Discovered through subconscious ops.
So GCP compute uses a thing called OS Login. It allows for managing linux vm user accounts via IAM. Pretty cool.
To set this up, you need os-login=true in your metadata for either the VMs or the project.
Once that’s done, we have to add our ssh keys into the list.
$ gcloud compute project-info describe --format="value(commonInstanceMetadata[items][ssh-keys])" > ssh-key-list
$ MY_KEY=$(cat ~/.ssh/id_ed25519.pub)
# This is justin@subconscious.network, but we replace punctuation with underscores.
$ echo "justin_subconscious_network:$MY_KEY" >> ssh-key-list
$ gcloud compute project-info add-metadata --metadata-from-file=ssh-keys=./ssh-key-list