I’m currently looking for a solution trying to secure a fleet of linux instances mostly ubuntu arm64 behind a MFA based ssh entry. Right now we use aws cert to access these instances, but this doesn’t provide a way of user activity tracking. Is there a way I can load all the users in my google workspace into some sort of LDAP and provide Role based accesses to these linux machines. Even something simple as a password based auth and a unique TOTP (passively recording the user entry on to a database) should be fine. I could think of multiple pieces, but is there a straight up solution for this? (Does OpenIAM help here ??)