Connect to a remote MYSQL via SSH tunnel or a private IP

How can I connect to a MySQL service on one of my EC2 instances via SSH tunnel or a private IP?

This EC2 instance is on a public VPC with a public IP (Elastic IP) and I would like give QuickSight access to its MySQL service via a private IP of that EC2 instance, or connect to the MySQL service via SSH, as a localhost connection. and not open port 3306 publicly to the internet.

QS doesn’t support SSH option, but you can enable QS to connect using EC2 private IP address via VPC Connection.

Usually, SSL certificate is bound to domain address. If you need to enable SSL for QS connection, you would also create private hosted zone in Route53 to duplicate DNS entry that points to EC2 private address and Inbound Endpoint Resolver that can resolve private DNS in the EC2 VPC.

Thank you @ankgp .

  1. I created a connection to my private VPC
  2. I added the relevant security groups to my EC2 (enabling access only from the QS subnet IPs)
  3. I added a special SQ user with relevant permissions to the MySQL schema
  4. I had to update my.cnf and disable bind-address, to allow connections from QS
  5. I did not use SSL for the connection between QS and my EC2 MySQL

The following information pages were helpful too:

More info: