As found on Cloud burst… causing a flood of snippets by my colleague, this post details how to set up AWS SSM to replace your bastion host in AWS with authentication tied to your AWS account. Looks impressive, and means you can have an entirely SSH-ingress-free environment! Win!
I read an article like this a few months ago, and it really resonated with me. Sometimes I forget to ask, but on the whole, this is a good thing to do – everyone hates the “where do I rate against you” question, and these are great questions to break the ice which don’t involve that question!
This is a particularly extensive and well written article. If you’re thinking of running your own email service, this is the comprehensive guide to it for OpenSMTPD and Dovecot. Great work!