A good rule of thumb:

- Don't even let dev machines access the infra directly (unless you're super early in a greenfield project): No local deploys, no SSH. Everything should go through either the pipeline or tools.

Why?

- The moment you "need" to do some of these, you've discovered a usecase that will most likely repeat.

- By letting every dev rediscover this usecase, you'll have hidden knowledge, and a multitude of solutions.

In conversation fragments:

- "... let me just quickly check if there's still enough disk space on the instance"

- "Hey Kat, could you get me the numbers again? I need them for a report." "sure, I'll run my script and send them to you in slack" "ah.. Could you also get them for last quarter? They're not in slack anymore"