Google Cloud v9.3.0, Oct 7 25

Google Cloud v9.3.0 published on Tuesday, Oct 7, 2025 by Pulumi

gcp.beyondcorp.SecurityGatewayApplication

Google Cloud v9.3.0 published on Tuesday, Oct 7, 2025 by Pulumi

pulumi/pulumi-gcp

Example Usage

Beyondcorp Security Gateway Application Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.beyondcorp.SecurityGateway("default", {
    securityGatewayId: "default-sg",
    displayName: "My Security Gateway resource",
    hubs: [{
        region: "us-central1",
    }],
});
const example = new gcp.beyondcorp.SecurityGatewayApplication("example", {
    securityGatewayId: _default.securityGatewayId,
    applicationId: "google-sga",
    endpointMatchers: [{
        hostname: "google.com",
    }],
});

import pulumi
import pulumi_gcp as gcp

default = gcp.beyondcorp.SecurityGateway("default",
    security_gateway_id="default-sg",
    display_name="My Security Gateway resource",
    hubs=[{
        "region": "us-central1",
    }])
example = gcp.beyondcorp.SecurityGatewayApplication("example",
    security_gateway_id=default.security_gateway_id,
    application_id="google-sga",
    endpoint_matchers=[{
        "hostname": "google.com",
    }])

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/beyondcorp"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_default, err := beyondcorp.NewSecurityGateway(ctx, "default", &beyondcorp.SecurityGatewayArgs{
			SecurityGatewayId: pulumi.String("default-sg"),
			DisplayName:       pulumi.String("My Security Gateway resource"),
			Hubs: beyondcorp.SecurityGatewayHubArray{
				&beyondcorp.SecurityGatewayHubArgs{
					Region: pulumi.String("us-central1"),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = beyondcorp.NewSecurityGatewayApplication(ctx, "example", &beyondcorp.SecurityGatewayApplicationArgs{
			SecurityGatewayId: _default.SecurityGatewayId,
			ApplicationId:     pulumi.String("google-sga"),
			EndpointMatchers: beyondcorp.SecurityGatewayApplicationEndpointMatcherArray{
				&beyondcorp.SecurityGatewayApplicationEndpointMatcherArgs{
					Hostname: pulumi.String("google.com"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var @default = new Gcp.Beyondcorp.SecurityGateway("default", new()
    {
        SecurityGatewayId = "default-sg",
        DisplayName = "My Security Gateway resource",
        Hubs = new[]
        {
            new Gcp.Beyondcorp.Inputs.SecurityGatewayHubArgs
            {
                Region = "us-central1",
            },
        },
    });

    var example = new Gcp.Beyondcorp.SecurityGatewayApplication("example", new()
    {
        SecurityGatewayId = @default.SecurityGatewayId,
        ApplicationId = "google-sga",
        EndpointMatchers = new[]
        {
            new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationEndpointMatcherArgs
            {
                Hostname = "google.com",
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.beyondcorp.SecurityGateway;
import com.pulumi.gcp.beyondcorp.SecurityGatewayArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayHubArgs;
import com.pulumi.gcp.beyondcorp.SecurityGatewayApplication;
import com.pulumi.gcp.beyondcorp.SecurityGatewayApplicationArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayApplicationEndpointMatcherArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var default_ = new SecurityGateway("default", SecurityGatewayArgs.builder()
            .securityGatewayId("default-sg")
            .displayName("My Security Gateway resource")
            .hubs(SecurityGatewayHubArgs.builder()
                .region("us-central1")
                .build())
            .build());

        var example = new SecurityGatewayApplication("example", SecurityGatewayApplicationArgs.builder()
            .securityGatewayId(default_.securityGatewayId())
            .applicationId("google-sga")
            .endpointMatchers(SecurityGatewayApplicationEndpointMatcherArgs.builder()
                .hostname("google.com")
                .build())
            .build());

    }
}

resources:
  default:
    type: gcp:beyondcorp:SecurityGateway
    properties:
      securityGatewayId: default-sg
      displayName: My Security Gateway resource
      hubs:
        - region: us-central1
  example:
    type: gcp:beyondcorp:SecurityGatewayApplication
    properties:
      securityGatewayId: ${default.securityGatewayId}
      applicationId: google-sga
      endpointMatchers:
        - hostname: google.com

