Cloudflare Workers applications now leverage reusable Cloudflare Access policies. This update aims to reduce duplication and simplify access management across various Workers.
Previously, enabling Cloudflare Access for a Worker would generate unique, per-application policies. The new approach creates reusable policies that can be shared among different applications:
-
Preview URLs: All Workers preview URLs now share a single “Cloudflare Workers Preview URLs” policy across an account. This policy is automatically established the first time Access is enabled on any preview URL. By consolidating access rules into one policy for all preview URLs, administrators can configure access once, and these rules will apply universally to all Workers protecting preview environments. This significantly streamlines the management of access to preview environments, eliminating the need to update individual policies for each Worker.
-
Production workers.dev URLs: When activated, each Worker receives its own reusable policy, typically named <worker-name> – Production. Production services often have distinct access requirements, and individual policies facilitate configuring service-to-service authentication or safeguarding internal dashboards and applications with specific user groups. Maintaining separate policies offers the flexibility to tailor access rules precisely for each production service. If Access is disabled on a production Worker, its associated policy is automatically removed, provided it is not in use by other applications.
This enhancement reduces policy redundancy, simplifies company-wide access management for preview environments, and offers necessary flexibility for production services. Users retain the ability to customize access rules by editing these reusable policies within the Zero Trust dashboard.
To enable Cloudflare Access on a Worker, follow these steps:
- In the Cloudflare dashboard, navigate to Workers & Pages.
- Select the desired Worker.
- Proceed to Settings > Domains & Routes.
- For workers.dev or Preview URLs, click Enable Cloudflare Access.
- Optionally, click Manage Cloudflare Access to customize the policy.
