All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Gateway, Cloudflare Mesh, Workers VPC - Filter Workers' public Internet traffic using Gateway policies

29d ago

Source

CloudflareGateway, Cloudflare Mesh, Workers VPC - Filter Workers' public Internet traffic using Gateway policiescloudflare.com
Snippet from the RSS feed
Workers using a VPC Network binding with network_id: "cf1:network" now egress to public Internet destinations through Cloudflare Gateway . This means your existing Zero Trust traffic policies โ€” DNS, HTTP, Network, and egress โ€” extend to traffic that originates from your Workers, the same way they do for WARP users today. Worker Calls env.EGRESS.fetch() VPC binding โ†“ Cloudflare Mesh Bind via cf1:network โ†“ Cloudflare Gateway Policies applied: DNS HTTP Network โ†“ โ†— Public Internet Any public hostname or IP Gateway logs DNS HTTP Network What you get by default: Visibility. Worker egress shows up in Gateway DNS , HTTP , and Network logs alongside your other traffic, so you can audit what your Workers are calling and when. Enforcement. Any existing Gateway policy whose selectors match a Worker request will apply โ€” including allow / block lists, DNS category filtering, and HTTP destination rules. If you have already blocked a category for your workforce, your Workers inherit that block. wrangler.jsonc { " vpc_networks " : [ { " binding " : "EGRESS" , " network_id " : "cf1:network" , " remote " : true , }, ], } wrangler.toml [[ vpc_networks ]] binding = "EGRESS" network_id = "cf1:network" remote = true JavaScript // Egress to a public destination โ€” subject to your Gateway policies and logged const response = await env . EGRESS . fetch ( " ) ; TypeScript // Egress to a public destination โ€” subject to your Gateway policies and logged const response = await env . EGRESS . fetch ( " ) ; For configuration options, refer to VPC Networks . For policy authoring, refer to Cloudflare Gateway traffic policies .

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.