[Gateway] DNS common policy API examples (#18903)

Co-authored-by: ranbel <[email protected]>

Author: maxvp

src/content/docs/cloudflare-one/policies/gateway/dns-policies/common-policies.mdx

@@ -8,7 +8,7 @@ head:
     content: Common HTTP policies
 ---
 
-import { Render } from "~/components";
+import { Render, Tabs, TabItem } from "~/components";
 
 The following policies are commonly used to secure HTTP traffic.
 
@@ -36,9 +36,22 @@ Block a section of a site without blocking the entire site. For example, you can
 
 <Render file="gateway/policies/content-categories" />
 
-<Render file="gateway/policies/block-applications" />
+## Block unauthorized applications
 
-<Render file="gateway/policies/policies-optional" />
+<Render file="gateway/policies/block-applications" product="cloudflare-one" />
+
+| Selector    | Operator | Value                     | Action |
+| ----------- | -------- | ------------------------- | ------ |
+| Application | in       | _Artificial Intelligence_ | Block  |
+
+## Check user identity
+
+<Render file="gateway/policies/check-user-identity" />
+
+| Selector         | Operator | Value         | Logic | Action |
+| ---------------- | -------- | ------------- | ----- | ------ |
+| Application      | in       | _Salesforce_  | And   | Block  |
+| User Group Names | in       | _Contractors_ |       |        |
 
 ## Skip inspection for groups of applications
 

src/content/docs/cloudflare-one/policies/gateway/http-policies/common-policies.mdx

@@ -8,15 +8,28 @@ head:
     content: Common network policies
 ---
 
-import { Render } from "~/components";
+import { Render, Tabs, TabItem } from "~/components";
 
 The following policies are commonly used to secure network traffic.
 
 Refer to the [network policies page](/cloudflare-one/policies/gateway/network-policies/) for a comprehensive list of other selectors, operators, and actions.
 
-<Render file="gateway/policies/block-applications" />
+## Block unauthorized applications
 
-<Render file="gateway/policies/policies-optional" />
+<Render file="gateway/policies/block-applications" product="cloudflare-one" />
+
+| Selector    | Operator | Value                     | Action |
+| ----------- | -------- | ------------------------- | ------ |
+| Application | in       | _Artificial Intelligence_ | Block  |
+
+## Check user identity
+
+<Render file="gateway/policies/check-user-identity" />
+
+| Selector         | Operator | Value         | Logic | Action |
+| ---------------- | -------- | ------------- | ----- | ------ |
+| Application      | in       | _Salesforce_  | And   | Block  |
+| User Group Names | in       | _Contractors_ |       |        |
 
 ## Enforce device posture
 

src/content/docs/cloudflare-one/policies/gateway/network-policies/common-policies.mdx

@@ -37,7 +37,7 @@ To create a new DNS policy:
    --header "Content-Type: application/json" \
    --header "Authorization: Bearer <API_TOKEN>" \
    --data '{
-     "name": "Block security risks",
+     "name": "Block security threats",
      "description": "Block all default Cloudflare DNS security categories",
      "precedence": 0,
      "enabled": true,
@@ -46,8 +46,7 @@ To create a new DNS policy:
        "dns"
      ],
      "traffic": "any(dns.security_category[*] in {68 178 80 83 176 175 117 131 134 151 153})",
-     "identity": "",
-     "device_posture": ""
+     "identity": ""
    }'
    ```
 

src/content/partials/cloudflare-one/gateway/get-started/create-dns-policy.mdx

@@ -1,19 +1,11 @@
 ---
 {}
-
 ---
 
-import { GlossaryTooltip } from "~/components"
-
-## Block unauthorized applications
-
-To minimize the risk of <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>, some organizations choose to limit their users' access to certain web-based tools and applications. For example, the following policy blocks AI assistants:
-
-| Selector    | Operator | Value                                           | Action |
-| ----------- | -------- | ----------------------------------------------- | ------ |
-| Application | in       | *Microsoft Copilot*, *ChatGPT*, *Google Gemini* | Block  |
+import { GlossaryTooltip, Tabs, TabItem } from "~/components";
 
 :::note
-
-After seven days, view your [shadow IT analytics](/cloudflare-one/insights/analytics/access/) and block additional applications based on what your users are accessing. 
+After seven days, view your [shadow IT analytics](/cloudflare-one/insights/analytics/access/) and block additional applications based on what your users are accessing.
 :::
+
+To minimize the risk of <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>, some organizations choose to limit their users' access to certain web-based tools and applications. For example, the following policy blocks known AI tools:

src/content/partials/cloudflare-one/gateway/policies/block-applications.mdx

@@ -1,8 +1,7 @@
 ---
 {}
-
 ---
 
 | Selector            | Operator | Value                | Action |
 | ------------------- | -------- | -------------------- | ------ |
-| Security Categories | in       | *All security risks* | Block  |
+| Security Categories | in       | _All security risks_ | Block  |

src/content/partials/cloudflare-one/gateway/policies/block-security-categories.mdx

@@ -0,0 +1,5 @@
+---
+{}
+---
+
+Configure access on a per user or group basis by adding [identity-based conditions](/cloudflare-one/policies/gateway/identity-selectors/) to your policies.