Beyondcorp Security Gateway Application Vpc

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const project = gcp.organizations.getProject({});
const _default = new gcp.beyondcorp.SecurityGateway("default", {
    securityGatewayId: "default-sg",
    displayName: "My Security Gateway resource",
    hubs: [{
        region: "us-central1",
    }],
});
const example = new gcp.beyondcorp.SecurityGatewayApplication("example", {
    securityGatewayId: _default.securityGatewayId,
    applicationId: "my-vm-service2",
    endpointMatchers: [{
        hostname: "my-vm-service.com",
    }],
    upstreams: [{
        egressPolicy: {
            regions: ["us-central1"],
        },
        network: {
            name: project.then(project => `projects/${project.projectId}/global/networks/default`),
        },
    }],
});

import pulumi
import pulumi_gcp as gcp

project = gcp.organizations.get_project()
default = gcp.beyondcorp.SecurityGateway("default",
    security_gateway_id="default-sg",
    display_name="My Security Gateway resource",
    hubs=[{
        "region": "us-central1",
    }])
example = gcp.beyondcorp.SecurityGatewayApplication("example",
    security_gateway_id=default.security_gateway_id,
    application_id="my-vm-service2",
    endpoint_matchers=[{
        "hostname": "my-vm-service.com",
    }],
    upstreams=[{
        "egress_policy": {
            "regions": ["us-central1"],
        },
        "network": {
            "name": f"projects/{project.project_id}/global/networks/default",
        },
    }])

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/beyondcorp"
	"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/organizations"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		_default, err := beyondcorp.NewSecurityGateway(ctx, "default", &beyondcorp.SecurityGatewayArgs{
			SecurityGatewayId: pulumi.String("default-sg"),
			DisplayName:       pulumi.String("My Security Gateway resource"),
			Hubs: beyondcorp.SecurityGatewayHubArray{
				&beyondcorp.SecurityGatewayHubArgs{
					Region: pulumi.String("us-central1"),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = beyondcorp.NewSecurityGatewayApplication(ctx, "example", &beyondcorp.SecurityGatewayApplicationArgs{
			SecurityGatewayId: _default.SecurityGatewayId,
			ApplicationId:     pulumi.String("my-vm-service2"),
			EndpointMatchers: beyondcorp.SecurityGatewayApplicationEndpointMatcherArray{
				&beyondcorp.SecurityGatewayApplicationEndpointMatcherArgs{
					Hostname: pulumi.String("my-vm-service.com"),
				},
			},
			Upstreams: beyondcorp.SecurityGatewayApplicationUpstreamArray{
				&beyondcorp.SecurityGatewayApplicationUpstreamArgs{
					EgressPolicy: &beyondcorp.SecurityGatewayApplicationUpstreamEgressPolicyArgs{
						Regions: pulumi.StringArray{
							pulumi.String("us-central1"),
						},
					},
					Network: &beyondcorp.SecurityGatewayApplicationUpstreamNetworkArgs{
						Name: pulumi.Sprintf("projects/%v/global/networks/default", project.ProjectId),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var project = Gcp.Organizations.GetProject.Invoke();

    var @default = new Gcp.Beyondcorp.SecurityGateway("default", new()
    {
        SecurityGatewayId = "default-sg",
        DisplayName = "My Security Gateway resource",
        Hubs = new[]
        {
            new Gcp.Beyondcorp.Inputs.SecurityGatewayHubArgs
            {
                Region = "us-central1",
            },
        },
    });

