Secure SSH Port on Instances

How to avoid exposing the SSH port to the Internet, to be accessed only when connected to the zero trust network?

You can bind the SSH port to the zero trust interface using the sshd config of your server.

I have followed the instructions to create a secure connection through WARP to Tunnel

And you can see the images of my configuration

What other configuration do I need?