Can I define a custom network in Google Cloud Platform in such a way so that I can get the equivalent behavior of Port Mirroring in my VPC as one would configure on a hardware switch?
The goal is to sniff all traffic in the VPC for the purpose of network debugging, or deploying an Network Intrusion Detection System.
I'm not looking to deploy a bastion host, or use NetFlow.
No, not a mirrored port.
For visibility, you can bring your own security appliance VMs such as firewalls or virtual switches. Or consume their flow logs. Security vendors with a public cloud story probably do one of these.
Edit: I know you said GCP, but compare to what Azure very recently announced, Virtual Network TAP. You could try this, then ask GCP if they plan to offer something equivilant.
