Cloudflare Zero Trust
  • 09 Oct 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Cloudflare Zero Trust

  • Dark
    Light
  • PDF

Article summary

Deliver Zero Trust Network Access on Cloudflare's Edge.


Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users

Parameters

  1. Host Name or IP Address (optional) - The hostname or IP address of the Cloudflare Zero Trust server.

  2. User Email (required) - Enter the user email.

  3. API Key / API Token (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.

    Note:

    Cloudflare highly recommends using an API token instead of an API key.

  4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  5. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  7. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

CloudFlare_Zero_Trust


Advanced Settings

Note:

From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  • Endpoints Config - Click the arrow.
    • Enrich Devices with Gateway Location - Toggle on this option to add subdomain data for each device.
    • Fetch Devices of sub type deleted_device from Deleted Devices - Toggle on to include data on deleted devices.
    • Fetch Devices of sub type revoked_device from Deleted Devices - Toggle on to include data on revoked devices.
    • Enrich Users with Policies - Toggle on this option to add policy data for each user.


Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses Cloudflare API v4.

Required Permissions

The value supplied in API Key/Token must be associated with credentials that have permissions to fetch assets.

If an API Token (recommended method) is provided, the following permissions are required:

  • Account: Zero Trust: Read
  • Account: Access: Audit Logs: Read
  • Account: Account Settings: Read

If an API Key (legacy method) is provided, it will have the same permissions as the user and will have access to all of a user’s resources.


Supported From Version

Supported from Axonius version 4.5



Was this article helpful?

What's Next