Fix formatting

cloudflare · Dec 30, 2024 · 95be41f · 95be41f
1 parent 7f40cc7
commit 95be41f
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 37 deletions.
diff --git a/.../docs/learning-paths/secure-internet-traffic/build-dns-policies/create-list.mdx b/.../docs/learning-paths/secure-internet-traffic/build-dns-policies/create-list.mdx
@@ -3,10 +3,9 @@ title: Create an allowlist or blocklist
 pcx_content_type: learning-unit
 sidebar:
   order: 2
-
 ---
 
-import { Tabs, TabItem } from "~/components"
+import { Tabs, TabItem } from "~/components";
 
 In the context of DNS filtering, a blocklist is a list of known harmful domains or IP addresses. An allowlist is a list of allowed domains or IP addresses, such as the domains of essential corporate applications.
 
@@ -15,35 +14,42 @@ Gateway supports creating [lists](/cloudflare-one/policies/gateway/lists/) of UR
 ## Example list policy
 
 <Tabs syncKey="dashPlusAPI">
+
 <TabItem label="Dashboard">
+
 The following DNS policy will allow access to all approved corporate domains included in a list called **Corporate Domains**.
 
 | Selector | Operator | Value               | Action |
 | -------- | -------- | ------------------- | ------ |
-| Domain   | in list  | *Corporate Domains* | Allow  |
+| Domain   | in list  | _Corporate Domains_ | Allow  |
+
 </TabItem>
+
 <TabItem label="API">
-	```sh
-curl --request POST \
-  --URL https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+
+```sh
+curl  https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
   --header 'Content-Type: application/JSON' \
-  --header "Authorization: Bearer <API TOKEN>" \
+  --header "Authorization: Bearer <API_TOKEN>" \
 	--data '{
   "name": "All-DNS-CorporateDomain-AllowList",
   "description": "Allow access to the corporate domains defined under the Corporate Domains list",
   "precedence": 1,
-  "enabled": false,
+  "enabled": true,
   "action": "allow",
   "filters": [
     "dns"
   ],
-  "traffic": "any(dns.domains[*] in $<Corporate Domains List UUID>)"
+  "traffic": "any(dns.domains[*] in $<CORPORATE_DOMAINS_LIST_UUID>)"
 }'
+```
 
-	```
 </TabItem>
+
 <TabItem label="Terraform">
+
 To create a new DNS policy using **Terraform** to allow access to all approved corporate domains included in a list called **Corporate Domains**.
+
 ```tf
 resource "cloudflare_zero_trust_gateway_policy" "allow_corporate_domain_access" {
   account_id  = var.account_id
@@ -56,5 +62,7 @@ resource "cloudflare_zero_trust_gateway_policy" "allow_corporate_domain_access"
   traffic     = "any(dns.domains[*] in $<Corporate Domains List UUID>)"
 }
 ```
+
 </TabItem>
-</Tabs>
+
+</Tabs>
diff --git a/...ocs/learning-paths/secure-internet-traffic/build-dns-policies/create-policy.mdx b/...ocs/learning-paths/secure-internet-traffic/build-dns-policies/create-policy.mdx
@@ -5,7 +5,7 @@ sidebar:
   order: 1
 ---
 
-import { Tabs, TabItem, Render } from "~/components"
+import { Render, Tabs, TabItem } from "~/components";
 
 DNS policies determine how Gateway should handle a DNS request. When a user sends a DNS request, Gateway matches the request against your filters and either allows the query to resolve, blocks the query, or responds to the query with a different IP.
 
@@ -14,7 +14,9 @@ You can filter DNS traffic based on query or response parameters (such as domain
 To create a new DNS policy:
 
 <Tabs syncKey="dashPlusAPI">
+
 <TabItem label="Dashboard">
+
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**.
 2. In the **DNS** tab, select **Add a policy**.
 3. Name the policy.
@@ -27,48 +29,57 @@ To create a new DNS policy:
 6. Select **Create policy**.
 
 For more information, refer to [DNS policies](/cloudflare-one/policies/gateway/dns-policies/).
+
 </TabItem>
+
 <TabItem label="API">
-To create a new DNS policy using **cURL**:
-	```sh
-	curl --request POST \
-	  --url https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
-	  --header 'Content-Type: application/JSON' \
-	  --header "Authorization: Bearer <API_TOKEN>" \
-		--data '{
+
+To create a new DNS policy using cURL:
+
+```sh
+curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+  --header 'Content-Type: application/JSON' \
+  --header "Authorization: Bearer <API_TOKEN>" \
+	--data '{
 		"name": "All-DNS-SecurityCategories-Blocklist",
-			"description": "Block known security risks based on Cloudflare's threat intelligence",
-			"precedence": 0,
-			"enabled": false,
-			"action": "block",
-			"filters": [
-				"dns"
-			],
-			"traffic": "any(dns.security_category[*] in {68 178 80 83 176 175 117 131 134 151 153})",
-			"rule_settings": {
-				"block_page_enabled": true,
-				"block_reason": "This domain was blocked due to being classified as a security risk to the organisation"
-				}
-  	}'
-	```
+		"description": "Block known security risks based on Cloudflare's threat intelligence",
+		"precedence": 0,
+		"enabled": true,
+		"action": "block",
+		"filters": [
+			"dns"
+		],
+		"traffic": "any(dns.security_category[*] in {68 178 80 83 176 175 117 131 134 151 153})",
+		"rule_settings": {
+			"block_page_enabled": true,
+			"block_reason": "This domain was blocked due to being classified as a security risk to your organization"
+		}
+	}'
+```
+
 </TabItem>
+
 <TabItem label="Terraform">
+
 To create a new DNS policy using **Terraform**:
+
 ```tf
 resource "cloudflare_zero_trust_gateway_policy" "security_risks_dns_policy" {
   account_id  = var.account_id
   name        = "All-DNS-SecurityCategories-Blocklist"
   description = "Block known security risks based on Cloudflare's threat intelligence"
   precedence  = 0
-  enabled     = false
+  enabled     = true
   action      = "block"
   filters     = ["dns"]
   traffic     = "any(dns.security_category[*] in {68 178 80 83 176 175 117 131 134 151 153})"
   rule_settings {
       block_page_enabled = true
-      block_page_reason = "This domain was blocked due to being classified as a security risk to the organisation"
+      block_page_reason = "This domain was blocked due to being classified as a security risk to your organization"
     }
 }
 ```
+
 </TabItem>
+
 </Tabs>
diff --git a/src/content/partials/cloudflare-one/gateway/lists.mdx b/src/content/partials/cloudflare-one/gateway/lists.mdx
@@ -38,9 +38,8 @@ You can now use this list in the policy builder by choosing the _in list_ operat
 
 ```bash
 curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/lists \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
 --header "Content-Type: application/json" \
+--header "Authorization: Bearer <API_TOKEN>" \
 --data '{
   "description": "Private application IPs",
   "items": [{"value": "10.226.0.177/32"},{"value": "10.226.1.177/32"}],