Cloudflare Governance & Remediation Platform

Tue, 05 May 2026 00:00:00 +0000

Cloud automation project for auditing Cloudflare domain security posture and managing repeatable governance workflows through code.

The system combines Python, Terraform, GitHub Actions, and the Cloudflare API to check configuration state, validate policy expectations, and optionally remediate drift. The work emphasizes Infrastructure as Code, scheduled audits, secure secret handling, automated validation, and repository governance patterns that support reliable cloud operations.

View GitHub Repository

Python Terraform GitHub Actions Cloudflare API Infrastructure as Code DevSecOps Secret Management Scheduled Audits

Current focus areas:

Cloudflare security posture audits using Python and the Cloudflare API
Terraform workflows for repeatable Infrastructure as Code validation
GitHub Actions pipelines for scheduled audits and CI checks
Secure secret handling for automation workflows
Optional remediation workflows for configuration drift correction
DevSecOps practices including Dependabot, CodeQL, branch protection, linting, and test checks

Design notes:

Audit workflows run automatically, while remediation remains intentionally gated.
Terraform and Python separate declarative infrastructure validation from API-driven audit logic.
Secrets and real configuration inputs stay out of mock validation paths.
CodeQL, Dependabot, Gitleaks, and branch protection support repository governance and operational reliability.

Cloudflare API |

Cloudflare Governance & Remediation Platform