Using Cloudflare Tunnel and Access with Postgres

The text discusses how Cloudflare transitioned from using traditional SSH access to internal database clusters via a bastion host, to utilizing Cloudflare Tunnels and Access for improved user experience and onboarding times related to database access. This change was prompted by the overhead and limitations of maintaining SSH configurations. The new solution involves deploying Cloudflare Tunnel on an internal Kubernetes cluster and implementing Cloudflare Access with identity-driven Zero Trust policies, ensuring only authorized users can connect to the databases. This approach also allows for better delineation of access between staging and production environments. The text concludes by highlighting the benefits of this solution, including enhanced security posture, improved user experience, and valuable feedback provided to the Access and Tunnel teams within Cloudflare.