Within Google Compute Instances, the functionality for OSLogin controls the ability to use IAM roles for access. This setting is configured using the instance metadata and can be configured at the project or instance level. For more information on using the OSLogin functionality, see the GCP documentation.
References:
https://cloud.google.com/compute/docs/oslogin/set-up-oslogin
OSLogin can either be set at the project or the instance level using metadata. The metadata would use a key enable-oslogin and value TRUE. To set this, determine whether it needs to be at the project or instance level, then follow the instructions in the GCP documentation (below).
In Terraform -
References:
https://cloud.google.com/compute/docs/oslogin/set-up-oslogin
https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-projectwide
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_service