I've set up a MYSQL RDS on AWS, in a private VPC behind a NAT.
With Workbench, I can connect successfully from a remote client into the RDS no problems – so all of the RDS, the NAT and the security groups, etc are all set up correctly.
I've tried a variety of SSH tunnelling examples that I've found, to connect without using Workbench – but nothing is working.
So given that I ssh into the NAT with ssh -i nat.pem ec2-user@nat.ip and the RDS is behind that at rds.endpoint.aws.com – how do I set up an SSH tunnel so that I can just mysql -h into the RDS endpoint through the NAT?
Best Answer
I'm sure I tried this earlier, but I must've typo'ed something, as it's now working.
Posting the answer just in case anyone else gets confused by this.
Set up an ssh tunnel on the remote client with:
then just
mysql -h 127.0.0.1 -P 3305 -u user -p