Salto's Cloudflare adapter allows you to:
Fetch common Cloudflare configuration data, such as DNS records, WAF rules and Zero Trust Gateway and Access configuration
Compare Cloudflare environments
Add configuration elements to a version control system such as GitHub, BitBucket or others
Monitor specific changes of interest, e.g., DNS zone configuration changes
Supported Types
Salto supports fetching the following types:
Accounts
Zones
Settings
DNS records
User agent blocking rules
Rulesets
Rules and managed rule exceptions
Zero Trust - Gateway
Gateway rules
Custom lists
Locations
Zero Trust - Access
Access policies
Access groups
Applications
Certificate Authorities
From these, Salto can deploy modifications to the Zone Settings and Rule types
Connect your Cloudflare instance
Salto supports authenticating with Cloudflare using API tokens:
In your Cloudflare account, go to "Profile" --> "API Tokens" --> "Create Token"
From the API token templates, go to "Read all resources" and click "Use template"
Rename the token to your liking, e.g., "API token for Salto"
Change at least the following permissions to "Edit":
Account permissions
Account WAF
Account Rulesets
Zero Trust
Access: Organizations, Identity Providers, and Groups
Account Settings
Access: Apps and Policies
User permissions
User Details
Zone permissions
Response Compression
Config Rules
Single Redirect
Cache Rules
Origin Rules
HTTP DDoS Managed Rulesets
Sanitize
Zone Settings
Zone
DNS
Firewall Services
Add a Cloudflare service to a Salto environment by selecting the environment --> "Settings" --> "Application Connections" --> "Connect an Application"
You will be asked to provide the token you created.
β