
Account API Tokens
Allows to configurate API tokens. Set and Edit at Manage Accounts → Account API Tokens. For the security reasons, you can set Client IP Address Filtering and Zone Resources.
Deploy through a token
If you need an option to deploy to various cloudflare accounts, there's a need to use an account token instead of default OAuth.
- Logout with OAuth token:
npx wrangler logout - Go to
Manage Account → Account API tokensand create a custom token for accessing cloudflare from an app. Do this in each Cloudflare account you need to deploy to. - Create an
.envfile in your project root directory. Fill it with receivedCLOUDFLARE_API_TOKENtoken + place your cloudflare account id:CLOUDFLARE_ACCOUNT_ID="..." CLOUDFLARE_API_TOKEN="..." - Verify authentization with
npx wrangler whoami. If ok, you can deploy.
CloudFlare R2 Object Storage database
APi token
For accessing and managing R2 Object Storage database through cli, create a token. Take into notice, that the token dissapears after an expiration.
At Storage & Databases / R2 Object Storage, click ar Manage on Account Details with API tokens box, then create a new User API Token (if it does not exist). Select type Admin Read & Write, TTL for necessary time period (24 hours) and attach your IP to Client IP Address Filtering. You will get 3 tokens, while you need 2 of them:
- Access Key ID
- Secret Access Key
Open nano ~/.aws/credentials and copy these tokens into that file, that is in the following format:
[r2] aws_access_key_id = <Access Key ID> aws_secret_access_key = <Secret Access Key>Next, you need your Cloudflare Account ID. This can be get right from Account Home, bz clicking at dots beside zour accont home email and selecting 'Copy Account ID'.
Commands for R2 from cli
Copy files to R2
aws s3 sync <SourceDirectory> s3://<R2StorageName>/<TargetDirectoryAtR2> --endpoint-url https://<CloudflareAccountID>.r2.cloudflarestorage.com --profile r2 --exact-timestamps > r2-upload.log 2>&1Remove files from R2
aws s3 rm s3://<R2StorageName>/<DirectoryPathToRemove> \ --endpoint-url https://<CloudflareAccountID>.r2.cloudflarestorage.com \ --profile r2 \ --recursive \ --dryrunCommand above will print files for removal. For processing the removal, remove
--dryrunfrom the command.Example:
aws s3 rm s3://cache/cache_context/v1 \ --endpoint-url https://a0a00a0000000aa000a000a000000a0a.r2.cloudflarestorage.com \ --profile r2 \ --recursive


