[nijave]

Agree. There's lots of programmer-centric SDKs and tools that abstract away a lot of the infrastructure details and make it feel like writing/running code.

A few years ago I worked at a place that was on AWS ECS and I think I can count on 1 hand the number of times I needed to SSH into a machine each year. Half of those times were SSHing into the singular VM we had that ran a Strong Swan IPsec tunnel to a vendor.

The current place I work we have bastions and EKS. Occasionally, I SSH into a bastion but usually just use Cloudflare Tunnels (they run as k8s pods and the control plane is private so the bastions are helpful for bootstrapping things). Out of that stuff, it's all been converted to immutable infrastructure and gets recreated once a month with the latest AMI. Probably could kill the bastions and run Cloudflare Tunnel agents on Fargate on ECS to eliminate all the o.g. sysadmin work but some people are nostalgic so I gotta wean em off VMs