[communicator] add proxy_command support to connection block

[mattlqx]

I have a Terraform use-case where I am using an AWS EC2 Instance Connect Endpoint to access instances in different AWS accounts that do not have direct network access from the network location in which Terraform runs so that SSH connections can be established for use on remote-exec provisioner blocks. AWS's connection guide offers a few different methods:

1. Using a pipe to aws ec2-instance-connect open-tunnel via an ssh -o ProxyCommand= argument.
2. Running aws ec2-instance-connect open-tunnel --local-port as a background process to be used as a TCP proxy.
3. Using aws ec2-instance-connect ssh to open an interactive ssh session.

Of these, using an out-of-the-box Terraform I attempted to get number 2 to work. It was hacky, using terraform_data with local-exec provisioners to control starting and stopping of the process in a detached tmux. I had some success with it but am running into issues with handling Terraform resource provisioners leaving the processes hanging. It would simply be much cleaner to implement the ability to use a ProxyCommand-like attribute on the Terraform ssh connections.

This PR implements a proxy_command attribute on the connection block that will pipe SSH communication through an exec'd process. This enables the ability to use aws ec2-instance-connect as described in number 1. No workarounds are then required to use Terraform with instances that are only reachable through EC2 Instance Connect or potentially any number of other proxy methods.

Target Release

1.12.x

CHANGELOG entry

• This change is user-facing and I added a changelog entry.
• This change is not user-facing.

[crw]

Thanks for this submission! I will raise it in triage.