You say "No security groups equivalent", but you fail to specify what exactly is missing.
AWS security groups seem to me to be a giant mess and GCP firewalling with instance tags and such is a much clearer and easier to use system that can still do everything that AWS security groups can as far as I can tell.
You can specify what can communicate with what VERY strictly based on CIDR masks and network tags.
We’re a place for programmers to stay up-to-date, learn new skills, and share ideas.
We’ll never post without your permission.