Connect to Amazon RDS via SSH Tunnel for Self-hosted Redash

jon234 · March 3, 2021, 8:38pm

Hey everyone,

I’m trying to connect my self-hosted Redash instance (on AWS EC2) to a MYSQL Amazon RDS DB in a private VPC network behind a bastion (My RDS DB & EC2 instance running Redash are in separate networks).

I’ve read the instructions here:

The part that was confusing is that it asks you to download the Redash public key and put it in the home of your bastion. For self-hosted Redash, should I generate my own private/public key pair, and then ssh into my EC2 server that is hosting Redash and copy that private key into the file under ssh_tunnel_auth here: Run queries through ad-hoc SSH tunnels by rauchy · Pull Request #4797 · getredash/redash · GitHub
What’s the best way to do this?

Then I take the corresponding public key I generated (as opposed to the Redash public key) and put it in the home of my user for the bastion?

Thank you!

k4s1m · March 8, 2021, 3:20pm

You have the right idea.

The doc you linked is specific to customers of app.redash.io. For a self-hosted instance you need your own public/private key pair. Add the public key to the trusted hosts on your bastion. Add the path to the private key to the Python file you linked. And configure an ssh_tunnel object on the data source using the REST API.