Blue Ridge Cloudflare operations

Steady infrastructure. Measured change.

A focused operations console for reviewing workflow status, launching guarded Terraform actions, and keeping Cloudflare management boundaries visible.

Plan first
Small batches
Guarded apply
Documented scope
Workflow controls

Use the right action for the right moment.

These controls open the private GitHub workflow pages. Sign-in may be required.

01

Terraform Plan

Preview current state and proposed changes. This is the safest first stop and does not apply anything.

Open Plan
02

Terraform Apply

Run only after a known repo change or clean review. The workflow stops before applying if drift appears.

Open Apply
03

Access Inventory

Refresh the live Access report after controlled changes so the repository map stays current.

Open Actions
Managed scope

Cleanly managed, deliberately limited.

The public console describes broad custody categories only. The detailed source of truth stays inside the private repository and workflow artifacts.

A

Managed application records

  • Protected application records and support shell records.
  • Bookmark and launcher records used by the control plane.
  • SaaS and WARP shells managed at the safe outer layer.
P

Managed policy records

  • Known-good allow policies already imported and verified.
  • Service-auth policy records where the shape is stable.
  • No experimental policy shapes in the guarded apply path.
Manual boundaries

Complex pieces stay intentional.

Some areas remain manual until they have a dedicated, tested workflow shape.

M

Manual for now

  • Specialty Access application types.
  • Reusable email allow-list policies.
  • SaaS certificate and identity-provider internals.
  • Any selector shape that has not passed a clean batch test.
R

Retired and cleared

  • Obsolete private Access application tests removed.
  • One-time cleanup helpers removed after verification.
  • Failed experimental state cleaned without deleting live objects.
Operating rule

Green continues. Red pauses.

Green means the current guardrails are intact. Red means stop, review the plan or log, and fix the smallest failing slice.

Green Plan

The preview workflow is healthy. Review warnings before running Apply.

Green Apply

The managed configuration and remote state are clean. Proceed to the next small batch.

!

Red Apply

The safety brake worked. Review the log, rollback the failing slice, then verify green before moving on.