# This file contains only policy and route configuration details. Other
# configuration settings required by pomerium are excluded for clarity.
# See: https://www.pomerium.io/docs/reference/reference/
#
# For a complete self contained configuration see : config.example.yaml.
# Or, mix and match a policy file (this) with env vars : config.example.env

# Proxied routes and per-route policies are defined in a policy block
# NOTA BENE: You must uncomment the bellow 'policy' key if you are loading policy as a file.
# policy:
- from: https://httpbin.corp.beyondperimeter.com
  to: http://localhost:8000
  allowed_domains:
    - pomerium.io
  cors_allow_preflight: true
  timeout: 30s
- from: https://external-httpbin.corp.beyondperimeter.com
  to: https://httpbin.org
  allowed_domains:
    - gmail.com
- from: https://weirdlyssl.corp.beyondperimeter.com
  to: http://neverssl.com
  allowed_users:
    - bdd@pomerium.io
  allowed_groups:
    - admins
    - developers
- from: https://hello.corp.beyondperimeter.com
  to: http://localhost:8080
  allowed_groups:
    - admins@pomerium.io