diff --git a/cmd/policygen/config.go b/cmd/policygen/config.go
index e3d313f..b454eca 100644
--- a/cmd/policygen/config.go
+++ b/cmd/policygen/config.go
@@ -39,7 +39,20 @@ type CIDRS struct {
 	Except []CIDR `yaml:"except,omitempty"`
 }
 
+type Application struct {
+	Name        string            `yaml:"name"`
+	Ports       []string          `yaml:"ports,omitempty"`
+	MatchLabels map[string]string `yaml:"matchLabels"`
+}
+
+type Namespace struct {
+	Namespace    string        `yaml:"namespace"`
+	Capabilities []string      `yaml:"capabilities"`
+	Applications []Application `yaml:"applications"`
+}
+
 // Config represents the top-level YAML structure
 type Config struct {
-	Networks []CIDRS `yaml:"networks"`
+	Networks   []CIDRS     `yaml:"networks"`
+	Namespaces []Namespace `yaml:"namespaces"`
 }
diff --git a/example/config.yaml b/example/config.yaml
index a5e6cf9..cc51c18 100644
--- a/example/config.yaml
+++ b/example/config.yaml
@@ -10,3 +10,22 @@ networks:
       - 192.168.0.0/16
 
 
+namespaces:
+  - namespace: wamblee-org
+    capabilities:
+      - linkerd
+    applications:
+      - name: nexus-server
+        # ports when specified at the application level are used when
+        # not explicitly mentioned when a link is made
+        ports:
+          - 8081
+          - 8082
+        matchLabels:
+          app: nexus-server
+
+  - namespace: exposure
+    applications:
+      - name: httpd-wamblee-org
+        matchLabels:
+          app: wamblee-org