I feel like all the innovation around wireguard is a reaction to this situation.
Cloud security, especially from AWS, is (as described elsewhere in the comments) byzantine, but I've always felt that the real underlying problem is generic advice that only serves to protect the backside of the cloud provider. What's really needed are crystal clear patterns that cover >95% of actual use cases.
Cloud security, especially from AWS, is (as described elsewhere in the comments) byzantine, but I've always felt that the real underlying problem is generic advice that only serves to protect the backside of the cloud provider. What's really needed are crystal clear patterns that cover >95% of actual use cases.