Problems Giving SSH Access to Your Linux Instances?

I have a number of projects running under Google Cloud with some projects having Linux instances that collaborators from outside of my organization need ssh access to.

Google's systems have excellent documentation, but Google themselves created a little bit of nightmare working out exactly what I needed to do by making all notes, discussions on the solution accessible through their search system. The problem is that search results typically do not come with an expiry date and it was a good few hours of work to work my way through each of the options offered before realizing that they had been superseded.

To make this easier let me first provide some background for my need:

• I have a technical collaborator who has a standard Google account 
• The person is NOT in my organization (see Google documentation on what is meant by an organization) 
• I also have Linux instances in projects under my organization this collaborator needs occasional command line access to 
• I want to use the standard Google IAM access control mechanism rather than messing around with manual key based access control
• I also wanted to give this person access to SSH over the browser because this makes things super easy for access from things like chrome books

If you needs are exactly as above firstly try Google - currently valid material is available at Google: https://cloud.google.com/compute/docs/instances/managing-instance-access#configure_users 

If this does not work for you try my steps (as of 30June2019):

Within 'IAM & admin' - Allow external logins at the Organization level

 

Within 'IAM & admin' - Add your users to your project as service account users:

Within 'Compute Engine-VM Instances' add the following permissions in your target VM for your external users