From 2ff268cc6cb8bdc0b24a3e426ff33e930f71c98b Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 20 Feb 2025 18:32:52 +0000 Subject: [PATCH 1/3] Separate value from setup info in intro paragraph --- src/content/docs/aegis/index.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/content/docs/aegis/index.mdx b/src/content/docs/aegis/index.mdx index 38b955d7f2e2b88..f49d96627c89d0e 100644 --- a/src/content/docs/aegis/index.mdx +++ b/src/content/docs/aegis/index.mdx @@ -17,7 +17,9 @@ Leverage dedicated IPs to improve your origin security and implement Zero Trust. -Cloudflare Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 [WAF](/waf/) and CDN services, as well as [Spectrum](/spectrum/). The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses. Both [BYOIP](/byoip) and Cloudflare-leased IPs are supported by Cloudflare Aegis. +Cloudflare Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 [WAF](/waf/) and CDN services, as well as [Spectrum](/spectrum/). The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses. + +Both [BYOIP](/byoip) and Cloudflare-leased IPs are supported by Cloudflare Aegis. Refer to [Setup](TBD) for details. *** From 95197eaa0c7b5f5b03ee7089f84e0563b02025bf Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 20 Feb 2025 19:15:16 +0000 Subject: [PATCH 2/3] Add dedicated page for setup with requirements and API example --- .../aegis/configuration-options/index.mdx | 2 +- src/content/docs/aegis/index.mdx | 2 +- src/content/docs/aegis/setup.mdx | 32 +++++++++++++++++++ 3 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 src/content/docs/aegis/setup.mdx diff --git a/src/content/docs/aegis/configuration-options/index.mdx b/src/content/docs/aegis/configuration-options/index.mdx index 60a31f7de69d8e0..413aa54f620afeb 100644 --- a/src/content/docs/aegis/configuration-options/index.mdx +++ b/src/content/docs/aegis/configuration-options/index.mdx @@ -2,7 +2,7 @@ title: Configuration options pcx_content_type: navigation sidebar: - order: 2 + order: 5 group: hideIndex: true --- diff --git a/src/content/docs/aegis/index.mdx b/src/content/docs/aegis/index.mdx index f49d96627c89d0e..7b7d14dfd5bc3d8 100644 --- a/src/content/docs/aegis/index.mdx +++ b/src/content/docs/aegis/index.mdx @@ -19,7 +19,7 @@ Leverage dedicated IPs to improve your origin security and implement Zero Trust. Cloudflare Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your layer 7 [WAF](/waf/) and CDN services, as well as [Spectrum](/spectrum/). The egress IPs are reserved exclusively for your account so that you can increase your origin security by only allowing traffic from a small list of IP addresses. -Both [BYOIP](/byoip) and Cloudflare-leased IPs are supported by Cloudflare Aegis. Refer to [Setup](TBD) for details. +Both [BYOIP](/byoip) and Cloudflare-leased IPs are supported by Cloudflare Aegis. *** diff --git a/src/content/docs/aegis/setup.mdx b/src/content/docs/aegis/setup.mdx new file mode 100644 index 000000000000000..ee7284fce7f2b93 --- /dev/null +++ b/src/content/docs/aegis/setup.mdx @@ -0,0 +1,32 @@ +--- +title: Setup +pcx_content_type: how-to +sidebar: + order: 2 + group: + hideIndex: true +--- + +You can control Aegis enablement on your zones via API. + +## Requirements + +- The Aegis zone setting endpoint is only available within Cloudflare accounts that own leased IPs, or accounts to which a BYOIP prefix has been delegated. If you wish to use Aegis for zones that do not meet this criteria, contact your account team. +- Each Aegis pool can consist of either IPs from a [BYOIP prefix](/byoip/) or Cloudflare-leased IPs. A single dedicated egress pool cannot contain both BYOIPs and leased IPs. + +## Steps + +1. Contact your account team to get the ID for your dedicated egress pool. +2. Make a `PATCH` request to the [Edit Zone Setting](/api/resources/zones/subresources/settings/methods/edit/) endpoint: +- Specify `aegis` as the setting ID in the URL. +- In the request body, set `enabled` to `true` and use the ID from the previous step as `pool_id`. + +```bash +--data '{ + "id": "aegis", + "value": { + "enabled": true, + "pool_id": "" + }, +}' +``` From 496d9bd26840d967d987da0818c5e01990597c7e Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Fri, 21 Feb 2025 09:56:20 +0000 Subject: [PATCH 3/3] Overall review and adjust callouts --- src/content/docs/aegis/about/index.mdx | 9 +-------- src/content/docs/aegis/index.mdx | 6 ++++++ src/content/docs/aegis/setup.mdx | 10 +++++++--- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/src/content/docs/aegis/about/index.mdx b/src/content/docs/aegis/about/index.mdx index b3aed8a55c0f986..7281b0d598d1c3b 100644 --- a/src/content/docs/aegis/about/index.mdx +++ b/src/content/docs/aegis/about/index.mdx @@ -12,11 +12,6 @@ head: --- -:::caution[Warning] - -Cloudflare Aegis is available in early access to Enterprise customers. Contact your account team to request access. -::: - When you use Cloudflare [as a reverse proxy](/fundamentals/concepts/how-cloudflare-works/#how-cloudflare-works-as-a-reverse-proxy), [Cloudflare's global network](https://www.cloudflare.com/network/) sits between client requests and your origin servers. ```mermaid @@ -39,10 +34,8 @@ Ingress refers to the data center where the client request lands on, based on In Traditionally, Cloudflare maintains a very large pool of egress IPs that are used by all Cloudflare customers and are [publicly documented](https://www.cloudflare.com/ips/). With Aegis, Cloudflare provides dedicated egress IP addresses that are reserved for you. -:::caution[Warning] - +:::note Each dedicated egress pool can consist of either IPs from a [BYOIP prefix](/byoip/) or Cloudflare-leased IPs. A single dedicated egress pool cannot contain both BYOIPs and leased IPs. - ::: ## Benefits diff --git a/src/content/docs/aegis/index.mdx b/src/content/docs/aegis/index.mdx index 7b7d14dfd5bc3d8..9c68eb4e43dbb4b 100644 --- a/src/content/docs/aegis/index.mdx +++ b/src/content/docs/aegis/index.mdx @@ -21,6 +21,12 @@ Cloudflare Aegis provides dedicated egress IPs (from Cloudflare to your origin) Both [BYOIP](/byoip) and Cloudflare-leased IPs are supported by Cloudflare Aegis. + +:::caution[Availability] +Cloudflare Aegis is available in early access to Enterprise customers. Contact your account team to request access. +::: + + *** ## Related products diff --git a/src/content/docs/aegis/setup.mdx b/src/content/docs/aegis/setup.mdx index ee7284fce7f2b93..e3f4f8ba6f91752 100644 --- a/src/content/docs/aegis/setup.mdx +++ b/src/content/docs/aegis/setup.mdx @@ -7,12 +7,16 @@ sidebar: hideIndex: true --- -You can control Aegis enablement on your zones via API. +You can control Aegis enablement on your zones via API. If you are not familiar with how Cloudflare API works, refer to [Fundamentals](/fundamentals/api/). + +:::caution[Availability] +Cloudflare Aegis is available in early access to Enterprise customers. Contact your account team to request access. +::: ## Requirements -- The Aegis zone setting endpoint is only available within Cloudflare accounts that own leased IPs, or accounts to which a BYOIP prefix has been delegated. If you wish to use Aegis for zones that do not meet this criteria, contact your account team. -- Each Aegis pool can consist of either IPs from a [BYOIP prefix](/byoip/) or Cloudflare-leased IPs. A single dedicated egress pool cannot contain both BYOIPs and leased IPs. +- The Aegis zone setting endpoint is only available within Cloudflare accounts that own leased IPs, or accounts to which a [BYOIP prefix](/byoip/) has been delegated. If you wish to use Aegis for zones that do not meet this criteria, contact your account team. +- Each Aegis pool can consist of either IPs from a BYOIP prefix or Cloudflare-leased IPs. A single dedicated egress pool cannot contain both BYOIPs and leased IPs. ## Steps