Managing PostgreSQL Databases with Luminate and pgAdmin 4

This article provides step-by-step instructions for connecting to PostgreSQL servers deployed in a data center without providing a direct network connectivity form the DBA's PC to the database servers. We will use the Luminate Software Defined Perimeter approach to provide ephemeral access based on the user identity.

The article assumes the following topology:

Step 1 - Connect to Luminate Portal and open the relevant SSH Application

Please log in to your Luminate Portal (https://<my_company_tenant>.luminatesec.com).

You will see a list of applications similar to the below:

Please click on the icon representing the SSH Bastion (MyBastion in our diagram) you will be using for accessing your PostgreSQL Servers. If you don't see it in the list, please approach your Luminate administrator to provide you with access permissions to such a server.

In the above window (that will open as a side pane in the Luminate Portal) please choose if you want to authenticate with RSA Key (and then download the private key) or Temporary Access Token, and copy the User name for SSH Client, as well as Host name for SSH Client.

Step 2 - Configure Connection with pgAdmin

In pgAdmin, define a new server instructing it to use an SSH Tunnel. In the SSH Host/User configuration, please configure the bastion host specified above.

This article assumes pgAdmin 4 release 3.1 or later, supporting native tunneled connections. For connecting with earlier releases of pgAdmin 4, please refer to this article.