Is there a way to require #CloudflareAccess policies for all subdomains of a given domain? The goal would be to rule out (or fail closed instead of open) possible misconfigurations of individual applications using their respective subdomain.
Create 2 overarching policies.
- Example.com → Allow your group/policy
- *.example.com → same as above
Create additional policies for explicit apps / different access requirements from the two above.