[aaaaaaaaaaab]

>At first I opened a router port but the RPI showed access attempts every few minutes, which was troubling. Learned enough about ssh tunneling to setup a systemd service to auto-attach the RPI to an AWS instance.

What was the gain here exactly? The same port scanners are hitting your AWS instance now. If it concerned you before with the RPi (which it shouldn’t btw), I don’t see why it wouldn’t concern you with the AWS instance as well…

[dls2016]

I’m currently in a low-user situation and can lock that down AWS instances by IP.

My concern is that I'm running an experiment and don't want things corrupted by some script kiddies simply because I'm not a great network/Linux admin. This merely reflects my lack of knowledge... hence my ask. (Which I guess people hate enough to downvote? haha ok)

[aaaaaaaaaaab]

That’s pretty simple to do with Linux too… Just install ufw and set it to deny by default, then open the SSH port to only your IP. No need to go through AWS for that.

[dls2016]

Didn't know about ufw, but I'm not on the same network as the RPI and don't have a static IP. And the RPI was already uploading data to an AWS instance.

[aaaaaaaaaaab]

Sorry, then I don’t know what you’ve meant by “lock that down AWS instances by IP”.

[dls2016]

Using an AWS security group. I'm a basic b** as the kids say.

[dls2016]

And remove the word "that".