On the Google Cloud side, Identity-Aware Proxy does something similar: Your SSH connection is authenticated with your Google Cloud CLI credential (an OAuth 2.0 credential), and is tunneled through IAP, so you don't need a firewall opening, or even a public IP address.

On the surface this seems like a terrific idea for the reasons listed in the article, but my experience has been that SSM is not as nearly reliable as SSH.

A full disk is enough to prevent SSM access, whereas SSH will still let you in.