I’m trying to setup an alpine sshd container (on AWS Fargate) that runs only if needed that allows users to connect to other resources (in my case to have maintenance on an aws rds which is not publicly accessible).
As now I have setup everything and it is working fine, but I need help on some enhancements I’d like to apply
1) is it possible to have the tunnels automatically created by the server after the user connects ? I did found nothing about that, only client side configurations. The reason is that I want to remove the configuration from the user as much as possible
2) is there a way to create a DNS alias so I can set something like “permitopen=rds:3306” and the user then uses “-L 3307:rds:3306” ? Reason: I can simply restart the container to update the rds alias with a value from environmental variables/terraform/whatever. This makes switching rds very easy. I don’t like the idea of users having to use aws dns names (they are to loooong and possibly very similar to other RDS in same organization).Also maintaining ssh_config files on users side is not optimal… In addition those aliases will be used only by the container, so no route53 hosted zones, if possible
Thanks in advance !