From b2685ec1869e863107617c570bff2324fed9bc83 Mon Sep 17 00:00:00 2001 From: alexfornuto Date: Thu, 22 Jul 2021 10:16:16 -0500 Subject: [PATCH] updates to Enterprise section --- docs/enterprise/install/helm.md | 2 +- docs/enterprise/install/readme.md | 7 ++++- docs/enterprise/readme.md | 46 +------------------------------ 3 files changed, 8 insertions(+), 47 deletions(-) diff --git a/docs/enterprise/install/helm.md b/docs/enterprise/install/helm.md index f2526244b..4e5e83462 100644 --- a/docs/enterprise/install/helm.md +++ b/docs/enterprise/install/helm.md @@ -169,4 +169,4 @@ kubectl delete svc pomerium-authenticate -proxy.existingTLSSecret=pomerium-tls. (config after) \ No newline at end of file +proxy.existingTLSSecret=pomerium-tls. (config after) diff --git a/docs/enterprise/install/readme.md b/docs/enterprise/install/readme.md index 5d0fde1d2..31956d6df 100644 --- a/docs/enterprise/install/readme.md +++ b/docs/enterprise/install/readme.md @@ -4,4 +4,9 @@ lang: en-US meta: - name: keywords content: pomerium identity-access-proxy oidc docker reverse-proxy containers install enterprise console ---- \ No newline at end of file +--- + +There are several ways to install Pomerium Enterprise, to suite your organization's needs. [Let us know] if you don't see an installation method compatible with your infrastructure. + +- [Quickstart](./quickstart.md) +- [Kubernetes with Helm](./helm.md) \ No newline at end of file diff --git a/docs/enterprise/readme.md b/docs/enterprise/readme.md index c3350beed..50a169c3a 100644 --- a/docs/enterprise/readme.md +++ b/docs/enterprise/readme.md @@ -1,45 +1 @@ ---- -title: Pomerium Enterprise -lang: en-US -sidebarDepth: 0 -meta: - - name: keywords - content: >- - pomerium overview identity-access-proxy beyondcorp zero-trust - reverse-proxy ztn zero-trust-networks console enterprise scale ---- - -# What is Pomerium - -## Overview? - -Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN. - -Pomerium can be used to: - -- provide a **single-sign-on gateway** to internal applications. -- enforce **dynamic access policy** based on **context**, **identity**, and **device state**. -- aggregate access logs and telemetry data. -- perform delegated user authorization for service-based authorization systems: - - [Istio](/guides/istio.md) - - [Google Cloud](/guides/cloud-run.md) -- provide unified identity attestation for upstream services: - - [Kubernetes](/guides/kubernetes.md) - - [Grafana](/guides/istio.md#pomerium-configuration) - - [Custom applications](/docs/topics/getting-users-identity.md) -- provide a **VPN alternative**. - -## Demo - -To make this a bit more concrete, click the image thumbnail to see a short youtube demo: - -[![demo](https://img.youtube.com/vi/ddmrkvBSO60/0.jpg)](https://www.youtube.com/watch?v=ddmrkvBSO60 "Pomerium demo") - -The above video shows the flow for both an unauthorized and authorized user. - -1. An **unauthorized** user authenticates with their corporate single-sign-on provider. -2. The **unauthorized** user is blocked from a protected resource. -3. The **unauthorized** user signs out from their session. -4. An **authorized** user authenticates with their corporate single-sign-on provider. -5. Pomerium delegates and grants access to the requested resource. -6. The **authorized** user inspects their user details including group membership. + \ No newline at end of file