Fix device posture partial

Author: maxvp

src/content/docs/cloudflare-one/policies/gateway/network-policies/common-policies.mdx

@@ -87,35 +87,10 @@ curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rule \
 
 Require devices to have certain software installed or other configuration attributes. For instructions on enabling a device posture check, refer to the [device posture section](/cloudflare-one/identity/devices/). For example, you can use a list of [device serial numbers](/cloudflare-one/identity/devices/warp-client-checks/corp-device/) to ensure users can only access an application if they connect with the WARP client from a company device:
 
-<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
-
-<Render file="gateway/policies/enforce-device-posture" />
-
-</TabItem>
-
-<TabItem label="API">
-
-```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rule \
---header "Content-Type: application/json" \
---header "Authorization: Bearer <API_TOKEN>" \
---data '{
-  "name": "Enforce device posture",
-  "description": "Limit access to an internal application to approved organization devices",
-  "enabled": true,
-  "action": "block",
-  "filters": [
-    "l4"
-  ],
-  "traffic": "any(net.sni.domains[*] == \"example.com\")",
-  "identity": "",
-  "device_posture": "not(any(device_posture.checks.passed[*] in {\"<POSTURE_CHECK_UUID>\"}))"
-}'
-```
-
-To get the UUIDs of your device posture checks, use the [List device posture rules](/api/resources/zero_trust/subresources/devices/subresources/posture/methods/list/) endpoint.
-
-</TabItem> </Tabs>
+<Render
+	file="gateway/policies/dash-plus-api/network-enforce-device-posture"
+	product="cloudflare-one"
+/>
 
 ## Enforce session duration
 

src/content/partials/cloudflare-one/gateway/policies/block-applications.mdx

@@ -2,7 +2,7 @@
 {}
 ---
 
-import { GlossaryTooltip, Tabs, TabItem } from "~/components";
+import { GlossaryTooltip } from "~/components";
 
 :::note
 After seven days, view your [shadow IT analytics](/cloudflare-one/insights/analytics/shadow-it-discovery/) and block additional applications based on what your users are accessing.

src/content/partials/cloudflare-one/gateway/policies/dash-plus-api/network-enforce-device-posture.mdx

@@ -0,0 +1,66 @@
+---
+{}
+---
+
+import { Tabs, TabItem, Render } from "~/components";
+
+In the following example, you can use a list of [device serial numbers](/cloudflare-one/identity/devices/warp-client-checks/corp-device/) to ensure users can only access an application if they connect with the WARP client from a company device:
+
+<Tabs syncKey="dashPlusAPI">
+<TabItem label="Dashboard">
+
+<Render
+	file="gateway/policies/enforce-device-posture"
+	product="cloudflare-one"
+/>
+
+</TabItem>
+<TabItem label="API">
+
+```sh
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+  --header "Content-Type: application/json" \
+  --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+	--data '{
+	"name": "All-NET-ApplicationAccess-Allow",
+  "description": "Ensure access to the application comes from authorized WARP clients",
+  "precedence": 5000,
+  "enabled": false,
+  "action": "block",
+  "filters": [
+    "l4"
+  ],
+  "traffic": "any(net.sni.domains[*] == \"internalapp.com\")",
+	"device_posture": "not(any(device_posture.checks.passed[*] in {\"<Device Serial Numbers List UUID>\"}))",
+  "rule_settings": {
+    "block_page_enabled": true,
+    "block_reason": "This domain/IP was explicitly blocked by your network administrator. Please reach out to your helpdesk for assistance"
+    }
+	}'
+```
+
+To get the UUIDs of your device posture checks, use the [List device posture rules](/api/resources/zero_trust/subresources/devices/subresources/posture/methods/list/) endpoint.
+
+</TabItem>
+<TabItem label="Terraform">
+
+```tf
+resource "cloudflare_zero_trust_gateway_policy" "dns_resolvedip_blocklist_rule" {
+  account_id  = var.account_id
+  name        = "All-NET-ApplicationAccess-Allow"
+  description = "Ensure access to the application comes from authorized WARP clients"
+  precedence  = 5000
+  enabled     = false
+  action      = "block"
+  filters     = ["l4"]
+  traffic     = "any(net.sni.domains[*] == \"internalapp.com\")"
+	posture			=	"not(any(device_posture.checks.passed[*] in {\"${"$"}${cloudflare_zero_trust_list.allowed_devices_sn_list.id}\"}))"
+  rule_settings {
+      block_page_enabled = true
+      block_page_reason = "This domain/IP was explicitly blocked by your network administrator. Please reach out to your helpdesk for assistance"
+    }
+}
+```
+
+</TabItem>
+</Tabs>

src/content/partials/cloudflare-one/gateway/policies/enforce-device-posture.mdx

@@ -2,64 +2,7 @@
 {}
 ---
 
-import { Tabs, TabItem } from "~/components";
-
-In the following example, you can use a list of [device serial numbers](/cloudflare-one/identity/devices/warp-client-checks/corp-device/) to ensure users can only access an application if they connect with the WARP client from a company device:
-
-<Tabs syncKey="dashPlusAPI">
-<TabItem label="Dashboard">
-
 | Selector                     | Operator | Value                   | Logic | Action |
 | ---------------------------- | -------- | ----------------------- | ----- | ------ |
 | Passed Device Posture Checks | not in   | _Device serial numbers_ | And   | Block  |
 | SNI Domain                   | is       | `internalapp.com`       |       |        |
-
-</TabItem>
-<TabItem label="API">
-
-```sh
-curl --request POST \
-  --url https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
-  --header 'Content-Type: application/json' \
-  --header "Authorization: Bearer <API TOKEN>" \
-	--data '{
-	"name": "All-NET-ApplicationAccess-Allow",
-  "description": "Ensure access to the application comes from authorized WARP clients",
-  "precedence": 5000,
-  "enabled": false,
-  "action": "block",
-  "filters": [
-    "l4"
-  ],
-  "traffic": "any(net.sni.domains[*] == \"internalapp.com\")",
-	"device_posture": "not(any(device_posture.checks.passed[*] in {\"<Device Serial Numbers List UUID>\"}))",
-  "rule_settings": {
-    "block_page_enabled": true,
-    "block_reason": "This domain/IP was explicitly blocked by your network administrator. Please reach out to your helpdesk for assistance"
-    }
-	}'
-```
-
-</TabItem>
-<TabItem label="Terraform">
-
-```tf
-resource "cloudflare_zero_trust_gateway_policy" "dns_resolvedip_blocklist_rule" {
-  account_id  = var.account_id
-  name        = "All-NET-ApplicationAccess-Allow"
-  description = "Ensure access to the application comes from authorized WARP clients"
-  precedence  = 5000
-  enabled     = false
-  action      = "block"
-  filters     = ["l4"]
-  traffic     = "any(net.sni.domains[*] == \"internalapp.com\")"
-	posture			=	"not(any(device_posture.checks.passed[*] in {\"${"$"}${cloudflare_zero_trust_list.allowed_devices_sn_list.id}\"}))"
-  rule_settings {
-      block_page_enabled = true
-      block_page_reason = "This domain/IP was explicitly blocked by your network administrator. Please reach out to your helpdesk for assistance"
-    }
-}
-```
-
-</TabItem>
-</Tabs>