IAM & least privilege

Cloudflare console access, API tokens, and deployment credentials.

Internal operational discipline — not an audited SOC report.

Practices

A detailed IAM review checklist is available through procurement for qualified security reviews.