"path":27,"stem":28},"Competition","\u002Fcompany\u002Fcompetition","1.company\u002Fcompetition",{"title":30,"path":31,"stem":32},"Hybrid Working","\u002Fcompany\u002Fhybrid-working","1.company\u002Fhybrid-working",{"title":34,"path":35,"stem":36},"Operations","\u002Fcompany\u002Foperations","1.company\u002Foperations",{"title":38,"path":39,"stem":40},"Policies","\u002Fcompany\u002Fpolicies","1.company\u002Fpolicies",{"title":42,"path":43,"stem":44},"Product","\u002Fcompany\u002Fproduct","1.company\u002Fproduct",{"title":46,"path":47,"stem":48},"Security","\u002Fcompany\u002Fsecurity","1.company\u002Fsecurity",false,{"title":51,"path":52,"stem":53,"children":54,"page":49},"People Ops","\u002Fpeople-ops","2.people-ops",[55,59,63,67,71],{"title":56,"path":57,"stem":58},"Compensation","\u002Fpeople-ops\u002Fcompensation","2.people-ops\u002Fcompensation",{"title":60,"path":61,"stem":62},"Education","\u002Fpeople-ops\u002Feducation","2.people-ops\u002Feducation",{"title":64,"path":65,"stem":66},"Expenses","\u002Fpeople-ops\u002Fexpenses","2.people-ops\u002Fexpenses",{"title":68,"path":69,"stem":70},"Holiday & Leave","\u002Fpeople-ops\u002Fleave","2.people-ops\u002Fleave",{"title":72,"path":73,"stem":74},"Onboarding","\u002Fpeople-ops\u002Fonboarding","2.people-ops\u002Fonboarding",{"title":76,"path":77,"stem":78,"children":79,"page":49},"Engineering","\u002Fengineering","3.engineering",[80,84,88,92,96,117,121,125,129],{"title":81,"path":82,"stem":83},"Development Setup","\u002Fengineering\u002Fdevelopment-setup","3.engineering\u002F1.development-setup",{"title":85,"path":86,"stem":87},"Contributing","\u002Fengineering\u002Fcontributing","3.engineering\u002Fcontributing",{"title":89,"path":90,"stem":91},"Production Database","\u002Fengineering\u002Fdatabase-connection","3.engineering\u002Fdatabase-connection",{"title":93,"path":94,"stem":95},"Deployment","\u002Fengineering\u002Fdeployment","3.engineering\u002Fdeployment",{"title":97,"path":98,"stem":99,"children":100,"page":49},"Github","\u002Fengineering\u002Fgithub","3.engineering\u002Fgithub",[101,105,109,113],{"title":102,"path":103,"stem":104},"Packages","\u002Fengineering\u002Fgithub\u002Fpackages","3.engineering\u002Fgithub\u002Fpackages",{"title":106,"path":107,"stem":108},"Personal Access Token","\u002Fengineering\u002Fgithub\u002Fpersonal-access-token","3.engineering\u002Fgithub\u002Fpersonal-access-token",{"title":110,"path":111,"stem":112},"Troubleshooting","\u002Fengineering\u002Fgithub\u002Ftroubleshooting","3.engineering\u002Fgithub\u002Ftroubleshooting",{"title":114,"path":115,"stem":116},"Workflows","\u002Fengineering\u002Fgithub\u002Fworkflows","3.engineering\u002Fgithub\u002Fworkflows",{"title":118,"path":119,"stem":120},"Platform Ops","\u002Fengineering\u002Fplatform-ops","3.engineering\u002Fplatform-ops",{"title":122,"path":123,"stem":124},"Project Management","\u002Fengineering\u002Fproject-management","3.engineering\u002Fproject-management",{"title":126,"path":127,"stem":128},"Releases","\u002Fengineering\u002Frelease","3.engineering\u002Frelease",{"title":130,"path":131,"stem":132},"Tools","\u002Fengineering\u002Ftools","3.engineering\u002Ftools",{"title":134,"path":135,"stem":136,"children":137,"page":49},"Design","\u002Fdesign","4.design",[138,142,146],{"title":139,"path":140,"stem":141},"Branding","\u002Fdesign\u002Fbranding","4.design\u002Fbranding",{"title":143,"path":144,"stem":145},"Design