We were really liking SST's live Lambda development but lost it once our application got an RDS database. I've taken a couple of stabs at using AWS Client VPN Endpoint to connect to the VPC in which our RDS database lives, but it has punched me in the face each time. I'm close and not giving up, but I'm really hoping that someone has written up their experience setting up something similar.

I've been going through the same pain. It's mostly self-inflicted, since I am not used to building private APIs within a VPC. I can say that I got it all working, live lambda environment and all. I use a company supported VPN on my laptop (SonicWall), so I didn't have anything to do with that setup. Is there any particular problem you're facing?

This might not be an option for you depending on if its an old RDS system or not, but I now just use RDS serverless + data api

I'd certainly prefer that, but I've inherited an existing Serverless Framework app and I'm trying to work within the existing architecture. It's painful.

Back from deeply concentrating on the AWS VPC documentation and I see some replies. Nice! Good. I'm not alone. I got a Client VPN Endpoint up and running and connected (I think) to the target VPC, but all traffic from my workstation went through the VPN, so no Internet or access to the local network. Figured out I needed split-tunneling and go that working. So now I can connect a Client VPN Endpoint to the VPC with split-tunneling, meaning my local workstation functions normally, but I can't reach anything on the VPC. I'm starting by trying to get DNS working, but I'm not sure what address the DNS server is at on the AWS side.

we’re using a bastion host instead of VPN to reach private resources