diff --git a/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx b/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx
index 1fa4c8d11ada94c..303413a20d8bb40 100644
--- a/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx
+++ b/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx
@@ -2,6 +2,10 @@
 {}
 ---
 
+import { TabItem, Tabs } from "~/components";
+
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Resolver policies**.
 2. Select **Add a policy**.
 3. Create an expression for your desired traffic. For example, you can resolve a hostname for an internal service:
@@ -23,6 +27,48 @@
 
 Custom resolvers are saved to your account for future use. You can add up to 10 IPv4 and 10 IPv6 addresses to a policy.
 
+</TabItem>
+<TabItem label="Terraform (v5)">
+
+1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
+	- `Zero Trust Write`
+
+2. Create a resolver policy using the [`cloudflare_zero_trust_gateway_policy`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_gateway_policy) resource:
+
+	```tf
+	resource "cloudflare_zero_trust_gateway_policy" "resolver_policy" {
+		name        = "Example resolver policy"
+		enabled     = true
+		account_id  = var.cloudflare_account_id
+		description = "TERRAFORM MANAGED resolver policy"
+		action      = "resolve"
+		traffic     = "dns.fqdn in {\"internal.example.com\"}"
+		identity    = "identity.email in {\"jdoe@example.com\"}"
+		precedence  = 1
+		rule_settings = {
+				dns_resolvers = {
+				# You can add up to 10 IPv4 and 10 IPv6 addresses to a policy.
+					ipv4 = [{
+						ip = "192.0.2.24"
+						port = 53
+						route_through_private_network = true
+						vnet_id = cloudflare_zero_trust_tunnel_cloudflared_virtual_network.staging_vnet.id
+					}]
+					ipv6 = [{
+						ip = "2001:DB8::"
+						port = 53
+						route_through_private_network = true
+						vnet_id = cloudflare_zero_trust_tunnel_cloudflared_virtual_network.staging_vnet.id
+					}]
+				}
+		}
+	}
+	```
+
+
+</TabItem>
+</Tabs>
+
 When a user's query matches a resolver policy, Gateway will send the query to your listed resolvers in the following order:
 
 1. Public resolvers
diff --git a/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx b/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx
index 5082be539d8992e..fa01ae1be203f4c 100644
--- a/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx
+++ b/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx
@@ -2,5 +2,30 @@
 {}
 ---
 
+import { TabItem, Tabs } from "~/components";
+
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Network**.
 2. In **Firewall**, turn on **TLS decryption**.
+
+</TabItem>
+<TabItem label="Terraform (v5)">
+
+1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
+	- `Zero Trust Write`
+
+2. Configure the `tls_decrypt` argument in [`cloudflare_zero_trust_gateway_settings`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_gateway_settings):
+
+	```tf
+	resource "cloudflare_zero_trust_gateway_settings" "team_name" {
+		account_id = var.cloudflare_account_id
+		settings = {
+			tls_decrypt = {
+				enabled = true
+			}
+		}
+	}
+	```
+</TabItem>
+</Tabs>
\ No newline at end of file
diff --git a/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx b/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx
index f707ab2794a7445..39904f2f677d63a 100644
--- a/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx
+++ b/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx
@@ -4,10 +4,20 @@
 
 import { Tabs, TabItem } from "~/components";
 
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
 1. Go to **Settings** > **Network**.
 2. In **Firewall**, turn on **Proxy**.
 3. Select **TCP**.
 4. (Recommended) To proxy traffic to internal DNS resolvers, select **UDP**.
 5. (Recommended) To proxy traffic for diagnostic tools such as `ping` and `traceroute`, select **ICMP**. You may also need to [update your system](/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/common-errors/#ping-and-traceroute-commands-do-not-work) to allow ICMP traffic through `cloudflared`.
 
+</TabItem>
+<TabItem label="Terraform (v5)">
+
+Proxy settings are not currently supported by the Terraform v5 provider (as of version 5.3.0). To turn on the Gateway proxy, use the dashboard or API.
+
+</TabItem>
+</Tabs>
+
 Cloudflare will now proxy traffic from enrolled devices, except for the traffic excluded in your [split tunnel settings](/cloudflare-one/connections/connect-networks/private-net/cloudflared/#3-route-private-network-ips-through-warp). For more information on how Gateway forwards traffic, refer to [Gateway proxy](/cloudflare-one/policies/gateway/proxy/).