Thinking","\u002Fdesign\u002Fdesign-thinking","4.design\u002Fdesign-thinking",{"title":130,"path":147,"stem":148},"\u002Fdesign\u002Ftools","4.design\u002Ftools",{"title":150,"path":151,"stem":152,"children":153,"page":49},"Sales","\u002Fsales","4.sales",[154,158],{"title":155,"path":156,"stem":157},"Customer Onboarding","\u002Fsales\u002Fonboarding","4.sales\u002Fonboarding",{"title":159,"path":160,"stem":161},"Sales Tools","\u002Fsales\u002Ftools","4.sales\u002Ftools",{"title":163,"path":164,"stem":165,"children":166,"page":49},"Marketing","\u002Fmarketing","5.marketing",[167],{"title":168,"path":169,"stem":170},"Messaging","\u002Fmarketing\u002Fmessaging","5.marketing\u002Fmessaging",{"title":172,"path":173,"stem":174,"children":175,"page":49},"Data Ops","\u002Fdata-ops","6.data-ops",[176,185,189,193,197,201],{"title":177,"path":178,"stem":179,"children":180,"page":49},"Capability Exchange","\u002Fdata-ops\u002Fcapability-exchange","6.data-ops\u002FCapability Exchange",[181],{"title":182,"path":183,"stem":184},"Leaderboard Calculation","\u002Fdata-ops\u002Fcapability-exchange\u002Fleaderboard-calculation","6.data-ops\u002FCapability Exchange\u002Fleaderboard-calculation",{"title":186,"path":187,"stem":188},"Account Portal (CAS)","\u002Fdata-ops\u002Faccount-portal","6.data-ops\u002Faccount-portal",{"title":190,"path":191,"stem":192},"Adding Products","\u002Fdata-ops\u002Faddin-products","6.data-ops\u002Faddin-products",{"title":194,"path":195,"stem":196},"Adding Vendors","\u002Fdata-ops\u002Fadding-vendors","6.data-ops\u002Fadding-vendors",{"title":198,"path":199,"stem":200},"Message Queues","\u002Fdata-ops\u002Fmessage-queues","6.data-ops\u002Fmessage-queues",{"title":202,"path":203,"stem":204},"Refreshing Vendors","\u002Fdata-ops\u002Frefreshing-vendors","6.data-ops\u002Frefreshing-vendors",{"title":206,"path":207,"stem":208},"Glossary","\u002Fglossary","glossary",{"id":210,"title":89,"body":211,"description":957,"extension":958,"links":959,"meta":960,"navigation":961,"path":90,"seo":962,"stem":91,"__hash__":963},"docs\u002F3.engineering\u002Fdatabase-connection.md",{"type":212,"value":213,"toc":921},"minimark",[214,219,223,226,229,233,236,252,255,257,261,264,289,291,295,300,342,345,347,351,363,369,371,375,389,392,400,402,406,458,461,463,467,471,485,489,500,503,505,509,512,515,525,533,539,541,545,549,581,585,597,599,603,606,609,613,620,662,666,691,696,698,702,705,722,724,728,746,749,757,763,765,769,772,781,784,798,800,804,817,821,829,833,844,846,850,869,871,875,887,889,893,896],[215,216,218],"h2",{"id":217},"accessing-production-databases-via-the-aws-jump-box","Accessing Production Databases via the AWS Jump Box",[220,221,222],"p",{},"Use this process when you need temporary direct access to a production database for investigation, emergency fixes, Prisma migrations, or rollback support.",[220,224,225],{},"This method creates an SSH tunnel from your machine to the AWS network through the jump box, so your local tools can connect to a production database as though it were running locally.",[227,228],"hr",{},[215,230,232],{"id":231},"when-to-use-this","When to use this",[220,234,235],{},"Use this only when necessary, for example:",[237,238,239,243,246,249],"ul",{},[240,241,242],"li",{},"connecting local tools to a production database",[240,244,245],{},"running Prisma migrations against production",[240,247,248],{},"inspecting production data in MySQL Workbench or another client",[240,250,251],{},"connecting to a restored snapshot during rollback work",[220,253,254],{},"This is not the preferred long-term workflow. It is a temporary access path for operational needs.",[227,256],{},[215,258,260],{"id":259},"prerequisites","Prerequisites",[220,262,263],{},"You will need:",[237,265,266,274,277,280,283,286],{},[240,267,268,269,273],{},"AWS access to the ",[270,271,272],"code",{},"ESProfiler"," account with Administrator Access",[240,275,276],{},"PuTTY installed",[240,278,279],{},"PuTTYgen installed",[240,281,282],{},"your SSH public key added to the jump box user",[240,284,285],{},"your home or office IP address whitelisted in the jump box security group",[240,287,288],{},"a database client (e.g. MySQL Workbench)",[227,290],{},[215,292,294],{"id":293},"_1-generate-an-ssh-key-if-you-dont-already-have-one","1. Generate an SSH key (if you don’t already have one)",[296,297,299],"h3",{"id":298},"using-puttygen","Using PuTTYgen",[301,302,303,309,315,322,325,328,331],"ol",{},[240,304,305,306],{},"Open Start menu → search ",[270,307,308],{},"PuTTYgen",[240,310,311,312],{},"Set key size to ",[270,313,314],{},"4096",[240,316,317,318],{},"Click ",[319,320,321],"strong",{},"Generate",[240,323,324],{},"Move your mouse to generate entropy",[240,326,327],{},"Add a key comment (your name or username)",[240,329,330],{},"Set a memorable passphrase",[240,332,333,334],{},"Save:\n",[237,335,336,339],{},[240,337,338],{},"Private key",[240,340,341],{},"Public key",[220,343,344],{},"Store securely (e.g. a personal \"Security\" folder in Google Drive).",[227,346],{},[215,348,350],{"id":349},"_2-share-your-public-key","2. Share your public key",[301,352,353,360],{},[240,354,355,356,359],{},"Copy the ",[319,357,358],{},"public key text"," from PuTTYgen",[240,361,362],{},"Send it to whoever manages jump box access",[220,364,365,368],{},[319,366,367],{},"Important:"," send the full key text, not just a file.",[227,370],{},[215,372,374],{"id":373},"_3-get-your-ip-address-whitelisted","3. Get your IP address whitelisted",[301,376,377,383,386],{},[240,378,379,380],{},"Google: ",[270,381,382],{},"what's my IP",[240,384,385],{},"Copy your IPv4 address",[240,387,388],{},"Send it to the AWS admin",[220,390,391],{},"You may need:",[237,393,394,397],{},[240,395,396],{},"office IP",[240,398,399],{},"home IP",[227,401],{},[215,403,405],{"id":404},"_4-add-ip-to-aws-security-group","4. Add IP to AWS security group",[301,407,408,413,419,425,429,435,438],{},[240,409,410,411],{},"Open AWS → ",[270,412,272],{},[240,414,415,416],{},"Go to ",[270,417,418],{},"EC2",[240,420,421,422],{},"Select instance: ",[270,423,424],{},"ESP1 connector",[240,426,415,427],{},[319,428,46],{},[240,430,431,432],{},"Open security group: ",[270,433,434],{},"DHCP ssh",[240,436,437],{},"Edit inbound rules",[240,439,440,441],{},"Add:\n",[237,442,443,449,452],{},[240,444,445,446],{},"Port: ",[270,447,448],{},"22",[240,450,451],{},"Source: your IP",[240,453,454,455],{},"Description: e.g. ",[270,456,457],{},"Joe home",[220,459,460],{},"Save.",[227,462],{},[215,464,466],{"id":465},"_5-configure-putty-connection","5. Configure PuTTY connection",[296,468,470],{"id":469},"session-setup","Session setup",[237,472,473,479],{},[240,474,475,476],{},"Host: ",[270,477,478],{},"your-username@X.X.X.X",[240,480,481,482],{},"Save session as: ",[270,483,484],{},"ESP AWS",[296,486,488],{"id":487},"add-private-key","Add private key",[237,490,491,494,497],{},[240,492,493],{},"Connection → SSH → Credentials",[240,495,496],{},"Load your private key",[240,498,499],{},"Save session again",[220,501,502],{},"Open the session.",[227,504],{},[215,506,508],{"id":507},"_6-log-in-and-change-password","6. Log in and change password",[220,510,511],{},"After