Skip to content

[Workers] Add Cloudflare Access for Workers changelog#31822

Open
chythram05 wants to merge 5 commits into
productionfrom
workers-access-changelog
Open

[Workers] Add Cloudflare Access for Workers changelog#31822
chythram05 wants to merge 5 commits into
productionfrom
workers-access-changelog

Conversation

@chythram05

Copy link
Copy Markdown
Collaborator

Adds a changelog entry for Cloudflare Access for Workers with updated copy and screenshots.

Changes

  • New changelog entry: 2026-06-28-workers-access.mdx
  • 4 images: protect all workers, protect a single worker, make a worker public, choose who can sign in

Summary

You can now protect a Worker with Cloudflare Access directly. Enabling Access on a Worker requires sign-in before anyone can reach it, and automatically covers every domain associated with it: routes, Custom Domains, and its workers.dev hostname.

@chythram05 chythram05 requested review from a team as code owners June 30, 2026 23:34
@cloudflare-docs-bot

cloudflare-docs-bot Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Review

✅ No issues found in commit 4d1a593.

Code Review

This code review is in beta and may not always be helpful — use your judgment.

No code review issues found.

Conventions

Checks PR title, description, and redirect checklist.

No convention issues found.

Style Guide Review

No style-guide issues found.

Redirects

No missing redirect entries found.

Commands

Only codeowners can run commands. Post a comment with the command to trigger it.

Command Description
/review Runs a review now. Incremental if a prior review exists, full if not.
/full-review Re-reviews the entire PR diff from scratch, ignoring incremental history. Useful after a rebase, when you want a fresh review, or if the bot gets out of sync and reports issues that no longer exist.
/ignore-review-limit Permanently lifts the 2-review automatic limit for this PR. Future pushes will trigger reviews as normal.
/disable-auto-review Stops automatic reviews from triggering on future pushes to this PR. Codeowners can still run /review or /full-review manually.

@github-actions

Copy link
Copy Markdown
Contributor

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/assets/images/ @cloudflare/pm-changelogs, @cloudflare/product-owners
/src/content/changelog/ @cloudflare/pm-changelogs, @cloudflare/product-owners

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

@chythram05

Copy link
Copy Markdown
Collaborator Author

Note: I will add the link to the Access dev docs before merging!

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

CI run failed: build logs

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Broken Links

Found 1 broken link(s) across 1 file(s).

File Link Position Error
content/changelog/workers/2026-06-28-workers-access.mdx /workers/configuration/cloudflare-access/ 47:34 invalid link

import { Width } from "~/components";
import { Image } from "astro:assets";
import protectAllWorkers from "~/assets/images/changelog/workers/protect-all-workers.png";
import protectOneWorker from "~/assets/images/changelog/workers/protect-one-worker.png";

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like this isn't normally how we embed images in changelogs? but probably not a big deal if it works

You now have two new ways to protect your Workers with Cloudflare Access. With these you can:

- Set an Access policy on preview deployments only, or on both preview and production deployments.
- Control who can sign in by Cloudflare account membership, email address, or email domain.

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it worth calling out that you can do more expressive policies in the ZT dash?


**Protect a single Worker across all its domains at once**

Until now, if a Worker was reachable on a route, a Custom Domain, and a `workers.dev` URL, you had to create a separate Access application for each one. Now you apply one Access policy to the Worker itself. You can choose to apply it to all preview URLs associated with the Worker, or to both previews and production.

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd call out the explicit payoff of this. it means that Worker+Access apps no longer have a fragile URL matching link. Changing a domain won't impact Access app coverage

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Complete me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants