cloudflare / workers-sdk

⛅️ Home to Wrangler, the CLI for Cloudflare Workers®
https://developers.cloudflare.com/workers/
Apache License 2.0
2.7k stars 709 forks source link

🚀 Feature Request: Assign custom domains to R2 buckets directly from the command line #4424

Open nestarz opened 1 year ago

nestarz commented 1 year ago

Describe the solution

Feature Request

Summary: As a developer who frequently interacts with Cloudflare R2 buckets, I am looking for a way to assign custom domains to R2 buckets directly from the command line, using the wrangler CLI tool or via a script. This feature would streamline my workflow as it would eliminate the need to use the web dashboard for this purpose.

Motivation: The ability to assign custom domains to storage buckets via the command line is a common feature in other cloud services, and its absence in Cloudflare Workers impacts productivity, especially when managing multiple environments or automating deployments.

Having this feature would allow developers and DevOps teams to maintain a fully automated CI/CD pipeline without having to switch contexts to the web dashboard, thus preserving efficiency and reducing the potential for human error.

Proposed Solution: Introduce a new subcommand in wrangler, for example, wrangler r2 domain assign, which would take the necessary parameters to bind a custom domain to an R2 bucket.

Additionally, offering API support for this action would allow users to write scripts that can handle domain assignments.

Example Usage:

wrangler r2 domain assign --bucket my-awesome-bucket --domain my.customdomain.com

By providing the appropriate flags and parameters, such as --bucket for the bucket name and --domain for the custom domain, users can easily and programmatically assign custom domains to their R2 buckets.

Additional Context: While the current process of using the web dashboard is functional, it doesn't cater well to automation or to scenarios where developers need to manage resources through code. This feature would be particularly useful for those who operate in a code-as-infrastructure paradigm and those who have already adopted automation in other facets of their cloud resource management.

frammaa commented 11 months ago

Ran into the same issue, you can make a script to call their API. It's undocumented so stability is not guaranteed I would guess.

First set the domain for the bucket:

await fetch(
    `https://api.cloudflare.com/client/v4/accounts/${yourAccountId}/r2/buckets/${bucketName}/custom_domains`,
    {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        Authorization: `Bearer your-token`,
      },
      body: JSON.stringify({
        domain : 'the-domain-you.want.com',
        zoneId: `${yourZoneId}`,
        zoneName: 'your-zone-name.com',
      }),
    }
  )

Then update the permissions of said domain, in this case open access via that domain:

await fetch(
    `https://api.cloudflare.com/client/v4/accounts/${cloudflareAccountId}/r2/buckets/${bucket}/policy?cname=${domain}&access=CnamesOnly`,
    {
      method: 'PUT',
      headers: {
        'Content-Type': 'application/json',
        Authorization: `Bearer your-token`,
      },
    }
  )

Example is in js but can be easily adapted to bash or any scripting language you're using. Hope that helps

baspenny commented 9 months ago

@frammaa suggestion works like a charm. Is it possible to just make this official part of the API and document this?

Ases commented 2 weeks ago

Then update the permissions of said domain, in this case open access via that domain:

await fetch(
    `https://api.cloudflare.com/client/v4/accounts/${cloudflareAccountId}/r2/buckets/${bucket}/policy?cname=${domain}&access=CnamesOnly`,
    {
      method: 'PUT',
      headers: {
        'Content-Type': 'application/json',
        Authorization: `Bearer your-token`,
      },
    }
  )

:warning: Be careful with this PUT as it replaces the entire bucket policy, and if you already had other domains enabled in the same bucket, they will be deactivated.

I suggest you use this other method to activate the domain (which appends the domain to the actual policy).

curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/r2/buckets/$BUCKET_NAME/domains/custom/$DOMAIN" \
-X PUT \
-H "Content-Type: application/json" \
-H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
-H "X-Auth-Key: $CLOUDFLARE_API_KEY" \
--data '{"enabled": true }'