Documentation

ASM Cloudflare Integration

🚧

Special privileges required

This feature is only available to ASM administrators.

The Attack Surface Management (ASM) Cloudflare integration is designed to pull all DNS Records from zones for which the Cloudflare API Token was authorized. The records pulled downstream are then created as Entities based on their respective type. For example, A/AAAA records will be created as IPAddress Entities and the associated name and label will be turned into DnsRecord Entities.

This increases the quality of Seeds in cases where the Cloudflare account is managing a substantial amount of records.

Adding this integration requires two steps: 

  1. Create Cloudflare API Token
  2. Provide Cloudflare API credentials for ASM integration

Create Cloudflare API Token

  1. Once authenticated on https://cloudflare.com, browse to https://dash.cloudflare.com/profile/api-tokens and click Create Token.
  1. Within the API Tokens interface, click Get Started next to Create Custom Token.

  1. Within the Create Custom Token interface, populate the fields as defined here and click Continue to summary:

    1. Token name: A friendly name that's easily remembered such as ASM Cloudflare Integration

    2. Permissions:

      1. Zone - Zone - Read
      2. Zone - DNS - Read

    3. Zone Resources: Include - All zones

      ℹ️

      Cloudflare provides the flexibility to allow the API Token to access all zones, a specific zone, or exclude specific zones. Typically most organizations would select All Zones, however adjust this option to fit your organization’s requirements.

    4. Client IP Address Filtering: Leave blank

    5. TTL: Leave blank

  1. Review and click Create Token.

  1. Copy this token to be used when providing credentials to ASM.

    ❗️

    For security reasons, these credentials will only be shown once. Please copy and store in a secure location.

Provide Cloudflare Credentials for ASM Integration

Add your Cloudflare API Token into the integration page and then on the Collection, choose which Collection you would like to pull the entities into.

  1. From the Projects and Settings menu in ASM, select the appropriate Project then click Account Settings.
  1. Click Integrations.
  2. Under Inbound Integrations, click Add New for Cloudflare.
  1. Paste the token value from the Create Cloudflare API Token process outlined above into the Cloudflare API Token field and click Connect.

  1. Connect the integration to the appropriate Collection.

    1. Click Collections and click Collection Settings for the Collection that you want to connect the integration to.
  1. Select the Integrations tab.
  1. Select Connect Integration and Link the integration.

The integration is immediately added to the Collection.

💡

Click to remove the integration from this Collection.

  1. Click to close the Connect Integration pane. Click Scan Collection to update your Collection with the current settings and integrations. Otherwise, your newly configured integration is incorporated at your regularly scheduled scan interval.

Updated 14 days ago