IT OPS

Multi-Zone Cloudflare WAF Drift Snapshot → R2 Archive + Slack Digest

Sweeps every Cloudflare zone in the account, snapshots each zone's WAF rules to R2 for an immutable history, diffs against the prior snapshot.

CategoryIT Ops

Enginesim

Difficultyintermediate

Triggerschedule

Steps5

Setup~15 min

How it runs

The automated pipeline, trigger to output.

TriggerMorning schedule starts multi-zone sweep
ActionEnumerate zones and pull WAF rulesCloudflare
ActionWrite timestamped snapshot to R2Cloudflare R2
LogicDiff today's snapshot against prior R2 snapshot
OutputPost consolidated drift digest to SlackSlack

What it does

Builds a tamper-evident change history of your WAF posture across all zones. Each run snapshots current rules to object storage, compares them to the previous snapshot, and rolls up everything that changed into one daily Slack digest instead of per-zone noise.

When to use it

Use this when you operate many Cloudflare zones and need both an audit trail ("what did the WAF look like on June 1?") and a single morning summary of overnight drift across the whole estate.

How it works

1A morning schedule starts the sweep.
2The Cloudflare action enumerates all zones and pulls WAF rules for each.
3An R2 action writes today's snapshot as a timestamped object per zone.
4A logic step loads the most recent prior snapshot from R2 and diffs zone by zone.
5Diffs are aggregated into a single digest grouped by zone.
6A Slack output posts the consolidated digest, linking each zone's snapshot in R2.

Set it up

What you configure once, before turning it on.

1
Connect CloudflareWorkers, Pages, R2, KV — the edge stack.
2
Connect Cloudflare R2Object storage, S3-compatible.
3
Connect SlackChannels, DMs, threads, mentions.
4
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
5
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
6
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More IT Ops workflows

Outlook Room Conflict Resolver with Approval Gate in Teams

When an Outlook room clashes, proposes a rebooking and asks the bumped meeting's organizer to approve the move in Microsoft Teams before any change is made.

Outlook Room Double-Booking Resolver with Auto-Rebook

Detects when two meetings claim the same Outlook room resource and automatically relocates the lower-priority meeting to a comparable free room.

Self-Service Reclaim Email for Idle Users

Detects users idle in a SaaS app past the threshold and emails each one a keep-or-release link; unanswered seats after the deadline are auto-flagged for removal.

Reconcile SSO logins against expense spend to find unmanaged tools

Joins SSO usage data with expense/payment records in Snowflake to surface tools that are being used but not paid for, or paid for but never logged.

Indoor Air Quality Breach to Tenant Notice and Work Order

Listens for CO2, VOC, or humidity sensor alerts via webhook, and when a zone exceeds occupant-safety limits it emails affected tenants, opens a Monday remediation task.

Daily Building Anomaly Digest to MS Teams

Each morning queries BigQuery for the prior day's flagged sensor anomalies, summarizes them by site and system into a ranked briefing.

Browse all IT Ops →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

Software

Agent Hive runs Agent Hive

The team that built Agent Hive, exactly as it runs today.

Marketing

Content Marketing Agency

SEO, blogs, social, and reporting on autopilot.

E-commerce

E-commerce Operator

Listings, support, inventory, and ads — running 24/7.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →