Putting It All Together

You’ve made it! Congratulations on completing our Guided Tutorials series! Let’s quickly run through what you’ve learned:

• You configured Pomerium and several upstream services to run in Docker
• You built routes to these services so Pomerium can proxy the requests
• You built authorization policies using PPL and attached them to your routes, which secures access to these services
• You configured Pomerium to handle JWTs for identity verification using the JWT assertion header — this adds an additional layer of security at the application level
• You built and secured TCP connections to SSH, Redis, and Postgres backend services
• You self-hosted Pomerium using your own domain, and configured your own identity provider for authentication
• You configured Pomerium to run in a VM instance
• You enabled Autocert, which automatically generates certificates for upstream connections between Pomerium and your services

Now, you have a production-ready Pomerium instance. You have everything you need to be able to secure tools like Grafana, Jenkins, Code-server, and more!

So, what’s next?

Well, there’s a few things you can do:

• Review our Capabilities section to see what other features are available. Here are a few suggestions:
  • Configure Single Sign-out
  • Add client-side mTLS, also known as Downstream mTLS
  • Test out logging in Pomerium with our Audit Logs
  • Explore global and route-level settings on our Reference page
• Check out our Guides to learn how to secure other services behind Pomerium
• Read some of our Blog posts to see what’s happening in the greater Zero Trust community and at Pomerium

You’re bound to have some questions and feedback along the way. Visit our Discuss page to ask questions, see what our users are up to, and let us know what you thought of our Guided Tutorials!