How to restrict access to a worker

Hello

I am just getting started with workers and KV - i am trying to figure out the best way to restrict access to a worker. Essentially, I am hoping to make read (GET) open and write (POST or PUT) restricted to a specific server.

Is this possible?

One thought was to perhaps associate them to subdomains in the DNS and then attach a firewall configuration to them. Is this the best way to approach this?

Thank you…

There are many ways to do this.

You very well could create a firewall rule matching worker.example.com* and have a block if the IP isn’t one in a list.

You also could use a zone lockdown rule to achieve the same effect.

You also could set up CF Access on the subdomain if you want multiple people to be able to access it based on their sign-in information, or if you want to use Access to provision service tokens

Finally, the user connection info is available in the Request object of your worker. The ASN is available in request.cf and the user’s IP is available as the request header CF-Connecting-IP.

1 Like

This topic was automatically closed after 31 days. New replies are no longer allowed.