This project is a sample code repository that shows a complete example of how to set up port forwarding to a remote ElastiCache cluster.
The purpose of this code repository is to provide you with a complete example of both AWS service components and the necessary configuration. In this way, the project enables you to port-forward from your local machine to a secure AWS ElastiCache for Redis cluster. As a result, you can seamlessly and securely interact with remote resources running within private VPC subnets from your local development machine.
Within this project, we are also deploying Amazon Virtual Private Cloud (Amazon VPC) configuration that simulates a common structure of public / private subnets with all of the necessary network infrastructure elements. Amazon VPC is deployed as part of a nested stack within the provided template.yml file.
From the CloudFormation template we also provision a sample AWS ElastiCache for Redis cluster and an Amazon EC2 instance. All resources are deployed within a private VPC subnet. Deployed Amazon EC2 instance is running an HAProxy server that acts as a load balancer for port forwarded requests towards ElastiCache nodes.
The following tools are necessary for you to deploy described AWS resources, start port forwarding via SSM and test the forwarded connection.
- Installed AWS Command Line Interface (CLI).
- Installed Session Manager plugin for the AWS CLI
- (Optional) Installed Redis CLI used to test the forwarded connection.
- Access to an AWS account with respective permissions.
- Assuming your AWS CLI is configured to use AWS Region
eu-west-1
, within project home directory, execute:
aws cloudformation deploy --template-file template.yml --stack-name SsmComputeStack --parameter-overrides AvailabilityZones="eu-west-1a,eu-west-1b,eu-west-1c" --capabilities CAPABILITY_IAM
If you do not wish to use eu-west-1
region, then update the AvailabilityZones
parameter according to the preferred region.
- Within project home directory, execute
./open-redis-tunnel.sh
script that will start a port forwarding session using SSM. Optionally, you can execute AWS CLIstart-session
command directly from the console with appropriate parameters. - (Optional) From any location, open a second console window and execute
redis-cli ping
. You should receive “PONG” in response. Receiving “PONG” indicates that you have successfully port-forwarded your machine and that you are able to reach remote Redis cluster.
From any location on your machine execute aws cloudformation delete-stack --stack-name SsmComputeStack
. This action will delete all of provisioned compute resources and any accompanying configuration. Since Amazon VPC configuration is provisioned as a nested stack, the Amazon VPC configuration is also going to be deleted. Alternatively, you can delete the SsmComputeStack stack via the AWS Console.
This library is licensed under the MIT-0 License. See the LICENSE file.