Was there any particular reason to enable SSH using network tags as against adding it to the service account like before when we added ping capability? Or was the intention just to help us understand how to add network tags?
Hello! Good question! I only used network tags for this because I wanted you to have some experience using them, not because they are in any way better than the other options. You might well have other situations where you want to have rules–even for SSH–based on Service Account, IP Address, or even blanket-applied to all instances! You might also decide to restrict the source IPs for SSH connections to just a work network range, maybe a bastion host, or maybe even the single IP address you happen to be using right then (and then you’ll clean out that rule when you’re done). Lots of valid options for how to use all these tools. 😃