Cloudflare Docs
Learning Paths
Cloudflare Docs
DNS filtering (Learning Path)
GitHub icon
Edit this page on GitHub
Set theme to dark (⇧+D)
  1. Learning Paths
  2. DNS filtering
  3. Enable DNS filtering for organization
  4. Policy migration

Policy migration

  1 min read

Learn about different ways to migrate policies from a third-party DNS filtering service to Cloudflare Zero Trust.

​​ UI

As discussed in a previous module, you can download existing allowlists and blocklists from the third-party service and upload the CSV files to the Zero Trust dashboard.

​​ API

You can use the Cloudflare API to create a list of IPs or domains:

curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/lists \

--header 'Content-Type: application/json' \

--header 'X-Auth-Email: <EMAIL>' \

--header 'X-Auth-Key: <API_KEY>' \

--data '{
  "description": "Corporate IPs", "items": [{"value": "10.226.0.177/32"},{"value": "10.226.1.177/32"}], "name": "Umbrella-List-One", "type": "IP" }'

​​ Terraform

You can use the Cloudflare Terraform provider to create a list of IPs or domains:

resource "cloudflare_teams_list" "example" {
  account_id  = "f037e56e89293a057740de681ac9abbe"
  name        = "Umbrella-List-One"
  type        = "IP"
  description = "Corporate IPs"
  items       = ["10.226.0.177/32", "10.226.1.177/32"]

}

​​ Descaler program

If you are an Enterprise organization migrating from Zscaler, you can use our Descaler toolkit to export policies from Zscaler Internet Access (ZIA) and import them into Cloudflare Gateway.




Previous Next