Recently, I’m working into a common case scenario. We created a managed redis instance in AWS, which only allows the traffic from our ECS hosts.
I need to import some sample data from my laptop into the redis. Obviously, I dont have access from my local laptop. And I know I can upload the file to S3 from my laptop, but I don’t want to install redis tools into our ECS hosts, which potentially increase the security risk.
So I decided to use the ECS host as a basin host and forward the 6379 port into my localhost 6379 port. therefore I can easily import data from my laptop.
ssh -L 6379:mycacheserver.cache.amazonaws.com:6379 ec2-user@myecsinstnce -i ~/keys/myecs.pem