    var example = new Gcp.Beyondcorp.SecurityGatewayApplication("example", new()
    {
        SecurityGatewayId = @default.SecurityGatewayId,
        ApplicationId = "my-vm-service2",
        EndpointMatchers = new[]
        {
            new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationEndpointMatcherArgs
            {
                Hostname = "my-vm-service.com",
            },
        },
        Upstreams = new[]
        {
            new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationUpstreamArgs
            {
                EgressPolicy = new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationUpstreamEgressPolicyArgs
                {
                    Regions = new[]
                    {
                        "us-central1",
                    },
                },
                Network = new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationUpstreamNetworkArgs
                {
                    Name = $"projects/{project.Apply(getProjectResult => getProjectResult.ProjectId)}/global/networks/default",
                },
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.beyondcorp.SecurityGateway;
import com.pulumi.gcp.beyondcorp.SecurityGatewayArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayHubArgs;
import com.pulumi.gcp.beyondcorp.SecurityGatewayApplication;
import com.pulumi.gcp.beyondcorp.SecurityGatewayApplicationArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayApplicationEndpointMatcherArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayApplicationUpstreamArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayApplicationUpstreamEgressPolicyArgs;
import com.pulumi.gcp.beyondcorp.inputs.SecurityGatewayApplicationUpstreamNetworkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var project = OrganizationsFunctions.getProject(GetProjectArgs.builder()
            .build());

        var default_ = new SecurityGateway("default", SecurityGatewayArgs.builder()
            .securityGatewayId("default-sg")
            .displayName("My Security Gateway resource")
            .hubs(SecurityGatewayHubArgs.builder()
                .region("us-central1")
                .build())
            .build());

        var example = new SecurityGatewayApplication("example", SecurityGatewayApplicationArgs.builder()
            .securityGatewayId(default_.securityGatewayId())
            .applicationId("my-vm-service2")
            .endpointMatchers(SecurityGatewayApplicationEndpointMatcherArgs.builder()
                .hostname("my-vm-service.com")
                .build())
            .upstreams(SecurityGatewayApplicationUpstreamArgs.builder()
                .egressPolicy(SecurityGatewayApplicationUpstreamEgressPolicyArgs.builder()
                    .regions("us-central1")
                    .build())
                .network(SecurityGatewayApplicationUpstreamNetworkArgs.builder()
                    .name(String.format("projects/%s/global/networks/default", project.projectId()))
                    .build())
                .build())
            .build());

    }
}

resources:
  default:
    type: gcp:beyondcorp:SecurityGateway
    properties:
      securityGatewayId: default-sg
      displayName: My Security Gateway resource
      hubs:
        - region: us-central1
  example:
    type: gcp:beyondcorp:SecurityGatewayApplication
    properties:
      securityGatewayId: ${default.securityGatewayId}
      applicationId: my-vm-service2
      endpointMatchers:
        - hostname: my-vm-service.com
      upstreams:
        - egressPolicy:
            regions:
              - us-central1
          network:
            name: projects/${project.projectId}/global/networks/default
variables:
  project:
    fn::invoke:
      function: gcp:organizations:getProject
      arguments: {}

Create SecurityGatewayApplication Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityGatewayApplication(name: string, args: SecurityGatewayApplicationArgs, opts?: CustomResourceOptions);

@overload
def SecurityGatewayApplication(resource_name: str,
                               args: SecurityGatewayApplicationArgs,
                               opts: Optional[ResourceOptions] = None)

@overload
def SecurityGatewayApplication(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               application_id: Optional[str] = None,
                               endpoint_matchers: Optional[Sequence[SecurityGatewayApplicationEndpointMatcherArgs]] = None,
                               security_gateway_id: Optional[str] = None,
                               display_name: Optional[str] = None,
                               project: Optional[str] = None,
                               upstreams: Optional[Sequence[SecurityGatewayApplicationUpstreamArgs]] = None)

func NewSecurityGatewayApplication(ctx *Context, name string, args SecurityGatewayApplicationArgs, opts ...ResourceOption) (*SecurityGatewayApplication, error)

public SecurityGatewayApplication(string name, SecurityGatewayApplicationArgs args, CustomResourceOptions? opts = null)

public SecurityGatewayApplication(String name, SecurityGatewayApplicationArgs args)
public SecurityGatewayApplication(String name, SecurityGatewayApplicationArgs args, CustomResourceOptions options)

