Setting linux command limit per user

I need to perform security settings on the server now. Linux server and DB server access restrictions and permission settings for each user are in progress.

For this purpose, a separate solution was introduced, and the solution can set the user's command line, Logon/off, DB Query logging and limit settings for each server.

I checked the servers required for work by user, and set SSH and DB access control settings for each user.

In the case of DB, a table was set up for each user to be viewed, and in the case of columns with personal information, masking was performed.

The problem is the server. In the case of infrastructure personnel, there is no problem because all commands for all servers are allowed. For other developers, it is judged that unnecessary commands should be restricted.

For example, it is determined that there is no need for SSH communication from the server to another server, and it tries to block the ssh command.

When trying to block unnecessary commands for developers like this, I wonder if there is a guide document like the CIS benchmark.