Query Cloudflare
Query Cloudflare accounts, zones, and DNS with cnquery
Rely on cnquery to query and inventory your Cloudflare resources, including accounts, zones, DNS records, and workers.
Requirements
To analyze your Cloudflare environment with cnquery, you must have:
- cnquery installed on your workstation.
- A Cloudflare account with API access.
- A Cloudflare API token with appropriate permissions.
Configure access to Cloudflare
To create an API token:
- Log in to the Cloudflare dashboard.
- Navigate to My Profile > API Tokens.
- Select Create Token.
- Configure the token with the permissions you need.
- Copy the generated token.
Connect to Cloudflare
To query your Cloudflare account:
cnquery shell cloudflare --token YOUR_API_TOKENYou can also set the CLOUDFLARE_API_TOKEN environment variable to omit the --token flag:
export CLOUDFLARE_API_TOKEN=your_token_here
cnquery shell cloudflareExample queries
This query retrieves all accounts:
cnquery> cloudflare.accounts
cloudflare.accounts: [
0: cloudflare.account name="My Account"
...
]This query retrieves all zones:
cnquery> cloudflare.zones
cloudflare.zones: [
0: cloudflare.zone name="example.com"
1: cloudflare.zone name="mysite.io"
...
]This query retrieves DNS records for a specific zone:
cnquery> cloudflare.zones[0].dnsRecords
cloudflare.zones[0].dnsRecords: [
0: cloudflare.dnsRecord type="A" name="www"
1: cloudflare.dnsRecord type="CNAME" name="blog"
...
]This query lists all zones with their security settings:
cnquery> cloudflare.zones { name securityLevel ssl }Exit the cnquery shell
To exit the cnquery shell, either press Ctrl + D or type exit.
Learn more
-
To learn more about how the MQL query language works, read Write Effective MQL.
-
For a list of all the Cloudflare resources and fields you can query, read the Cloudflare Resource Pack Reference.