From 0125e60f2e326b0d86a7f2e2b8557013ebb7e273 Mon Sep 17 00:00:00 2001 From: zachary painter <60552605+ZPain8464@users.noreply.github.com> Date: Thu, 1 Feb 2024 11:09:59 -0500 Subject: [PATCH 1/8] adds ent admonition to authentication page --- content/docs/capabilities/authentication.mdx | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/docs/capabilities/authentication.mdx b/content/docs/capabilities/authentication.mdx index 395f4a119..286b0f03d 100644 --- a/content/docs/capabilities/authentication.mdx +++ b/content/docs/capabilities/authentication.mdx @@ -54,6 +54,10 @@ By configuring your applications to route requests to Pomerium’s Proxy service ## External data sources (Enterprise) +:::enterprise Pomerium Enterprise + [Enterprise customers](https://www.pomerium.com/enterprise-sales/) can enforce context-aware access with Pomerium’s [external data sources](/docs/integrations) feature (directory sync). +::: + From the Enterprise Console, you can import external data from sources other than your IdP. User identity context such as users, groups, roles, language, time zones, location, and more can be included into your authorization policy so you can make granular access control decisions. From 01a6638fb4b5143078702dd31cec057bf0fdbc7c Mon Sep 17 00:00:00 2001 From: zachary painter <60552605+ZPain8464@users.noreply.github.com> Date: Thu, 1 Feb 2024 11:18:18 -0500 Subject: [PATCH 2/8] adds ent admonition to authorize --- content/docs/capabilities/authorization.mdx | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/content/docs/capabilities/authorization.mdx b/content/docs/capabilities/authorization.mdx index 0329a1e40..13a77ec72 100644 --- a/content/docs/capabilities/authorization.mdx +++ b/content/docs/capabilities/authorization.mdx @@ -34,10 +34,14 @@ You can apply policies in Pomerium to [Namespaces](/docs/capabilities/namespacin ### Namespaces -Administrators can create a namespace, add users, groups, and routes to it, and configure a policy that applies to that specific namespace. +:::enterprise Pomerium Enterprise Namespace support is only available for [Enterprise customers](https://www.pomerium.com/enterprise-sales/). +::: + +Administrators can create a namespace, add users, groups, and routes to it, and configure a policy that applies to that specific namespace. + ### Routes You can build TLS-encrypted routes to upstream applications and configure policy that restricts access based on the policy criteria. From f6085d90a46bd9ca9ed042759967b802bb5a0f73 Mon Sep 17 00:00:00 2001 From: zachary painter <60552605+ZPain8464@users.noreply.github.com> Date: Thu, 1 Feb 2024 11:21:40 -0500 Subject: [PATCH 3/8] adds ent admonition to device identity section --- content/docs/capabilities/authorization.mdx | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/content/docs/capabilities/authorization.mdx b/content/docs/capabilities/authorization.mdx index 13a77ec72..96efb8f54 100644 --- a/content/docs/capabilities/authorization.mdx +++ b/content/docs/capabilities/authorization.mdx @@ -106,7 +106,11 @@ In this example, Pomerium will grant a user access if their email address ends i ### Enterprise Console GUI -The Enterprise Console provides a policy builder GUI so you can build policies and reapply them to multiple routes and namespaces. +:::enterprise Pomerium Enterprise + +The Enterprise Console provides a policy builder GUI so you can build policies and reapply them to multiple routes and namespaces. See our [**Enterprise**](/docs/deploy/enterprise) page to learn more. + +::: Use the **BUILDER** tab to build your policy: @@ -198,6 +202,12 @@ Pomerium Core and Enterprise offer the following options for overriding your aut ## Manage devices +:::enterprise Pomerium Enterprise + +[Device identity](/docs/capabilities/device-identity) is an Enterprise feature. Check out our [Enterpise](/docs/deploy/enterprise) page to learn more. + +::: + The **Manage Devices** feature in the Enterprise Console allows you to enroll and manage user devices for policy-based authorization. ![Enroll devices](./img/authorization/enroll-device.png) @@ -205,5 +215,3 @@ The **Manage Devices** feature in the Enterprise Console allows you to enroll an The **Devices List** displays enrolled devices for each user and the approval status. Administrators can inspect, approve, or delete registered devices from this table. ![List of user devices](./img/authorization/console-devices.png) - -See [Device Identity](docs/capabilities/device-identity) for more information. From 72977ea7aa1dd019d1e6218f08468e5db403cecb Mon Sep 17 00:00:00 2001 From: zachary painter <60552605+ZPain8464@users.noreply.github.com> Date: Thu, 1 Feb 2024 11:30:56 -0500 Subject: [PATCH 4/8] adds ent admonition to integrations page --- content/docs/integrations.mdx | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/content/docs/integrations.mdx b/content/docs/integrations.mdx index b4e82adce..aaff28f05 100644 --- a/content/docs/integrations.mdx +++ b/content/docs/integrations.mdx @@ -4,6 +4,12 @@ sidebar_label: integrations description: Extend your authorization policies with data from external sources. --- +:::enterprise Pomerium Enterprise + +This article describes a use case only available to [Pomerium Enterprise](/docs/deploy/enterprise) customers. + +::: +