Read the original article: How to Connect to Private AWS Resources With SSH Tunnels and Bastion Hosts
The Problem With Publicly Accessible AWS Resources
When you first develop infrastructure for a new project, you naturally optimize for rapid development. You want to get something — anything — out the door, and you therefore want to be able to write code and debug issues quickly.
Because of that, it’s awfully tempting to spin up servers and databases in public subnets so that you can readily connect to them for debugging sessions. It’s nice to be able to ssh my-user@my-web-server
to do some live code debugging, or psql -U my-user -h my-database-instance
to assess the current state of your database.
Read the original article: How to Connect to Private AWS Resources With SSH Tunnels and Bastion Hosts