feat(api): api update (#2321)

stainless-app[bot] · stainless-app[bot] · commit 59ce70c8decd · 2025-01-13T18:37:33.000Z
diff --git a/.stats.yml b/.stats.yml
@@ -1,2 +1,2 @@
 configured_endpoints: 1493
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-3d78f855257b55bbb80884f99c3802cae877968d140eed3557fcb2cdd5f937b3.yml
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-56f3021fb085763371fa342d21f231ef420fbfdddf6599c584bc84e609c421fa.yml
diff --git a/src/resources/zero-trust/gateway/rules.ts b/src/resources/zero-trust/gateway/rules.ts
@@ -390,9 +390,9 @@ export interface RuleSetting {
 
   /**
    * Add your own custom resolvers to route queries that match the resolver policy.
-   * Cannot be used when resolve_dns_through_cloudflare is set. DNS queries will
-   * route to the address closest to their origin. Only valid when a rule's action is
-   * set to 'resolve'.
+   * Cannot be used when 'resolve_dns_through_cloudflare' or 'resolve_dns_internally'
+   * are set. DNS queries will route to the address closest to their origin. Only
+   * valid when a rule's action is set to 'resolve'.
    */
   dns_resolvers?: RuleSetting.DNSResolvers;
 
@@ -458,10 +458,19 @@ export interface RuleSetting {
    */
   quarantine?: RuleSetting.Quarantine;
 
+  /**
+   * Configure to forward the query to the internal DNS service, passing the
+   * specified 'view_id' as input. Cannot be set when 'dns_resolvers' are specified
+   * or 'resolve_dns_through_cloudflare' is set. Only valid when a rule's action is
+   * set to 'resolve'.
+   */
+  resolve_dns_internally?: RuleSetting.ResolveDNSInternally;
+
   /**
    * Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS
-   * resolver. Cannot be set when dns_resolvers are specified. Only valid when a
-   * rule's action is set to 'resolve'.
+   * resolver. Cannot be set when 'dns_resolvers' are specified or
+   * 'resolve_dns_internally' is set. Only valid when a rule's action is set to
+   * 'resolve'.
    */
   resolve_dns_through_cloudflare?: boolean;
 
@@ -529,9 +538,9 @@ export namespace RuleSetting {
 
   /**
    * Add your own custom resolvers to route queries that match the resolver policy.
-   * Cannot be used when resolve_dns_through_cloudflare is set. DNS queries will
-   * route to the address closest to their origin. Only valid when a rule's action is
-   * set to 'resolve'.
+   * Cannot be used when 'resolve_dns_through_cloudflare' or 'resolve_dns_internally'
+   * are set. DNS queries will route to the address closest to their origin. Only
+   * valid when a rule's action is set to 'resolve'.
    */
   export interface DNSResolvers {
     ipv4?: Array<RulesAPI.DNSResolverSettingsV4>;
@@ -634,6 +643,26 @@ export namespace RuleSetting {
     >;
   }
 
+  /**
+   * Configure to forward the query to the internal DNS service, passing the
+   * specified 'view_id' as input. Cannot be set when 'dns_resolvers' are specified
+   * or 'resolve_dns_through_cloudflare' is set. Only valid when a rule's action is
+   * set to 'resolve'.
+   */
+  export interface ResolveDNSInternally {
+    /**
+     * The fallback behavior to apply when the internal DNS response code is different
+     * from 'NOERROR' or when the response data only contains CNAME records for 'A' or
+     * 'AAAA' queries.
+     */
+    fallback?: 'none' | 'public_dns';
+
+    /**
+     * The internal DNS view identifier that's passed to the internal DNS service.
+     */
+    view_id?: string;
+  }
+
   /**
    * Configure behavior when an upstream cert is invalid or an SSL error occurs.
    */
@@ -694,9 +723,9 @@ export interface RuleSettingParam {
 
