After creating ssh target of my server in boundary, I can now ssh into my server using boundary. Now i want to restrict direct access to my server, so that no one can directly ssh into my server. how can i achieve that?
That depends on the environment those servers are in. On a cloud hosting environment it may be as simple as a deny rule for connections on port 22 coming from anywhere outside your own subnet (and those kinds of rules are exactly the kind of thing my Terraform configs typically have). In a physical environment you’ll probably need to have some kind of firewall with a rule dropping that traffic. You can also set that kind of config up on each host in various ways as you deploy them, for example with iptables/firewalld rules on Linux.