Cross network tags
Network tags on instances are a great way to organize firewall rules (among perhaps other things).
Firewall rules are also very relevant when you peer VPC networks (https://cloud.google.com/compute/docs/vpc/vpc-peering), especially since that currently only supports full-mesh peering. However, I couldn't get firewall rules on one network to refer to tags (e.g. for source-tags, and a destination-tags would then make sense as well) from another network, so I had to resort to using IP ranges (more fragile, less readable).
=> Unless there's already a way I missed, would it be possible to add the ability to refer to tags from another network (possible with a <network>: prefix to the tag; or require tags to be unique across peering networks; or assume the union of all instances carrying these tags in all peered networks).
Thanks for your suggestion, I’ve shared this with the networking team. We may not be able to respond individually to questions here, but we’ll take your question as a suggestion, and will update this item if we add functionality along these lines in the future.