NAME
    gcloud beyondcorp security-gateways applications create - create
        applications

SYNOPSIS
    gcloud beyondcorp security-gateways applications create
        (APPLICATION : --location=LOCATION --security-gateway=SECURITY_GATEWAY)
        [--async] [--display-name=DISPLAY_NAME]
        [--endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]]
        [--request-id=REQUEST_ID] [--schema=SCHEMA]
        [--upstreams=[egressPolicy=EGRESSPOLICY],
          [external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]]
        [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    Create an application

EXAMPLES
    To create the application, run:

        $ gcloud beyondcorp security-gateways applications create

POSITIONAL ARGUMENTS
     Application resource - Identifier. Name of the resource. The arguments in
     this group can be used to specify the attributes of this resource. (NOTE)
     Some attributes are not given arguments in this group but can be set in
     other ways.

     To set the project attribute:
      ◆ provide the argument application on the command line with a fully
        specified name;
      ◆ provide the argument --project on the command line;
      ◆ set the property core/project.

     This must be specified.

       APPLICATION
          ID of the application or fully qualified identifier for the
          application.

          To set the application attribute:
          ▸ provide the argument application on the command line.

          This positional argument must be specified if any of the other
          arguments in this group are specified.

       --location=LOCATION
          The location id of the application resource. We support only global
          location.

          To set the location attribute:
          ▸ provide the argument application on the command line with a fully
            specified name;
          ▸ provide the argument --location on the command line.

       --security-gateway=SECURITY_GATEWAY
          The securityGateway id of the application resource.

          To set the security-gateway attribute:
          ▸ provide the argument application on the command line with a fully
            specified name;
          ▸ provide the argument --security-gateway on the command line.

FLAGS
     --async
        Return immediately, without waiting for the operation in progress to
        complete.

     --display-name=DISPLAY_NAME
        An arbitrary user-provided name for the application resource. Cannot
        exceed 64 characters.

     --endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]
        An array of conditions to match the application's network endpoint.
        Each element in the array is an EndpointMatcher object, which defines a
        specific combination of a hostname pattern and one or more ports. The
        application is considered matched if at least one of the
        EndpointMatcher conditions in this array is met (the conditions are
        combined using OR logic). Each EndpointMatcher must contain a hostname
        pattern, such as "example.com", and one or more port numbers specified
        as a string, such as "443".

        Hostname and port number examples: ".example.com", "443" "example.com"
        and "22" "example.com" and "22,33".

         hostname
            Hostname of the application.

         ports
            The ports of the application.

        Shorthand Example:

            --endpoint-matchers=hostname=string,ports=[int] --endpoint-matchers=hostname=string,ports=[int]

        JSON Example:

            --endpoint-matchers='[{"hostname": "string", "ports": [int]}]'

        File Example:

            --endpoint-matchers=path_to_file.(yaml|json)

     --request-id=REQUEST_ID
        An optional request ID to identify requests. Specify a unique request
        ID so that if you must retry your request, the server will know to
        ignore request if it has already been completed. The server will
        guarantee that for at least 60 minutes since the first request.

     --schema=SCHEMA
        Type of the external application. SCHEMA must be one of:

         api-gateway
            Service Discovery API endpoint when Service Discovery is enabled in
            Gateway.
         proxy-gateway
            Proxy which routes traffic to actual applications, like Netscaler
            Gateway.

     --upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]
        Which upstream resources to forward traffic to.

         egressPolicy
            Routing policy information.

             regions
                List of the regions where the application sends traffic.

         external
            List of the external endpoints to forward traffic to.

             endpoints
                List of the endpoints to forward traffic to.

                 hostname
                    Hostname of the endpoint.

                 port
                    Port of the endpoint.

         network
            Network to forward traffic to.

             name
                Network name is of the format:
                projects/{project}/global/networks/{network}.

         proxyProtocol
            Enables proxy protocol configuration for the upstream.

             allowedClientHeaders
                List of the allowed client header names.

             clientIp
                Client IP configuration. The client IP address is included if
                true.

             contextualHeaders
                Configuration for the contextual headers.

                 deviceInfo
                    The device information configuration.

                     outputType
                        The output type details for the delegated device.

                 groupInfo
                    Group details.

                     outputType
                        The output type of the delegated group information.

                 outputType
                    Default output type for all enabled headers.

                 userInfo
                    User details.

                     outputType
                        The delegated user's information.

             gatewayIdentity
                The security gateway identity configuration.

             metadataHeaders
                Custom resource specific headers along with the values. The
                names should conform to RFC 9110: >Field names can contain
                alphanumeric characters, hyphens, and periods, can contain only
                ASCII-printable characters and tabs, and must start with a
                letter.

                 KEY
                    Sets KEY value.

                 VALUE
                    Sets VALUE value.

        Shorthand Example:

            --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}}

        JSON Example:

            --upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]'

        File Example:

            --upstreams=path_to_file.(yaml|json)

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

API REFERENCE
    This command uses the beyondcorp/v1 API. The full documentation for this
    API can be found at: https://cloud.google.com/

NOTES
    This variant is also available:

        $ gcloud beta beyondcorp security-gateways applications create

