If you install a current version of Ubuntu it uses perfectly sane defaults for SSH. If you go the step further and disable password authentication entirely and only use keys you’ll be very secure.

I fully understand the preference of a serverless platform of course, especially if you’re more of a programmer and less sysadmin.