I currently have
R2, and these three serverless services are connected to each other.
What I want to do now is to restrict these three services from being accessed by other disallowed third parties. For example, the resources on R2 are only allowed to be accessed by the specified Pages application. If you try to directly access R2 resources, the access should be blocked directly by a 403 response at the firewall level (not by the application).
I know it is possible to set up the Referer detection mechanism in the WAF - however, this does not seem to be an efficient way.
This is originally easy to achieve on AWS through VPC Network, but I wonder if Cloudflare can do something similar?