{ "organization": { "name": "Your Organization", "auth_domain": "sankofa.nexus" }, "enrollment": { "enabled": true, "mode": "automatic", "require_mfa": true, "device_posture_checks": [ "managed_device", "os_version", "disk_encryption" ] }, "policies": [ { "name": "Default WARP Policy", "description": "Default policy for all WARP devices", "rules": [ { "action": "allow", "match": "any", "identity": { "groups": [ { "name": "employees" } ] } } ] }, { "name": "Admin WARP Policy", "description": "Enhanced access for administrators", "rules": [ { "action": "allow", "match": "any", "identity": { "groups": [ { "name": "admins" }, { "name": "platform-engineers" } ] }, "require": [ { "mfa": {} } ] } ] } ], "device_posture": { "checks": [ { "name": "managed_device", "type": "os_version", "enabled": true, "rules": [ { "os": "windows", "min_version": "10.0.19041" }, { "os": "macos", "min_version": "11.0" }, { "os": "linux", "min_version": "5.4" } ] }, { "name": "disk_encryption", "type": "disk_encryption", "enabled": true, "require": true }, { "name": "firewall_enabled", "type": "firewall", "enabled": true, "require": true } ] }, "settings": { "gateway_proxy": { "enabled": true, "tcp_port": 4000, "udp_port": 4001 }, "split_tunnels": { "enabled": true, "exclude": [ "*.sankofa.nexus", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" ] }, "dns": { "servers": [ "1.1.1.1", "1.0.0.1" ], "split_dns": [ { "domains": [ "sankofa.nexus", "*.sankofa.nexus" ], "servers": [ "10.0.0.53" ] } ] } } }