NAME gcloud beta beyondcorp security-gateways applications create - create applications SYNOPSIS gcloud beta beyondcorp security-gateways applications create (APPLICATION : --location=LOCATION --security-gateway=SECURITY_GATEWAY) [--async] [--display-name=DISPLAY_NAME] [--endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]] [--request-id=REQUEST_ID] [--schema=SCHEMA] [--upstreams=[egressPolicy=EGRESSPOLICY], [external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]] [GCLOUD_WIDE_FLAG ...] DESCRIPTION (BETA) Create an application EXAMPLES To create the application, run: $ gcloud beta beyondcorp security-gateways applications create POSITIONAL ARGUMENTS Application resource - Identifier. Name of the resource. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute: ◆ provide the argument application on the command line with a fully specified name; ◆ provide the argument --project on the command line; ◆ set the property core/project. This must be specified. APPLICATION ID of the application or fully qualified identifier for the application. To set the application attribute: ▸ provide the argument application on the command line. This positional argument must be specified if any of the other arguments in this group are specified. --location=LOCATION The location id of the application resource. We support only global location. To set the location attribute: ▸ provide the argument application on the command line with a fully specified name; ▸ provide the argument --location on the command line. --security-gateway=SECURITY_GATEWAY The securityGateway id of the application resource. To set the security-gateway attribute: ▸ provide the argument application on the command line with a fully specified name; ▸ provide the argument --security-gateway on the command line. FLAGS --async Return immediately, without waiting for the operation in progress to complete. --display-name=DISPLAY_NAME An arbitrary user-provided name for the application resource. Cannot exceed 64 characters. --endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS] An array of conditions to match the application's network endpoint. Each element in the array is an EndpointMatcher object, which defines a specific combination of a hostname pattern and one or more ports. The application is considered matched if at least one of the EndpointMatcher conditions in this array is met (the conditions are combined using OR logic). Each EndpointMatcher must contain a hostname pattern, such as "example.com", and one or more port numbers specified as a string, such as "443". Hostname and port number examples: ".example.com", "443" "example.com" and "22" "example.com" and "22,33". hostname Hostname of the application. ports The ports of the application. Shorthand Example: --endpoint-matchers=hostname=string,ports=[int] --endpoint-matchers=hostname=string,ports=[int] JSON Example: --endpoint-matchers='[{"hostname": "string", "ports": [int]}]' File Example: --endpoint-matchers=path_to_file.(yaml|json) --request-id=REQUEST_ID An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. --schema=SCHEMA Type of the external application. SCHEMA must be one of: api-gateway Service Discovery API endpoint when Service Discovery is enabled in Gateway. proxy-gateway Proxy which routes traffic to actual applications, like Netscaler Gateway. --upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL] Which upstream resources to forward traffic to. egressPolicy Routing policy information. regions List of the regions where the application sends traffic. external List of the external endpoints to forward traffic to. endpoints List of the endpoints to forward traffic to. hostname Hostname of the endpoint. port Port of the endpoint. network Network to forward traffic to. name Network name is of the format: projects/{project}/global/networks/{network}. proxyProtocol Enables proxy protocol configuration for the upstream. allowedClientHeaders List of the allowed client header names. clientIp Client IP configuration. The client IP address is included if true. contextualHeaders Configuration for the contextual headers. deviceInfo The device information configuration. outputType The output type details for the delegated device. groupInfo Group details. outputType The output type of the delegated group information. outputType Default output type for all enabled headers. userInfo User details. outputType The delegated user's information. gatewayIdentity The security gateway identity configuration. metadataHeaders Custom resource specific headers along with the values. The names should conform to RFC 9110: >Field names can contain alphanumeric characters, hyphens, and periods, can contain only ASCII-printable characters and tabs, and must start with a letter. KEY Sets KEY value. VALUE Sets VALUE value. Shorthand Example: --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} JSON Example: --upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]' File Example: --upstreams=path_to_file.(yaml|json) GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details. API REFERENCE This command uses the beyondcorp/v1 API. The full documentation for this API can be found at: https://cloud.google.com/ NOTES This command is currently in beta and might change without notice. This variant is also available: $ gcloud beyondcorp security-gateways applications create