login:",[220,513,514],{},"Run:",[516,517,522],"pre",{"className":518,"code":520,"language":521},[519],"language-text","passwd\n","text",[270,523,520],{"__ignoreMap":524},"",[237,526,527,530],{},[240,528,529],{},"Enter your assigned temporary password",[240,531,532],{},"Set your own password",[220,534,535,538],{},[319,536,537],{},"Tip:"," Right-click = paste in PuTTY.",[227,540],{},[215,542,544],{"id":543},"_7-get-database-endpoint-aws-rds","7. Get database endpoint (AWS RDS)",[296,546,548],{"id":547},"mysql-services","MySQL (services)",[301,550,551,554,560,567,573,576],{},[240,552,553],{},"AWS → RDS",[240,555,556,557],{},"Region: ",[270,558,559],{},"eu-west-2",[240,561,562,563,566],{},"DB Instances → select DB (e.g. ",[270,564,565],{},"service8",")",[240,568,569,570],{},"Open ",[319,571,572],{},"Endpoints",[240,574,575],{},"Copy endpoint",[240,577,445,578],{},[270,579,580],{},"3306",[296,582,584],{"id":583},"postgresql-pcx","PostgreSQL (PCX)",[301,586,587,590,592],{},[240,588,589],{},"Open PostgreSQL instance",[240,591,575],{},[240,593,445,594],{},[270,595,596],{},"5432",[227,598],{},[215,600,602],{"id":601},"_8-configure-ssh-tunnels-in-putty","8. Configure SSH tunnels in PuTTY",[220,604,605],{},"Path:",[220,607,608],{},"Connection → SSH → Tunnels",[296,610,612],{"id":611},"recommended-ports","Recommended ports",[220,614,615,616,619],{},"These map a local port on your machine (e.g. ",[270,617,618],{},"13306",") to the remote port\u002Fhost",[621,622,623,639],"table",{},[624,625,626],"thead",{},[627,628,629,633,636],"tr",{},[630,631,632],"th",{},"DB Type",[630,634,635],{},"Local Port",[630,637,638],{},"Remote Port",[640,641,642,652],"tbody",{},[627,643,644,648,650],{},[645,646,647],"td",{},"MySQL",[645,649,618],{},[645,651,580],{},[627,653,654,657,660],{},[645,655,656],{},"PostgreSQL",[645,658,659],{},"15432",[645,661,596],{},[296,663,665],{"id":664},"setup","Setup",[301,667,668,671,677,682,685,688],{},[240,669,670],{},"Enter source port",[240,672,673,674],{},"Enter destination: ",[270,675,676],{},"\u003Cendpoint>:port",[240,678,317,679],{},[319,680,681],{},"Add",[240,683,684],{},"Repeat if needed",[240,686,687],{},"Go to Session → Save",[240,689,690],{},"Open session",[220,692,693,695],{},[319,694,367],{}," tunnel only works while PuTTY is open.",[227,697],{},[215,699,701],{"id":700},"_9-connect-via-local-tools","9. Connect via local tools",[220,703,704],{},"Example for Platform DB (MySQL Workbench):",[237,706,707,712,716],{},[240,708,475,709],{},[270,710,711],{},"127.0.0.1",[240,713,445,714],{},[270,715,618],{},[240,717,718,719],{},"Username: ",[270,720,721],{},"espadministrator",[227,723],{},[215,725,727],{"id":726},"_10-get-database-password-secrets-manager","10. Get database password (Secrets Manager)",[301,729,730,733,738,741],{},[240,731,732],{},"Open DB in AWS",[240,734,415,735],{},[319,736,737],{},"Configuration",[240,739,740],{},"Open linked secret",[240,742,317,743],{},[319,744,745],{},"Retrieve secret value",[220,747,748],{},"Copy:",[237,750,751,754],{},[240,752,753],{},"username",[240,755,756],{},"password",[220,758,759,762],{},[319,760,761],{},"Note:"," password rotates regularly — do not store permanently.",[227,764],{},[215,766,768],{"id":767},"_11-using-with-apps-prisma","11. Using with apps \u002F Prisma",[220,770,771],{},"Use:",[237,773,774,778],{},[240,775,475,776],{},[270,777,711],{},[240,779,780],{},"Port: forwarded port",[220,782,783],{},"Examples:",[237,785,786,792],{},[240,787,788,789],{},"MySQL: ",[270,790,791],{},"127.0.0.1:13306",[240,793,794,795],{},"Postgres: ",[270,796,797],{},"127.0.0.1:15432",[227,799],{},[215,801,803],{"id":802},"_12-rollback-via-snapshots","12. Rollback via snapshots",[301,805,806,809,814],{},[240,807,808],{},"Open snapshot in AWS",[240,810,317,811],{},[319,812,813],{},"Restore",[240,815,816],{},"Give new DB name",[296,818,820],{"id":819},"key-behaviour","Key behaviour",[237,822,823,826],{},[240,824,825],{},"Does NOT overwrite production DB",[240,827,828],{},"Creates a new cluster",[296,830,832],{"id":831},"workflow","Workflow",[301,834,835,838,841],{},[240,836,837],{},"Connect to restored DB",[240,839,840],{},"Extract required data\u002Fschema",[240,842,843],{},"Apply to live DB",[227,845],{},[215,847,849],{"id":848},"operational-notes","Operational notes",[237,851,852,855,858,861,866],{},[240,853,854],{},"Keep PuTTY open while connected",[240,856,857],{},"Check IP whitelist if connection fails",[240,859,860],{},"Check SSH key if auth fails",[240,862,863,864],{},"Ensure region is ",[270,865,559],{},[240,867,868],{},"Avoid port clashes with local dev",[227,870],{},[215,872,874],{"id":873},"standard-ports","Standard ports",[237,876,877,882],{},[240,878,879,880],{},"MySQL production: ",[270,881,618],{},[240,883,884,885],{},"PostgreSQL production: ",[270,886,659],{},[227,888],{},[215,890,892],{"id":891},"new-starter-checklist","New starter checklist",[220,894,895],{},"Ensure:",[237,897,898,901,904,907,910,912,915,918],{},[240,899,900],{},"AWS access granted",[240,902,903],{},"Correct AWS roles assigned",[240,905,906],{},"SSH key created + added",[240,908,909],{},"IP whitelisted",[240,911,276],{},[240,913,914],{},"Database access tested",[240,916,917],{},"Google Cloud access granted (if needed)",[240,919,920],{},"Remote support tooling installed",{"title":524,"searchDepth":922,"depth":922,"links":923},2,[924,925,926,927,931,932,933,934,938,939,943,947,948,949,950,954,955,956],{"id":217,"depth":922,"text":218},{"id":231,"depth":922,"text":232},{"id":259,"depth":922,"text":260},{"id":293,"depth":922,"text":294,"children":928},[929],{"id":298,"depth":930,"text":299},3,{"id":349,"depth":922,"text":350},{"id":373,"depth":922,"text":374},{"id":404,"depth":922,"text":405},{"id":465,"depth":922,"text":466,"children":935},[936,937],{"id":469,"depth":930,"text":470},{"id":487,"depth":930,"text":488},{"id":507,"depth":922,"text":508},{"id":543,"depth":922,"text":544,"children":940},[941,942],{"id":547,"depth":930,"text":548},{"id":583,"depth":930,"text":584},{"id":601,"depth":922,"text":602,"children":944},[945,946],{"id":611,"depth":930,"text":612},{"id":664,"depth":930,"text":665},{"id":700,"depth":922,"text":701},{"id":726,"depth":922,"text":727},{"id":767,"depth":922,"text":768},{"id":802,"depth":922,"text":803,"children":951},[952,953],{"id":819,"depth":930,"text":820},{"id":831,"depth":930,"text":832},{"id":848,"depth":922,"text":849},{"id":873,"depth":922,"text":874},{"id":891,"depth":922,"text":892},"Accessing the production database in rollback situations.","md",null,{},true,{"title":89,"description":957},"o7eOm7BtpnYGZu273xmLC9YSlIVCVNvtG0CvHDdo268",[965,967],{"title":85,"path":86,"stem":87,"description":966,"children":-1},"If you're contributing to ESProfiler, this section provides you with quick links to tools, resources and best practices to help you in your day-to-day role and work seamlessly with the rest of the engineering team.",{"title":93,"path":94,"stem":95,"description":968,"children":-1},"A comprehensive overview of the deployment process for new ESProfiler tenants",1778263960928]