   /**
    * Add your own custom resolvers to route queries that match the resolver policy.
-   * Cannot be used when resolve_dns_through_cloudflare is set. DNS queries will
-   * route to the address closest to their origin. Only valid when a rule's action is
-   * set to 'resolve'.
+   * Cannot be used when 'resolve_dns_through_cloudflare' or 'resolve_dns_internally'
+   * are set. DNS queries will route to the address closest to their origin. Only
+   * valid when a rule's action is set to 'resolve'.
    */
   dns_resolvers?: RuleSettingParam.DNSResolvers;
 
@@ -762,10 +791,19 @@ export interface RuleSettingParam {
    */
   quarantine?: RuleSettingParam.Quarantine;
 
+  /**
+   * Configure to forward the query to the internal DNS service, passing the
+   * specified 'view_id' as input. Cannot be set when 'dns_resolvers' are specified
+   * or 'resolve_dns_through_cloudflare' is set. Only valid when a rule's action is
+   * set to 'resolve'.
+   */
+  resolve_dns_internally?: RuleSettingParam.ResolveDNSInternally;
+
   /**
    * Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS
-   * resolver. Cannot be set when dns_resolvers are specified. Only valid when a
-   * rule's action is set to 'resolve'.
+   * resolver. Cannot be set when 'dns_resolvers' are specified or
+   * 'resolve_dns_internally' is set. Only valid when a rule's action is set to
+   * 'resolve'.
    */
   resolve_dns_through_cloudflare?: boolean;
 
@@ -833,9 +871,9 @@ export namespace RuleSettingParam {
 
   /**
    * Add your own custom resolvers to route queries that match the resolver policy.
-   * Cannot be used when resolve_dns_through_cloudflare is set. DNS queries will
-   * route to the address closest to their origin. Only valid when a rule's action is
-   * set to 'resolve'.
+   * Cannot be used when 'resolve_dns_through_cloudflare' or 'resolve_dns_internally'
+   * are set. DNS queries will route to the address closest to their origin. Only
+   * valid when a rule's action is set to 'resolve'.
    */
   export interface DNSResolvers {
     ipv4?: Array<RulesAPI.DNSResolverSettingsV4Param>;
@@ -938,6 +976,26 @@ export namespace RuleSettingParam {
     >;
   }
 
+  /**
+   * Configure to forward the query to the internal DNS service, passing the
+   * specified 'view_id' as input. Cannot be set when 'dns_resolvers' are specified
+   * or 'resolve_dns_through_cloudflare' is set. Only valid when a rule's action is
+   * set to 'resolve'.
+   */
+  export interface ResolveDNSInternally {
+    /**
+     * The fallback behavior to apply when the internal DNS response code is different
+     * from 'NOERROR' or when the response data only contains CNAME records for 'A' or
+     * 'AAAA' queries.
+     */
+    fallback?: 'none' | 'public_dns';
+
+    /**
+     * The internal DNS view identifier that's passed to the internal DNS service.
+     */
+    view_id?: string;
+  }
+
   /**
    * Configure behavior when an upstream cert is invalid or an SSL error occurs.
    */
diff --git a/tests/api-resources/zero-trust/gateway/rules.test.ts b/tests/api-resources/zero-trust/gateway/rules.test.ts
@@ -75,6 +75,7 @@ describe('resource rules', () => {
         override_ips: ['1.1.1.1', '2.2.2.2'],
         payload_log: { enabled: true },
         quarantine: { file_types: ['exe'] },
+        resolve_dns_internally: { fallback: 'none', view_id: 'view_id' },
         resolve_dns_through_cloudflare: true,
         untrusted_cert: { action: 'pass_through' },
       },
@@ -158,6 +159,7 @@ describe('resource rules', () => {
         override_ips: ['1.1.1.1', '2.2.2.2'],
         payload_log: { enabled: true },
         quarantine: { file_types: ['exe'] },
+        resolve_dns_internally: { fallback: 'none', view_id: 'view_id' },
         resolve_dns_through_cloudflare: true,
         untrusted_cert: { action: 'pass_through' },
       },

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`configured_endpoints: 1493`
`2`		`-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-3d78f855257b55bbb80884f99c3802cae877968d140eed3557fcb2cdd5f937b3.yml`
	`2`	`+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-56f3021fb085763371fa342d21f231ef420fbfdddf6599c584bc84e609c421fa.yml`