AWS SSH with Internal DNS

Question

I am setting up an AWS EMR Cluster and i'm confused when it comes to connecting to it. In all of the examples i've seen the DNS has been something public and SSHing into the instance is straight forward. For the cluster I generated it's some internal dns ip-***.ec2.internal. I assume this is because this is to do with the VPC, but i'm not sure how to access it.

I do have bastion setup for port forwarding- is that what I'm supposed to do?

Answer 1

TL;DR It looks like the cluster you created was in a private subnet so you will need to use your bastion host to access it.

I created a couple of clusters to test, one in a public subnet and one in a private subnet.

As you can see from the images below, the public cluster has a public DNS name and the private uses the ec2.internal DNS name.

You can launch EMR clusters in both public and private VPC subnets. This means you do not need internet connectivity to run an EMR cluster; however, you may need to configure network address translation (NAT) and VPN gateways to access services or resources located outside of the VPC, for example in a corporate intranet or public AWS service endpoints like AWS Key Management Service.

Important: Amazon EMR only supports launching clusters in private subnets in releases 4.2 or greater.

I'm not clear on that last note, because I spun up emr-5.19.0 in the example shown in the image. YMMV

Resources

https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-vpc-subnet.html