Zero Trust has documentation that appears to be out-dated for bypass rules
https://developers.cloudflare.com/cloudflare-one/policies/access/
"This means Access won’t be enforced on the set of IP addresses you have specified. To complete the setup, you need an additional rule to ensure that anyone asking to access your application from a different IP address will only be granted access if they only meet certain criteria, like email addresses ending with a given domain."
If you follow this and set the action to Bypass you will not be able to assign a group or add a new rule as it says "Groups containing identity rules cannot be assigned to Bypass".
Am I missing something or has this been changed but the documentation has not been updated yet?
Access policies · Cloudflare Zero Trust docs
Cloudflare Access determines who can reach your application by applying the Access policies you configure.
1 Reply
You correctly note that identity rules cannot be used in a Bypass policy. The docs should say to create an additional policy, not an additional rule within the Bypass policy. We are actually removing this example from the docs as it goes against the principle of Zero Trust security: https://github.com/cloudflare/cloudflare-docs/pull/10656
