mirror of https://github.com/pomerium/pomerium.git synced 2025-09-22 21:09:44 +02:00

History

bobby c23c8b34b3 docs: replace httpbin with verify (#1702 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>		2020-12-22 09:53:08 -08:00
..
config.yaml	docs: Cloud Run / GCP Serverless (#1101 )	2020-07-20 14:00:52 -04:00
deploy.sh	ci: publish cloudrun latest tag (#1398 )	2020-09-11 17:05:18 -04:00
policy.template.yaml	docs: replace httpbin with verify (#1702 )	2020-12-22 09:53:08 -08:00
README.md	docs: replace httpbin with verify (#1702 )	2020-12-22 09:53:08 -08:00
zonefile.txt	docs: Cloud Run / GCP Serverless (#1101 )	2020-07-20 14:00:52 -04:00

README.md

Pomerium on Cloud Run

Run this demo with gcloud command line configured for your project. The commands assume all resources (Cloud Run, Cloud DNS, and Secret Manager) are in a single project.

We recommend a dedicated project that is easy to clean up.

Note

When deployed to Cloud Run, your protected application must authenticate requests from Pomerium by either inspecting the X-Pomerium-Jwt-Assertion, or GCP Serverless Authorization header.

This demo includes a Cloud Run target configured to only accept requests from the Pomerium deployment.

Includes

Authentication and Authorization managed by pomerium
Custom Cloud Run domains
Cloud Run target
HTTPBin target

How

Update config.yaml for your e-mail address, if not using gmail/google.
Replace secrets in config.yaml.
Replace cloudrun.pomerium.io with your own domain.
Update your DNS
Deploy config.yaml to Secret Manager
Deploy the demo hello world app
Deploy pomerium with policy
Navigate to https://verify.cloudrun.pomerium.io
Navigate to https://hello-direct.cloudrun.pomerium.io
Navigate to https://hello.cloudrun.pomerium.io