Some or all of the information on this page might not apply to Trusted Cloud by S3NS. See Differences from Google Cloud for more details.

gcloud beta beyondcorp security-gateways applications create

INFORMATION: gcloud beta beyondcorp security-gateways applications create is not available in universe domain universe.
NAME: gcloud beta beyondcorp security-gateways applications create - create applications
SYNOPSIS: gcloud beta beyondcorp security-gateways applications create (APPLICATION : --location=LOCATION --security-gateway=SECURITY_GATEWAY) --endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS] [--async] [--display-name=DISPLAY_NAME] [--request-id=REQUEST_ID] [--schema=SCHEMA] [--upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]] [GCLOUD_WIDE_FLAG …]
DESCRIPTION: (BETA) Create an application
EXAMPLES: To create the application, run:
gcloud beta beyondcorp security-gateways applications create
POSITIONAL ARGUMENTS: Application resource - Identifier. Name of the resource. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.
To set the project attribute:

provide the argument application on the command line with a fully specified name;

provide the argument --project on the command line;

set the property core/project.

This must be specified.

APPLICATION

ID of the application or fully qualified identifier for the application.
To set the application attribute:

provide the argument application on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION

The location id of the application resource. We support only global location.
To set the location attribute:

provide the argument application on the command line with a fully specified name;

provide the argument --location on the command line.

--security-gateway=SECURITY_GATEWAY

The securityGateway id of the application resource.
To set the security-gateway attribute:

provide the argument application on the command line with a fully specified name;

provide the argument --security-gateway on the command line.
REQUIRED FLAGS: --endpoint-matchers=[hostname=HOSTNAME],[ports=PORTS]

Required, Endpoint matchers associated with an application. A combination of hostname and ports as endpoint matchers is used to match the application. Match conditions for OR logic. An array of match conditions to allow for multiple matching criteria. The rule is considered a match if one of the conditions is met. The conditions should be the following combination: (Hostname & Ports)
EXAMPLES: Hostname and Ports - (".example.com", "443"), ("example.com" and "22"), ("example.com" and "22,33") etc.
hostname
Hostname of the application.
ports
Ports of the application.
Shorthand Example:--endpoint-matchers=hostname=string,ports=[int] --endpoint-matchers=hostname=string,ports=[int]
JSON Example:
--endpoint-matchers='[{"hostname": "string", "ports": [int]}]'
File Example:
--endpoint-matchers=path_to_file.(yaml|json)
OPTIONAL FLAGS: --async

Return immediately, without waiting for the operation in progress to complete.

--display-name=DISPLAY_NAME

An arbitrary user-provided name for the application resource. Cannot exceed 64 characters.

--request-id=REQUEST_ID

An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request.

--schema=SCHEMA

Type of the external application. SCHEMA must be one of:

api-gateway

Service Discovery API endpoint when Service Discovery is enabled in Gateway.

proxy-gateway

Proxy which routes traffic to actual applications, like Netscaler Gateway.

--upstreams=[egressPolicy=EGRESSPOLICY],[external=EXTERNAL],[network=NETWORK],[proxyProtocol=PROXYPROTOCOL]

Which upstream resources to forward traffic to.

egressPolicy

Routing policy information.

regions

List of the regions where the application sends traffic.

external

List of the external endpoints to forward traffic to.

endpoints

List of the endpoints to forward traffic to.

hostname

Hostname of the endpoint.

port

Port of the endpoint.

network

Network to forward traffic to.

name

Network name is of the format: projects/{project}/global/networks/{network}.
proxyProtocol
Enables proxy protocol configuration for the upstream.
allowedClientHeaders List of the allowed client header names. clientIp Client IP configuration. The client IP address is included if true. contextualHeaders Configuration for the contextual headers. deviceInfo Device info configuration. outputType The output type of the delegated device info. groupInfo Group info configuration. outputType The output type of the delegated group info. outputType Default output type for all enabled headers. userInfo User info configuration. outputType The output type of the delegated user info. gatewayIdentity Gateway identity configuration. metadataHeaders
Custom resource specific headers along with the values. The names should conform to RFC 9110: > Field names SHOULD constrain themselves to alphanumeric characters, "-", and ".", and SHOULD begin with a letter. Field values SHOULD contain only ASCII printable characters and tab.
KEY
SetsKEYvalue.
VALUE
SetsVALUEvalue.
Shorthand Example: --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} --upstreams=egressPolicy={regions=[string]},external={endpoints=[{hostname=string,port=int}]},network={name=string},proxyProtocol={allowedClientHeaders=[string],clientIp=boolean,contextualHeaders={deviceInfo={outputType=string},groupInfo={outputType=string},outputType=string,userInfo={outputType=string}},gatewayIdentity=string,metadataHeaders={string=string}} JSON Example: --upstreams='[{"egressPolicy": {"regions": ["string"]}, "external": {"endpoints": [{"hostname": "string", "port": int}]}, "network": {"name": "string"}, "proxyProtocol": {"allowedClientHeaders": ["string"], "clientIp": boolean, "contextualHeaders": {"deviceInfo": {"outputType": "string"}, "groupInfo": {"outputType": "string"}, "outputType": "string", "userInfo": {"outputType": "string"}}, "gatewayIdentity": "string", "metadataHeaders": {"string": "string"}}}]' File Example: --upstreams=path_to_file.(yaml|json)
GCLOUD WIDE FLAGS: These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE: This command uses the beyondcorp/v1 API. The full documentation for this API can be found at: https://cloud.google.com/
NOTES: This command is currently in beta and might change without notice.