Overview:
Cloudflare by default manages DDoS protection for domains enrolled in it. We use the default sensitivity for all the rules but have a prepared terraform if in the future we want to manage sensitivity by ourselves.
Implementation:
The necessary API token is located in the Vault
The terraform for this can be found here, it’s commented out since we aren’t using it yet.
Useful Links:
Cloudflare documentation about implementing DDoS rules via terraform can be found here