type: gcp:beyondcorp:SecurityGatewayApplication
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecurityGatewayApplicationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecurityGatewayApplicationArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecurityGatewayApplicationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecurityGatewayApplicationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecurityGatewayApplicationArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var securityGatewayApplicationResource = new Gcp.Beyondcorp.SecurityGatewayApplication("securityGatewayApplicationResource", new()
{
    ApplicationId = "string",
    EndpointMatchers = new[]
    {
        new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationEndpointMatcherArgs
        {
            Hostname = "string",
            Ports = new[]
            {
                0,
            },
        },
    },
    SecurityGatewayId = "string",
    DisplayName = "string",
    Project = "string",
    Upstreams = new[]
    {
        new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationUpstreamArgs
        {
            EgressPolicy = new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationUpstreamEgressPolicyArgs
            {
                Regions = new[]
                {
                    "string",
                },
            },
            Network = new Gcp.Beyondcorp.Inputs.SecurityGatewayApplicationUpstreamNetworkArgs
            {
                Name = "string",
            },
        },
    },
});

example, err := beyondcorp.NewSecurityGatewayApplication(ctx, "securityGatewayApplicationResource", &beyondcorp.SecurityGatewayApplicationArgs{
	ApplicationId: pulumi.String("string"),
	EndpointMatchers: beyondcorp.SecurityGatewayApplicationEndpointMatcherArray{
		&beyondcorp.SecurityGatewayApplicationEndpointMatcherArgs{
			Hostname: pulumi.String("string"),
			Ports: pulumi.IntArray{
				pulumi.Int(0),
			},
		},
	},
	SecurityGatewayId: pulumi.String("string"),
	DisplayName:       pulumi.String("string"),
	Project:           pulumi.String("string"),
	Upstreams: beyondcorp.SecurityGatewayApplicationUpstreamArray{
		&beyondcorp.SecurityGatewayApplicationUpstreamArgs{
			EgressPolicy: &beyondcorp.SecurityGatewayApplicationUpstreamEgressPolicyArgs{
				Regions: pulumi.StringArray{
					pulumi.String("string"),
				},
			},
			Network: &beyondcorp.SecurityGatewayApplicationUpstreamNetworkArgs{
				Name: pulumi.String("string"),
			},
		},
	},
})

var securityGatewayApplicationResource = new SecurityGatewayApplication("securityGatewayApplicationResource", SecurityGatewayApplicationArgs.builder()
    .applicationId("string")
    .endpointMatchers(SecurityGatewayApplicationEndpointMatcherArgs.builder()
        .hostname("string")
        .ports(0)
        .build())
    .securityGatewayId("string")
    .displayName("string")
    .project("string")
    .upstreams(SecurityGatewayApplicationUpstreamArgs.builder()
        .egressPolicy(SecurityGatewayApplicationUpstreamEgressPolicyArgs.builder()
            .regions("string")
            .build())
        .network(SecurityGatewayApplicationUpstreamNetworkArgs.builder()
            .name("string")
            .build())
        .build())
    .build());

security_gateway_application_resource = gcp.beyondcorp.SecurityGatewayApplication("securityGatewayApplicationResource",
    application_id="string",
    endpoint_matchers=[{
        "hostname": "string",
        "ports": [0],
    }],
    security_gateway_id="string",
    display_name="string",
    project="string",
    upstreams=[{
        "egress_policy": {
            "regions": ["string"],
        },
        "network": {
            "name": "string",
        },
    }])

const securityGatewayApplicationResource = new gcp.beyondcorp.SecurityGatewayApplication("securityGatewayApplicationResource", {
    applicationId: "string",
    endpointMatchers: [{
        hostname: "string",
        ports: [0],
    }],
    securityGatewayId: "string",
    displayName: "string",
    project: "string",
    upstreams: [{
        egressPolicy: {
            regions: ["string"],
        },
        network: {
            name: "string",
        },
    }],
});

type: gcp:beyondcorp:SecurityGatewayApplication
properties:
    applicationId: string
    displayName: string
    endpointMatchers:
        - hostname: string
          ports:
            - 0
    project: string
    securityGatewayId: string
    upstreams:
        - egressPolicy:
            regions:
                - string
          network:
            name: string

SecurityGatewayApplication Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecurityGatewayApplication resource accepts the following input properties:

ApplicationId string

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

EndpointMatchers List<SecurityGatewayApplicationEndpointMatcher>

Required. Endpoint matchers associated with an application. A combination of hostname and ports as endpoint matcher is used to match the application. Match conditions for OR logic. An array of match conditions to allow for multiple matching criteria. The rule is considered a match if one the conditions are met. The conditions can be one of the following combination (Hostname), (Hostname & Ports) EXAMPLES: Hostname - ("*.abc.com"), ("xyz.abc.com") Hostname and Ports - ("abc.com" and "22"), ("abc.com" and "22,33") etc Structure is documented below.

