Cloudflare Deploy

Consolidated skill for building on the Cloudflare platform. Use decision trees below to find the right product, then load detailed references.

Prerequisites

• When sandboxing blocks the deployment network calls, rerun with sandbox_permissions=require_escalated.

• The deployment might take a few minutes. Use appropriate timeout values.

Authentication (Required Before Deploy)

Verify auth before wrangler deploy, wrangler pages deploy, or npm run deploy:

npx wrangler whoami    # Shows account if authenticated

Not authenticated? → references/wrangler/auth.md

• Interactive/local: wrangler login (one-time OAuth)

• CI/CD: Set CLOUDFLARE_API_TOKEN env var

Quick Decision Trees

"I need to run code"

Need to run code?

├─ Serverless functions at the edge → workers/

├─ Full-stack web app with Git deploys → pages/

├─ Stateful coordination/real-time → durable-objects/

├─ Long-running multi-step jobs → workflows/

├─ Run containers → containers/

├─ Multi-tenant (customers deploy code) → workers-for-platforms/

├─ Scheduled tasks (cron) → cron-triggers/

├─ Lightweight edge logic (modify HTTP) → snippets/

├─ Process Worker execution events (logs/observability) → tail-workers/

└─ Optimize latency to backend infrastructure → smart-placement/

"I need to store data"

Need storage?

├─ Key-value (config, sessions, cache) → kv/

├─ Relational SQL → d1/ (SQLite) or hyperdrive/ (existing Postgres/MySQL)

├─ Object/file storage (S3-compatible) → r2/

├─ Message queue (async processing) → queues/

├─ Vector embeddings (AI/semantic search) → vectorize/

├─ Strongly-consistent per-entity state → durable-objects/ (DO storage)

├─ Secrets management → secrets-store/

├─ Streaming ETL to R2 → pipelines/

└─ Persistent cache (long-term retention) → cache-reserve/

"I need AI/ML"

Need AI?

├─ Run inference (LLMs, embeddings, images) → workers-ai/

├─ Vector database for RAG/search → vectorize/

├─ Build stateful AI agents → agents-sdk/

├─ Gateway for any AI provider (caching, routing) → ai-gateway/

└─ AI-powered search widget → ai-search/

"I need networking/connectivity"

Need networking?

├─ Expose local service to internet → tunnel/

├─ TCP/UDP proxy (non-HTTP) → spectrum/

├─ WebRTC TURN server → turn/

├─ Private network connectivity → network-interconnect/

├─ Optimize routing → argo-smart-routing/

├─ Optimize latency to backend (not user) → smart-placement/

└─ Real-time video/audio → realtimekit/ or realtime-sfu/

"I need security"

Need security?

├─ Web Application Firewall → waf/

├─ DDoS protection → ddos/

├─ Bot detection/management → bot-management/

├─ API protection → api-shield/

├─ CAPTCHA alternative → turnstile/

└─ Credential leak detection → waf/ (managed ruleset)

"I need media/content"

Need media?

├─ Image optimization/transformation → images/

├─ Video streaming/encoding → stream/

├─ Browser automation/screenshots → browser-rendering/

└─ Third-party script management → zaraz/

"I need infrastructure-as-code"

Need IaC? → pulumi/ (Pulumi), terraform/ (Terraform), or api/ (REST API)

Product Index

Compute & Runtime

Product

Reference

Workers

references/workers/

Pages

references/pages/

Pages Functions

references/pages-functions/

Durable Objects

references/durable-objects/

Workflows

references/workflows/

Containers

references/containers/

Workers for Platforms

references/workers-for-platforms/

Cron Triggers

references/cron-triggers/

Tail Workers

references/tail-workers/

Snippets

references/snippets/

Smart Placement

references/smart-placement/

Storage & Data

Product

Reference

KV

references/kv/

D1

references/d1/

R2

references/r2/

Queues

references/queues/

Hyperdrive

references/hyperdrive/

DO Storage

references/do-storage/

Secrets Store

references/secrets-store/

Pipelines

references/pipelines/

R2 Data Catalog

references/r2-data-catalog/

R2 SQL

references/r2-sql/

AI & Machine Learning

Product

Reference

Workers AI

references/workers-ai/

Vectorize

references/vectorize/

Agents SDK

references/agents-sdk/

AI Gateway

references/ai-gateway/

AI Search

references/ai-search/

Networking & Connectivity

Product

Reference

Tunnel

references/tunnel/

Spectrum

references/spectrum/

TURN

references/turn/

Network Interconnect

references/network-interconnect/

Argo Smart Routing

references/argo-smart-routing/

Workers VPC

references/workers-vpc/

Security

Product

Reference

WAF

references/waf/

DDoS Protection

references/ddos/

Bot Management

references/bot-management/

API Shield

references/api-shield/

Turnstile

references/turnstile/

Media & Content

Product

Reference

Images

references/images/

Stream

references/stream/

Browser Rendering

references/browser-rendering/

Zaraz

references/zaraz/

Real-Time Communication

Product

Reference

RealtimeKit

references/realtimekit/

Realtime SFU

references/realtime-sfu/

Developer Tools

Product

Reference

Wrangler

references/wrangler/

Miniflare

references/miniflare/

C3

references/c3/

Observability

references/observability/

Analytics Engine

references/analytics-engine/

Web Analytics

references/web-analytics/

Sandbox

references/sandbox/

Workerd

references/workerd/

Workers Playground

references/workers-playground/

Infrastructure as Code

Product

Reference

Pulumi

references/pulumi/

Terraform

references/terraform/

API

references/api/

Other Services

Product

Reference

Email Routing

references/email-routing/

Email Workers

references/email-workers/

Static Assets

references/static-assets/

Bindings

references/bindings/

Cache Reserve

references/cache-reserve/

Troubleshooting

Escalated Network Access

If deployment fails due to network issues (timeouts, DNS errors, connection resets), rerun the deploy with escalated permissions (use sandbox_permissions=require_escalated). The deploy requires escalated network access when sandbox networking blocks outbound requests.

Example guidance to the user:

The deploy needs escalated network access to deploy to Cloudflare. I can rerun the command with escalated permissions—want me to proceed?