Aurora Proxy Command

[kolanos]

First off, AWS Copilot is great, thank you for making it.

This is a feature request regarding the Aurora addons. By default it appears that Aurora clusters are configured with a private subnet. This makes sense for typical use. But it would be nice to be able to temporarily be able to connect directly to the Aurora cluster from a designated IP address.

The primary use case here is creating or loading a database dump using mysqldump or pgdump or similar. But also being able to quickly login to the database using mysql or psql would be useful as well. This would be sort of like a database equivalent of copilot svc exec. Would also be nice when not using the proxy to have the database revert to a private subnet only config.

Coming from Google Cloud, they have a similar feature with CloudSQL:

https://cloud.google.com/sql/docs/mysql/sql-proxy

[efekarakus]

Hi @kolanos !

Thank you for the feature request 🚀 to make sure that I'm understanding it correctly, would you mind validating my understanding?

• The functionality that is requested seems similar to this AWS blog post but without having to resort to a bastion host. Is that correct?
• To achieve that, the RDS instances would need to be publicly accessible but only allow ingress from specific IP addresses with the security group, is that right?

The Copilot generated addons/ template should be modifiable to meet that need, but I understand that it would be a lot more convenient for the command to generate it.