create user only for one instance on google cloud engine

Question

I need to create a user for only one instance on gce.

I use centos 6.7 image.

I create on instance my user with adduser command, then I try to connect over ssh using gcloud

gcloud compute ssh my-user@instance-name

with this command google create a project user that is able to connect to all instances.

Is there a way to create a user only for an instance using gcloud?

Answer 1

You can define the gcloud settings from Google Cloud Console -> Permissions -> User Accounts

The new unix accounts will also have to be created on your local machine(s)

To solve your need to partition separate users per instance you could give each instance its own google cloud project ... this would give easier security and privacy isolation we well as deployment devops simplicity especially regarding freedom to add/drop instances post initial app deploy

Answer 2

You can use VM instance custom metadata (Not project metadata) and apply your user's SSH key only to a specific VM instance.

gcloud compute instances add-metadata example-instance \
--metadata-from-file ssh-keys=user-ssh-key.pub 

This can be done via Google Cloud Console as well.