I prefer to use Terraform to manage as much of my infrastructure as possible. After pushing commits to the main branch, Terraform Cloud will automatically apply the changes.
The following permissions are required for the Cloudflare provider to function properly:
- Account.Account Settings:Read
- Account.Cloudflare Pages:Edit
- Account.Cloudflare Tunnel:Edit
- Zone.Zone:Edit
- Zone.Zone Settings:Edit
- Zone.Page Rules:Edit
- Zone.DNS:Edit
- Zone.Workers Routes:Edit
The following permissions are required for the GitHub Actions to deploy Cloudflare Workers:
- Account.Cloudflare Pages:Edit
- Account.Workers Scripts:Edit
The GitHub provider requires a fine-grained personal access token with access to all repositories and the following permissions:
- Administration: Read and write
- Contents: Read and write
- Metadata: Read-only
- Secrets: Read and write