Private AWS RDS access,
without bastion SSH

Storm Tunnel gives macOS developers a visual, one-click way to reach PostgreSQL, MySQL, Aurora, and internal services through AWS Session Manager. Keep databases private, use IAM access, and avoid fragile terminal commands.

Download for macOS View Pricing
No inbound ports
·
Native macOS app
·
SSH also supported
Storm Tunnel app interface showing main dashboard with active tunnel connections, menu bar controls, and connection status indicators

Make Private Database Access Repeatable

A clean workflow for the AWS access pattern teams actually use.

The Friction
$ aws ssm start-session --target i-...
> which profile, region, endpoint?

Powerful, but easy to misconfigure

AWS Session Manager is the right foundation for private RDS access, but the raw workflow still leaves developers juggling instance IDs, profiles, regions, ports, and long command lines. Small mistakes become support requests.

Connected
The Flow
Active
Production Database

Defined once, used confidently

Storm Tunnel turns the approved access path into a saved, visible workflow. Developers open Storm Tunnel, choose the RDS connection, and click Connect. DevOps keeps the database private and the access model aligned with AWS IAM.

Designed for AWS-First Workflows

Menu Bar Database Access

Start and stop private database tunnels from anywhere. Check whether your RDS tunnel is connected without opening Terminal.

Menu bar popup showing tunnel controls and status

Smart AWS Validation

Pre-flight checks catch missing AWS configuration, invalid tunnel details, and port conflicts before you connect. Notifications stay clear without taking over your workflow.

Success toast notification Warning toast notification

Built for Infrastructure Teams

A practical interface over the secure AWS path.

RDS
PostgreSQL, MySQL, Aurora
IAM
AWS Profile & SSO Friendly
443
Outbound SSM Traffic
Zero
In-App Telemetry

AWS SSM to RDS

Connect from your Mac to a private RDS endpoint through an SSM-managed EC2 instance in the same VPC. No public database, no VPN dependency, no SSH port opened to the internet.

IAM-Based Operational Access

Use the AWS profiles and SSO flows your team already controls. Access can be granted, audited, and revoked through AWS instead of distributing long-lived SSH keys.

No Telemetry, No Tracking

In the Storm Tunnel app, your tunnel configurations stay on your machine. No in-app telemetry, no usage tracking, no external connections. Your infrastructure details are yours alone.

Native macOS Performance

Built with SwiftUI for macOS 15+. Lightweight menu bar presence, system notifications, and zero Electron overhead. Feels like it belongs on your Mac.

Become a Founding User

Try the AWS-first macOS tunnel manager for private RDS and internal service access.

Get Early Access