Cloudflare
Visualize Cloudflare users, access roles, domain zones, and domain records, and monitor changes through queries and alerts.
- Installation
- Data Model
- Types
Installation
For this integration, you will need to create a Cloudflare API Token configured for read access with the following:
Account→Access: Organizations, Identity Providers, and Groups→Readto list identity provider information.Account→Account Settings→Readto list accounts, members, and rolesAccount→DNS Firewall→Readto list records in a zoneAccount→Zero Trust→Readto to list Zero Trust entities.Account→Access: Audit Logs→Readto to list Zero Trust entities.Account→Load Balancing: Monitors and Pools→Readto list load balancer pools.Zone→Zone→Readto get information about the zoneZone→DNS→Readto list records in a zone.Zona→Load Balancers→Readto list load balancers in a zone.
Once created, obtain an API token from the bottom of the API Tokens page in your Cloudflare account. With the token, head to JupiterOne to complete the integration installation.
Configuration in JupiterOne
To install the Cloudflare integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Cloudflare. Click New Instance to begin configuring your integration.
Creating an instance requires the following:
-
The Account Name used to identify the Cloudflare account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled. -
Description to assist in identifying the integration instance, if desired.
-
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration. -
Your Cloudflare (read access) API Token.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | cloudflare_account | Account |
| Account Member | cloudflare_account_member | User |
| Account Role | cloudflare_account_role | AccessRole |
| DNS Record | cloudflare_dns_record | DomainRecord |
| DNS Zone | cloudflare_dns_zone | DomainZone |
| Load Balancer | cloudflare_load_balancer | Gateway |
| Load Balancer Pool | cloudflare_load_balancer_pool | Group |
| Ruleset | cloudflare_ruleset | Ruleset |
| Ruleset Rule | cloudflare_ruleset_rule | Rule |
| Zero Trust | cloudflare_zero_trust_user | User |
| Zero Trust Device | cloudflare_zero_trust_device | Device |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
cloudflare_account | HAS | cloudflare_account_member |
cloudflare_account | HAS | cloudflare_account_role |
cloudflare_account | HAS | cloudflare_dns_zone |
cloudflare_account | HAS | cloudflare_ruleset |
cloudflare_account_member | ASSIGNED | cloudflare_account_role |
cloudflare_dns_zone | HAS | cloudflare_dns_record |
cloudflare_dns_zone | HAS | cloudflare_load_balancer |
cloudflare_dns_zone | HAS | cloudflare_ruleset |
cloudflare_load_balancer | USES | cloudflare_load_balancer_pool |
cloudflare_ruleset | CONTAINS | cloudflare_ruleset_rule |
cloudflare_zero_trust_user | OWNS | cloudflare_zero_trust_device |
Mapped Relationships
The following mapped relationships are created:
Source Entity _type | Relationship _class | Target Entity _type | Direction |
|---|---|---|---|
cloudflare_account | CONNECTS | cloudflare_account | REVERSE |
cloudflare_dns_record | CONNECTS | cloudflare_load_balancer | FORWARD |
cloudflare_dns_record | CONNECTS | aws_alb | FORWARD |
cloudflare_load_balancer_pool | USES | cloudflare_dns_record | FORWARD |
Cloudflare Load Balancer
cloudflare_load_balancer inherits from Gateway
| Property | Type | Description | Specifications |
|---|---|---|---|
adaptiveRoutingFailoverAcrossPools | boolean | ||
countryPools | array of strings | ||
createdOn | number | ||
defaultPoolCount | number | ||
defaultPoolIds | array of strings | ||
description | string | ||
displayName | string | ||
enabled | boolean | ||
fallbackPoolId | string | ||
id | string | ||
locationStrategyMode | string | ||
locationStrategyPreferEcs | string | ||
modifiedOn | number | ||
popPools | array of strings | ||
proxied | boolean | ||
randomSteeringDefaultWeight | number | ||
randomSteeringPoolWeights | array of strings | ||
regionPools | array of strings | ||
rules | array of strings | ||
sessionAffinity | string | ||
sessionAffinityDrainDuration | number | ||
sessionAffinityHeaders | array of strings | ||
sessionAffinityRequireAllHeaders | boolean | ||
sessionAffinitySamesite | string | ||
sessionAffinitySecure | string | ||
sessionAffinityTTL | number | ||
sessionAffinityZeroDowntimeFailover | string | ||
steeringPolicy | string | ||
ttl | number | ||
zoneName | string |
Cloudflare Load Balancer Pool
cloudflare_load_balancer_pool inherits from Group
| Property | Type | Description | Specifications |
|---|---|---|---|
active | boolean | ||
checkRegions | array of strings | ||
createdOn | number | ||
description | string | ||
id | string | ||
latitude | number | ||
loadSheddingDefaultPercent | number | ||
loadSheddingDefaultPolicy | string | ||
loadSheddingSessionPercent | number | ||
loadSheddingSessionPolicy | string | ||
longitude | number | ||
minimumOrigins | number | ||
modifiedOn | number | ||
monitor | string | ||
networks | array of strings | ||
originAddresses | array of strings |
Cloudflare Ruleset
cloudflare_ruleset inherits from Ruleset
| Property | Type | Description | Specifications |
|---|---|---|---|
accountId * | string | null | ||
id * | string | ||
kind * | string | null | ||
lastUpdatedOn * | number | null | ||
phase * | string | null | ||
source * | string | null | ||
version * | string | null | ||
zoneId * | string | null |
Cloudflare Ruleset Rule
cloudflare_ruleset_rule inherits from Rule
| Property | Type | Description | Specifications |
|---|---|---|---|
action * | string | null | ||
actionParametersId * | string | null | ||
actionParametersOverridesAction * | string | null | ||
actionParametersVersion * | string | null | ||
expression * | string | null | ||
id * | string | ||
isActionParametersOverridesEnabled * | boolean | null | ||
isEnabled * | boolean | null | ||
isLoggingEnabled * | boolean | null | ||
lastUpdatedOn * | number | null | ||
position * | number | null | ||
ref * | string | null | ||
rulesetId * | string | null | ||
version * | string | null |
Cloudflare Zero Trust Device
cloudflare_zero_trust_device inherits from Device
| Property | Type | Description | Specifications |
|---|---|---|---|
createdOn | number | ||
deleted | boolean | ||
deviceType | string | ||
id | string | ||
ip | string | ||
key | string | ||
macAddress | string | ||
manufacturer | string | ||
name | string | ||
osDistroName | string | ||
osDistroRevision | string | ||
osVersionExtra | string | ||
revokedOn | number | ||
serialNumber | string | ||
updatedOn | number | ||
userEmail | string | ||
userName | string | ||
version | string |
Cloudflare Zero Trust User
cloudflare_zero_trust_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
accessSeat | boolean | ||
activeDeviceCount | number | ||
gatewaySeat | boolean | ||
lastSuccessfulLoginOn | number | ||
seatUid | string | ||
uid | string |