[Answered✅] New to Cloudflare - DNS Mgmt questions
- Is there a way to have a review/approval process on submitted DNS changes?
Example: Engineer submits a requested DNS Zone or record change. Sr Engineer reviews the request before approving the change.
- For delegated access to a managed DNS domain, are we able to enforce account rules like MFA?
Example: If someone we've delegated DNS control to does not have MFA, they will not be able to access delegated resources until MFA is enabled.
- Is there any sort of centralized management for sub accounts or does every person with access have to create their own Cloudflare account in order to access our managed domains?
2 Replies
Sounds like you want to use something like DNSControl https://docs.dnscontrol.org/ or Terraform https://developers.cloudflare.com/terraform/tutorial/. All the benefits of storing it in git, so pull requests/versioning/etc, and no need to give everyone direct access
Otherwise the answer is:
Is there a way to have a review/approval process or submitted DNS changes?Not natively.
For delegated access to a managed DNS domain, are we able to enforce account rules like MFA?Yes, you can require everyone in the account to enable 2fa
Is there any sort of centralized management for sub accounts or does every person with access have to create their own Cloudflare account in order to access our managed domains?They need to make accounts. That can be done as part of the invitation process, but fundementally they'd all still have their own accounts which have access. Enterprise has SSO for logins, closest thing otherwise
Awesome, thank you for the quick response!