Se rendre au contenu

Security & Compliance

Lynx Compliance - Cloudflare Connector

Pulls compliance evidence from Cloudflare - DNS zones, firewall rules, WAF packages, TLS certificates, Zero Trust Access apps and groups, audit log - via the Cloudflare API.

Talk to sales See pricing

lynx_compliance_connector_cloudflare · v19.0.1.0.0 · Premium

What this solves

Lynx Compliance - Cloudflare Connector

Compliance evidence pulled from Cloudflare. Cloudflare sits at the edge of the customer's surface and emits the kind of evidence auditors love at the network layer:

  • DNS zones (CSF ID.AM-04, ISO A.5.7): the inventory of customer-controlled domains.

  • Firewall + WAF rules (CSF PR.IR-01, ISO A.8.20-A.8.23): network protection configuration.

  • TLS certificates (CSF PR.DS-02, ISO A.8.24): inventory of issued certificates per zone with expiry tracking.

  • Cloudflare Zero Trust Access (CSF PR.AA, ISO A.5.18): application gating and group-based access policies.

  • Audit log (CSF DE.CM-01, ISO A.8.16): admin actions across the tenant.

Authentication is a single Bearer API token issued from the Cloudflare dashboard. The token's scope determines which resources the connector can see — issue it with the read-only permissions matching the resource pulls.

Key Features

  • Cloudflare connector type - Bearer API token in credential_secret + optional config_json.account_id (scopes audit log + Zero Trust) + config_json.zone_ids (comma-separated, scopes per-zone resources).

  • Eight resource pulls - zones, firewall rules, WAF managed packages, SSL/TLS certificates, Access apps, Access groups, audit log, DNS records.

  • Pre-seeded collectors - five collectors covering ID.AM-04 (zones), PR.IR-01 (firewall), PR.DS-02 (TLS certs), PR.AA-05 (Zero Trust groups), DE.CM-01 (audit log).

  • Pagination-aware - result_info cursor handled transparently across all multi-page endpoints.

Integrates With

  • lynx_compliance_connectors - registers under the connector framework.

  • lynx_compliance_evidence_collectors - shipped collectors use the standard schedule.

  • Cloudflare API via the requests HTTP client.

Depends on

base lynx_compliance lynx_license_enforcer lynx_base lynx_compliance_evidence_collectors lynx_compliance_connectors lynx_compliance_certification

Try Lynx Compliance - Cloudflare Connector on your team.

Free trial, no credit card. Talk to sales when you're ready.

Start free trial Browse all modules