Add block application partials

maxvp · maxvp · commit 6915edff3b50 · 2025-02-10T17:58:58.000-06:00
diff --git a/src/content/docs/cloudflare-one/policies/gateway/dns-policies/common-policies.mdx b/src/content/docs/cloudflare-one/policies/gateway/dns-policies/common-policies.mdx
@@ -72,34 +72,10 @@ The categories included in this policy are not always a security threat, but blo
 
 <Render file="gateway/policies/block-applications" product="cloudflare-one" />
 
-<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
-
-| Selector    | Operator | Value                     | Action |
-| ----------- | -------- | ------------------------- | ------ |
-| Application | in       | _Artificial Intelligence_ | Block  |
-
-</TabItem>
-
-<TabItem label="API">
-
-```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rule \
---header "Content-Type: application/json" \
---header "Authorization: Bearer <API_TOKEN>" \
---data '{
-  "name": "Block unauthorized applications",
-  "description": "Block access to unauthorized AI applications",
-  "enabled": true,
-  "action": "block",
-  "filters": [
-    "dns"
-  ],
-  "traffic": "any(app.type.ids[*] in {25})",
-  "identity": ""
-}'
-```
-
-</TabItem> </Tabs>
+<Render
+	file="gateway/policies/dash-plus-api/dns-block-applications"
+	product="cloudflare-one"
+/>
 
 ## Block banned countries
 
diff --git a/src/content/docs/cloudflare-one/policies/gateway/http-policies/common-policies.mdx b/src/content/docs/cloudflare-one/policies/gateway/http-policies/common-policies.mdx
@@ -101,35 +101,10 @@ Block content categories which go against your organization's acceptable use pol
 
 <Render file="gateway/policies/block-applications" product="cloudflare-one" />
 
-<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
-
-| Selector    | Operator | Value                     | Action |
-| ----------- | -------- | ------------------------- | ------ |
-| Application | in       | _Artificial Intelligence_ | Block  |
-
-</TabItem>
-
-<TabItem label="API">
-
-```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rule \
---header "Content-Type: application/json" \
---header "Authorization: Bearer <API_TOKEN>" \
---data '{
-  "name": "Block unauthorized applications",
-  "description": "Block access to unauthorized AI applications",
-  "enabled": true,
-  "action": "block",
-  "filters": [
-    "http"
-  ],
-  "traffic": "any(app.type.ids[*] in {25})",
-  "identity": "",
-  "device_posture": ""
-}'
-```
-
-</TabItem> </Tabs>
+<Render
+	file="gateway/policies/dash-plus-api/http-block-applications"
+	product="cloudflare-one"
+/>
 
 ## Check user identity
 
diff --git a/src/content/docs/learning-paths/secure-internet-traffic/build-dns-policies/recommended-dns-policies.mdx b/src/content/docs/learning-paths/secure-internet-traffic/build-dns-policies/recommended-dns-policies.mdx
@@ -33,7 +33,7 @@ curl --request POST \
   --header "Authorization: Bearer <API TOKEN>" \
 	--data '{
   "name": "All-DNS-Domain-Allowlist",
-  "description": "Organization-wide whitelist. Explicitly allow resolution of these DNS domains",
+  "description": "Organization-wide allowlist. Explicitly allow resolution of these DNS domains",
   "precedence": 0,
   "enabled": false,
   "action": "allow",
@@ -52,7 +52,7 @@ curl --request POST \
 resource "cloudflare_zero_trust_gateway_policy" "dns_whitelist_policy" {
   account_id  = var.account_id
   name        = "All-DNS-Domain-Allowlist"
-  description = "Organization-wide whitelist. Explicitly allow resolution of these DNS domains"
+  description = "Organization-wide allowlist. Explicitly allow resolution of these DNS domains"
   precedence  = 0
   enabled     = false
   action      = "allow"
@@ -164,6 +164,11 @@ resource "cloudflare_zero_trust_gateway_policy" "dns_restrict_quarantined_users"
 