SecurityGatewayId string

ID of the Security Gateway resource this belongs to.

DisplayName string

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Upstreams List<SecurityGatewayApplicationUpstream>

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

ApplicationId string

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

EndpointMatchers []SecurityGatewayApplicationEndpointMatcherArgs

SecurityGatewayId string

ID of the Security Gateway resource this belongs to.

DisplayName string

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Upstreams []SecurityGatewayApplicationUpstreamArgs

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

applicationId String

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

endpointMatchers List<SecurityGatewayApplicationEndpointMatcher>

securityGatewayId String

ID of the Security Gateway resource this belongs to.

displayName String

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

upstreams List<SecurityGatewayApplicationUpstream>

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

applicationId string

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

endpointMatchers SecurityGatewayApplicationEndpointMatcher[]

securityGatewayId string

ID of the Security Gateway resource this belongs to.

displayName string

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

upstreams SecurityGatewayApplicationUpstream[]

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

application_id str

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

endpoint_matchers Sequence[SecurityGatewayApplicationEndpointMatcherArgs]

security_gateway_id str

ID of the Security Gateway resource this belongs to.

display_name str

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

project str

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

upstreams Sequence[SecurityGatewayApplicationUpstreamArgs]

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

applicationId String

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

endpointMatchers List<Property Map>

securityGatewayId String

ID of the Security Gateway resource this belongs to.

displayName String

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

upstreams List<Property Map>

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityGatewayApplication resource produces the following output properties:

CreateTime string: Output only. Timestamp when the resource was created.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Identifier. Name of the resource.
UpdateTime string: Output only. Timestamp when the resource was last modified.

CreateTime string: Output only. Timestamp when the resource was created.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Identifier. Name of the resource.
UpdateTime string: Output only. Timestamp when the resource was last modified.

createTime String: Output only. Timestamp when the resource was created.
id String: The provider-assigned unique ID for this managed resource.
name String: Identifier. Name of the resource.
updateTime String: Output only. Timestamp when the resource was last modified.

createTime string: Output only. Timestamp when the resource was created.
id string: The provider-assigned unique ID for this managed resource.
name string: Identifier. Name of the resource.
updateTime string: Output only. Timestamp when the resource was last modified.

create_time str: Output only. Timestamp when the resource was created.
id str: The provider-assigned unique ID for this managed resource.
name str: Identifier. Name of the resource.
update_time str: Output only. Timestamp when the resource was last modified.

createTime String: Output only. Timestamp when the resource was created.
id String: The provider-assigned unique ID for this managed resource.
name String: Identifier. Name of the resource.
updateTime String: Output only. Timestamp when the resource was last modified.

Look up Existing SecurityGatewayApplication Resource

Get an existing SecurityGatewayApplication resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecurityGatewayApplicationState, opts?: CustomResourceOptions): SecurityGatewayApplication

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        application_id: Optional[str] = None,
        create_time: Optional[str] = None,
        display_name: Optional[str] = None,
        endpoint_matchers: Optional[Sequence[SecurityGatewayApplicationEndpointMatcherArgs]] = None,
        name: Optional[str] = None,
        project: Optional[str] = None,
        security_gateway_id: Optional[str] = None,
        update_time: Optional[str] = None,
        upstreams: Optional[Sequence[SecurityGatewayApplicationUpstreamArgs]] = None) -> SecurityGatewayApplication

func GetSecurityGatewayApplication(ctx *Context, name string, id IDInput, state *SecurityGatewayApplicationState, opts ...ResourceOption) (*SecurityGatewayApplication, error)

public static SecurityGatewayApplication Get(string name, Input<string> id, SecurityGatewayApplicationState? state, CustomResourceOptions? opts = null)

public static SecurityGatewayApplication get(String name, Output<String> id, SecurityGatewayApplicationState state, CustomResourceOptions options)

resources:  _:    type: gcp:beyondcorp:SecurityGatewayApplication    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApplicationId string

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

CreateTime string

Output only. Timestamp when the resource was created.

DisplayName string

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

EndpointMatchers List<SecurityGatewayApplicationEndpointMatcher>

Name string

Identifier. Name of the resource.

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

SecurityGatewayId string

ID of the Security Gateway resource this belongs to.

UpdateTime string

Output only. Timestamp when the resource was last modified.

Upstreams List<SecurityGatewayApplicationUpstream>

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

ApplicationId string

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

CreateTime string

Output only. Timestamp when the resource was created.

DisplayName string

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

EndpointMatchers []SecurityGatewayApplicationEndpointMatcherArgs

Name string

Identifier. Name of the resource.

Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

SecurityGatewayId string

ID of the Security Gateway resource this belongs to.

UpdateTime string

Output only. Timestamp when the resource was last modified.

Upstreams []SecurityGatewayApplicationUpstreamArgs

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

applicationId String

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

createTime String

Output only. Timestamp when the resource was created.

displayName String

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

endpointMatchers List<SecurityGatewayApplicationEndpointMatcher>

name String

Identifier. Name of the resource.

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

securityGatewayId String

ID of the Security Gateway resource this belongs to.

updateTime String

Output only. Timestamp when the resource was last modified.

upstreams List<SecurityGatewayApplicationUpstream>

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

applicationId string

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

createTime string

Output only. Timestamp when the resource was created.

displayName string

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

endpointMatchers SecurityGatewayApplicationEndpointMatcher[]

name string

Identifier. Name of the resource.

project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

securityGatewayId string

ID of the Security Gateway resource this belongs to.

updateTime string

Output only. Timestamp when the resource was last modified.

upstreams SecurityGatewayApplicationUpstream[]

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

application_id str

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

create_time str

Output only. Timestamp when the resource was created.

display_name str

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

endpoint_matchers Sequence[SecurityGatewayApplicationEndpointMatcherArgs]

name str

Identifier. Name of the resource.

project str

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

security_gateway_id str

ID of the Security Gateway resource this belongs to.

update_time str

Output only. Timestamp when the resource was last modified.

upstreams Sequence[SecurityGatewayApplicationUpstreamArgs]

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

applicationId String

User-settable Application resource ID.

Must start with a letter.
Must contain between 4-63 characters from /a-z-/.
Must end with a number or letter.

createTime String

Output only. Timestamp when the resource was created.

displayName String

Optional. An arbitrary user-provided name for the Application resource. Cannot exceed 64 characters.

endpointMatchers List<Property Map>

name String

Identifier. Name of the resource.

project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

securityGatewayId String

ID of the Security Gateway resource this belongs to.

updateTime String

Output only. Timestamp when the resource was last modified.

upstreams List<Property Map>

Optional. List of which upstream resource(s) to forward traffic to. Structure is documented below.

Supporting Types

SecurityGatewayApplicationEndpointMatcher, SecurityGatewayApplicationEndpointMatcherArgs

Hostname string: Required. Hostname of the application.
Ports List<int>: Optional. Ports of the application.

Hostname string: Required. Hostname of the application.
Ports []int: Optional. Ports of the application.

hostname String: Required. Hostname of the application.
ports List<Integer>: Optional. Ports of the application.

hostname string: Required. Hostname of the application.
ports number[]: Optional. Ports of the application.

hostname str: Required. Hostname of the application.
ports Sequence[int]: Optional. Ports of the application.

hostname String: Required. Hostname of the application.
ports List<Number>: Optional. Ports of the application.

SecurityGatewayApplicationUpstream, SecurityGatewayApplicationUpstreamArgs

EgressPolicy SecurityGatewayApplicationUpstreamEgressPolicy: Optional. Routing policy information. Structure is documented below.
Network SecurityGatewayApplicationUpstreamNetwork: Network to forward traffic to. Structure is documented below.

