Limitation in new centrally managed tunnels UI

I’m really digging the new management UI for Access Tunnels. Having replicas of tunnels all automagically suck down the new ingress rules is amazing.

I’ve found a UI bug that is kind of a pain in the scenario where you’ve got a single zone with 10+ ingress rules defined. In my scenario, I’ve defined a single hostname with specific origin services for unique paths. A wildcard path acts as a fall-through and applies to the root (/) and any other paths where the service url the same origin url as the root.

Creating a new “more specific” path for an 11th (or 12th) service puts it on the second page and there’s no mechanism to reorder it above the fall-through wildcard without deleting and recreating entries in order.

Also, do we expect an API (or cloudflared CLI) to manage the newfangled centrally managed tunnel ingress rules?


Navigate to Zero Trust Dashboard > Access > Tunnels > Public Hostname, create 9 “public hostnames” with the same hostname/subdomain and unique paths and service urls. Create a 10th without the optional path (wildcard) and an 11th with a unique path. There’s no mechanism to reorder the 11th (specified path) above the 10th (wildcard).

Minor annoyance from someone whose really impressed with the service.

1 Like

Glad you’re finding the remote management solution useful!

Thank you for flagging this issue - we rolled out a fix this AM that should resolve this issue, but let me know if you encounter any other unexpected behavior.

Fortunately, the APIs will remain unchanged meaning you now have the flexibility to create Tunnels using the UI, API, or CLI. We’re also working on building a “migration wizard” which will allow you to opt-in to remote management for Tunnels previously created via the CLI or API. Looking forward to getting this in production over the next few weeks!