Using Cloudflare Zero Trust to access your private resources

In this article I’ll be covering how to configure Cloudflare Zero Trust to access your private network without opening up any external firewall ports.

We’ll be deploying a Cloudflare tunnel agent into Kubernetes as a means of accessing resources on your private network via Cloudflare.

In this article I won’t be covering how to configure access groups or applications to provide user/role-level access to specific resources but will follow up with another article on this soon.

What is Cloudflare Zero Trust?

Cloudflare Zero Trust has a number of concepts / names in order to provide access to your private and public resources through it’s infrastructure.

Tunnels

Tunnels are the bread and butter of the Cloudflare Zero Trust network. They are a network of agents deployed in your private networks that handle the routing for traffic proxied via the Cloudflare infrastructure into your private networks.

They exist as an agent that can run on any number of operating systems or container platforms (installation instructions can be found depending on your requirement, in the Cloudflare Zero Trust dashboard).

Applications

Applications can be used within Cloudflare Zero Trust to provide access to users of your account to specific resources via the Cloudflare network depending on their…