EgressPolicy SecurityGatewayApplicationUpstreamEgressPolicy: Optional. Routing policy information. Structure is documented below.
Network SecurityGatewayApplicationUpstreamNetwork: Network to forward traffic to. Structure is documented below.

egressPolicy SecurityGatewayApplicationUpstreamEgressPolicy: Optional. Routing policy information. Structure is documented below.
network SecurityGatewayApplicationUpstreamNetwork: Network to forward traffic to. Structure is documented below.

egressPolicy SecurityGatewayApplicationUpstreamEgressPolicy: Optional. Routing policy information. Structure is documented below.
network SecurityGatewayApplicationUpstreamNetwork: Network to forward traffic to. Structure is documented below.

egress_policy SecurityGatewayApplicationUpstreamEgressPolicy: Optional. Routing policy information. Structure is documented below.
network SecurityGatewayApplicationUpstreamNetwork: Network to forward traffic to. Structure is documented below.

egressPolicy Property Map: Optional. Routing policy information. Structure is documented below.
network Property Map: Network to forward traffic to. Structure is documented below.

SecurityGatewayApplicationUpstreamEgressPolicy, SecurityGatewayApplicationUpstreamEgressPolicyArgs

Regions List<string>: Required. List of regions where the application sends traffic to.

Regions []string: Required. List of regions where the application sends traffic to.

regions List<String>: Required. List of regions where the application sends traffic to.

regions string[]: Required. List of regions where the application sends traffic to.

regions Sequence[str]: Required. List of regions where the application sends traffic to.

regions List<String>: Required. List of regions where the application sends traffic to.

SecurityGatewayApplicationUpstreamNetwork, SecurityGatewayApplicationUpstreamNetworkArgs

Name string: Required. Network name is of the format: projects/{project}/global/networks/{network}

Name string: Required. Network name is of the format: projects/{project}/global/networks/{network}

name String: Required. Network name is of the format: projects/{project}/global/networks/{network}

name string: Required. Network name is of the format: projects/{project}/global/networks/{network}

name str: Required. Network name is of the format: projects/{project}/global/networks/{network}

name String: Required. Network name is of the format: projects/{project}/global/networks/{network}

Import

SecurityGatewayApplication can be imported using any of these accepted formats:

projects/{{project}}/locations/global/securityGateways/{{security_gateway_id}}/applications/{{application_id}}
{{project}}/{{security_gateway_id}}/{{application_id}}
{{security_gateway_id}}/{{application_id}}

When using the pulumi import command, SecurityGatewayApplication can be imported using one of the formats above. For example:

$ pulumi import gcp:beyondcorp/securityGatewayApplication:SecurityGatewayApplication default projects/{{project}}/locations/global/securityGateways/{{security_gateway_id}}/applications/{{application_id}}

$ pulumi import gcp:beyondcorp/securityGatewayApplication:SecurityGatewayApplication default {{project}}/{{security_gateway_id}}/{{application_id}}

$ pulumi import gcp:beyondcorp/securityGatewayApplication:SecurityGatewayApplication default {{security_gateway_id}}/{{application_id}}

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.

Google Cloud v9.3.0 published on Tuesday, Oct 7, 2025 by Pulumi

pulumi/pulumi-gcp

gcp.beyondcorp.SecurityGatewayApplication

On this page

On this page

Example Usage

Beyondcorp Security Gateway Application Basic

Beyondcorp Security Gateway Application Vpc

Create SecurityGatewayApplication Resource

Constructor syntax

Parameters

Constructor example

SecurityGatewayApplication Resource Properties

Inputs

Outputs

Look up Existing SecurityGatewayApplication Resource

Supporting Types

SecurityGatewayApplicationEndpointMatcher, SecurityGatewayApplicationEndpointMatcherArgs

SecurityGatewayApplicationUpstream, SecurityGatewayApplicationUpstreamArgs

SecurityGatewayApplicationUpstreamEgressPolicy, SecurityGatewayApplicationUpstreamEgressPolicyArgs

SecurityGatewayApplicationUpstreamNetwork, SecurityGatewayApplicationUpstreamNetworkArgs

Import

Package Details

On this page

On this page