No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

hey catmeme! interesting problem!

I think you've been posted a lot of the ideas I would have suggested, ultimately you're in a networking problem :slightly_smiling_face:

Another possible idea is that you could use pulumi to spin up a temporary instance inside the VPC with access the instantiate your MySQL provider using an SSH tunnel through that instance. So you'd do the equivalent of `ssh -L` as perhaps a dynamic provider. Not a better idea than what you've come up with

Ahh yes, a bastion was another idea that came up, but I find it a bit kludgey.  We’re basically backdooring ourselves into the stateful infrastructure.  Which if we can avoid, would be preferred.

I’ve installed squid proxies in the past to run end-to-end tests from CI envs. Helps if you already have a k8s cluster available but you could also deploy it in Fargate.