 <Render file="zero-trust/blocklist-application" />
 
+<Render
+	file="gateway/policies/dash-plus-api/dns-block-applications"
+	product="cloudflare-one"
+/>
+
 </Details>
 
 <Details header="All-DNS-GeoCountryIP-Blocklist">
diff --git a/src/content/docs/learning-paths/secure-internet-traffic/build-http-policies/recommended-http-policies.mdx b/src/content/docs/learning-paths/secure-internet-traffic/build-http-policies/recommended-http-policies.mdx
@@ -76,6 +76,11 @@ Bypass HTTP inspection for a custom list of domains identified as incompatible w
 
 <Render file="zero-trust/blocklist-application" />
 
+<Render
+	file="gateway/policies/dash-plus-api/http-block-applications"
+	product="cloudflare-one"
+/>
+
 </Details>
 
 <Details header="PrivilegedUsers-HTTP-Any-Isolate">
diff --git a/src/content/partials/cloudflare-one/gateway/policies/dash-plus-api/dns-block-applications.mdx b/src/content/partials/cloudflare-one/gateway/policies/dash-plus-api/dns-block-applications.mdx
@@ -0,0 +1,34 @@
+---
+{}
+---
+
+import { Tabs, TabItem } from "~/components";
+
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
+| Selector    | Operator | Value                     | Action |
+| ----------- | -------- | ------------------------- | ------ |
+| Application | in       | _Artificial Intelligence_ | Block  |
+
+</TabItem>
+
+<TabItem label="API">
+
+```bash
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rule \
+--header "Content-Type: application/json" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN>" \
+--data '{
+  "name": "Block unauthorized applications",
+  "description": "Block access to unauthorized AI applications",
+  "enabled": true,
+  "action": "block",
+  "filters": [
+    "dns"
+  ],
+  "traffic": "any(app.type.ids[*] in {25})",
+  "identity": ""
+}'
+```
+
+</TabItem> </Tabs>
diff --git a/src/content/partials/cloudflare-one/gateway/policies/dash-plus-api/http-block-applications.mdx b/src/content/partials/cloudflare-one/gateway/policies/dash-plus-api/http-block-applications.mdx
@@ -0,0 +1,35 @@
+---
+{}
+---
+
+import { Tabs, TabItem } from "~/components";
+
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
+| Selector    | Operator | Value                     | Action |
+| ----------- | -------- | ------------------------- | ------ |
+| Application | in       | _Artificial Intelligence_ | Block  |
+
+</TabItem>
+<TabItem label="API">
+
+```bash
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rule \
+--header "Content-Type: application/json" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+--data '{
+  "name": "Block content categories",
+  "description": "Block access to unauthorized AI applications",
+  "enabled": true,
+  "action": "block",
+  "filters": [
+    "http"
+  ],
+  "traffic": "any(app.type.ids[*] in {25})",
+  "identity": "",
+  "device_posture": ""
+}'
+```
+
+</TabItem>
+</Tabs>
diff --git a/src/content/partials/learning-paths/zero-trust/blocklist-application.mdx b/src/content/partials/learning-paths/zero-trust/blocklist-application.mdx
@@ -1,12 +1,7 @@
 ---
 {}
-
 ---
 
-import { GlossaryTooltip } from "~/components"
-
-Block unauthorized applications to limit your users' access to certain web-based tools and minimize the risk of <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>. For example, the following policy blocks popular AI chatbots.
+import { GlossaryTooltip } from "~/components";
 
-| Selector    | Operator | Value                                           | Action |
-| ----------- | -------- | ----------------------------------------------- | ------ |
-| Application | in       | *Microsoft Copilot*, *ChatGPT*, *Google Gemini* | Block  |
+Block unauthorized applications to limit your users' access to certain web-based tools and minimize the risk of <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>. For example, the following policy blocks known AI tools:
