Cloudflare

What is Cloudflare?

Cloudflare is a network security company that provides DNS management, DDoS protection, a Web Application Firewall (WAF), and content delivery services. If your domains or web applications are protected by Cloudflare, this integration lets Imara collect evidence of your network security controls.

What Imara collects from Cloudflare

• Zone (domain) configurations and security settings
• Web Application Firewall (WAF) status and active rules
• DDoS protection settings
• SSL/TLS configuration and minimum TLS version enforcement
• Zero Trust Access policies (if applicable)
• Account member roles and 2FA status
  
  

Required permissions

Imara connects via a scoped Cloudflare API Token with the following read-only permissions:

• Zone: Read — read zone configurations
• Firewall Services: Read — read WAF rules and settings
• Account Settings: Read — read account-level configurations
  
  

Create the token in Cloudflare → Profile → API Tokens → Create Token. Use a scoped token rather than your Global API Key.

How to connect

1. In Cloudflare, go to Profile → API Tokens and create a new token with the read-only permissions above.
2. In Imara, go to Integrations and select Cloudflare.
3. Paste the token and click Connect.
   
   

Frameworks supported

SOC 2, ISO 27001, PCI DSS, NIST CSF.

What to expect

Imara collects evidence of your network protection measures — WAF status, DDoS protection, and TLS configuration — and maps them to network security controls. Common findings include zones with WAF disabled or outdated TLS versions still permitted.