Create a list of IPs or domains
2 min read
Gateway supports creating lists of IPs, hostnames, or other entries to reference in your policies.
It is likely that you will be onboarding to the Cloudflare platform with some predetermined series of security policies. Maybe you have explicit deny lists based on hostnames, IPs, or another measure that tie to individual users. Maybe some networks can access certain apex records while others cannot.
The best way to migrate to Cloudflare in a way that will simplify ongoing maintenance is to build as many reusable objects as possible. Not only because that makes policy building simpler, but because as those applications, networks, and services organically change and grow, updates to the lists automatically update everywhere that the lists are applied.
Create a list from a CSV file
Here is a sample CSV file of URLs that you can use for testing. When formatting the CSV:
- Each line should be a single entry.
- Trailing whitespaces are not allowed.
- CRLF (Windows) and LF (Unix) line endings are valid.
To upload the list to Zero Trust:
- In Zero Trust, go to My Team > Lists.
- Select Upload CSV.
- Next, specify a List name, enter an optional description, and choose a List type.
- Drag and drop a file into the CSV file window, or select a file.
- Select Create.
You can now use this list in the policy builder by choosing the in list operator.
Create a list manually
- In Zero Trust, go to My Team > Lists.
- Select Create manual list.
- Next, specify a List name, enter an optional description, and choose a List type.
- Enter your list element manually into the Add entry field and select Add.
- Select Save.
curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/lists \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>" \
--header "Content-Type: application/json" \
--data '{ "description": "Private application IPs", "items": [{"value": "10.226.0.177/32"},{"value": "10.226.1.177/32"}], "name": "Corporate IP list", "type": "IP"}'
You can now use this list in the policy builder by choosing the in list operator.