services / Google Cloud / Compute Engine packet mirroring

Packet mirroring allows duplication and forwarding of packets on a virtual private cloud.

Packet mirroring allows inspection of network traffic, allowing access to unencrypted network data.


Can be used to modify which network components are mirrored and how they are filtered, leading to either increased network collection or defeated security monitoring.



This privilege may grant access to confidential data, or its exploit can incur operational cost.


  • https:​/​/​cloud.​google.​com/​vpc/​docs/​packet-​mirroring
  • https:​/​/​cloud.​google.​com/​sdk/​gcloud/​reference/​compute/​packet-​mirrorings
  • https:​/​/​cloud.​google.​com/​compute/​docs/​reference/​rest/​v1/​packetMirrorings
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog