Cloudflare R2 Setup

Set up and configure Cloudflare R2 object storage with S3-compatible API, bucket configuration, CORS, and authentication.

What This Skill Does

Cloudflare R2 is S3-compatible object storage with zero egress bandwidth fees. This skill helps you:

Create and configure R2 buckets with location hints

Set up S3-compatible authentication and API access

Configure CORS policies for web applications

Create public buckets or bucket-scoped access tokens

Integrate R2 with Workers, Terraform, or S3 SDKs

Use Cases

Storage for cloud-native applications

Web content and static asset hosting

Podcast episode storage

Data lakes for analytics and big data

ML model artifacts and datasets

Multi-cloud storage without egress fees

Instructions

1. Gather Requirements

Ask the user about their R2 setup needs:

Bucket name and primary access location (for Location Hints)

Access pattern: public bucket, Workers API, or S3 API

CORS requirements (if accessing from browser)

Authentication method: API tokens, bucket-scoped tokens, or Workers bindings

2. Create R2 Bucket

**Via Cloudflare Dashboard:**

Navigate to R2 in Cloudflare dashboard

Create bucket with optional Location Hint for optimal performance

Note the bucket name and account ID

**Via Wrangler CLI:**

```bash

npx wrangler r2 bucket create <BUCKET_NAME> --location-hint <LOCATION>

```

Location hints: `wnam` (Western North America), `enam` (Eastern North America), `weur` (Western Europe), `eeur` (Eastern Europe), `apac` (Asia-Pacific)

3. Configure Access Method

**Option A: S3 API Access**

Generate R2 API token:

Go to R2 > Manage R2 API Tokens

Create API token with appropriate permissions

Save Access Key ID and Secret Access Key

Set environment variables:

```bash

R2_ACCOUNT_ID=<your-account-id>

R2_ACCESS_KEY_ID=<your-access-key>

R2_SECRET_ACCESS_KEY=<your-secret-key>

R2_BUCKET_NAME=<your-bucket-name>

```

S3 endpoint format: `https://<ACCOUNT_ID>.r2.cloudflarestorage.com`

**Option B: Workers API**

Add R2 binding to `wrangler.toml`:

```toml

[[r2_buckets]]

binding = "MY_BUCKET"

bucket_name = "my-bucket"

```

**Option C: Public Bucket**

Enable public access via dashboard or API to expose bucket contents directly via HTTPS.

4. Configure CORS (If Needed)

If accessing R2 from browser, configure CORS policy:

```json

[

{

"AllowedOrigins": ["https://example.com"],

"AllowedMethods": ["GET", "PUT", "POST", "DELETE"],

"AllowedHeaders": ["*"],

"ExposeHeaders": ["ETag"],

"MaxAgeSeconds": 3600

}

]

```

Apply via Wrangler:

```bash

npx wrangler r2 bucket cors put <BUCKET_NAME> --rules '<CORS_JSON>'

```

5. Implement Integration Code

**Node.js (AWS SDK v3):**

```javascript

import { S3Client, PutObjectCommand } from "@aws-sdk/client-s3";

const s3 = new S3Client({

region: "auto",

endpoint: `https://${process.env.R2_ACCOUNT_ID}.r2.cloudflarestorage.com`,

credentials: {

accessKeyId: process.env.R2_ACCESS_KEY_ID,

secretAccessKey: process.env.R2_SECRET_ACCESS_KEY,

});

await s3.send(new PutObjectCommand({

Bucket: process.env.R2_BUCKET_NAME,

Key: "path/to/file.jpg",

Body: fileBuffer,

}));

```

**Python (boto3):**

```python

import boto3

s3 = boto3.client(

"s3",

endpoint_url=f"https://{os.getenv('R2_ACCOUNT_ID')}.r2.cloudflarestorage.com",

aws_access_key_id=os.getenv("R2_ACCESS_KEY_ID"),

aws_secret_access_key=os.getenv("R2_SECRET_ACCESS_KEY"),

)

s3.upload_file("local-file.jpg", os.getenv("R2_BUCKET_NAME"), "path/to/file.jpg")

```

**Cloudflare Workers:**

```javascript

export default {

async fetch(request, env) {

const object = await env.MY_BUCKET.get("path/to/file.jpg");

return new Response(object.body);

};

```

6. Configure Custom Domain (Optional)

For public buckets or custom domains:

Add CNAME record pointing to R2 bucket

Enable custom domain in R2 bucket settings

Cloudflare proxies traffic for SSL and CDN

Example: `avatars.example.com` → CNAME → `<bucket>.r2.cloudflarestorage.com`

7. Set Up Lifecycle Policies (Optional)

Configure object lifecycle rules for automatic deletion or storage class transitions:

Transition to Infrequent Access storage class after N days

Delete objects after expiration period

8. Verify and Test

Test basic operations:

Upload a test file

Download the file via API or public URL

Verify CORS headers if using browser access

Check authentication and permissions

Provide the user with:

Bucket endpoint URL

Example code for their stack

Environment variables to set

Public URL format (if applicable)

Important Notes

**Zero Egress Fees**: R2 has no bandwidth charges for data retrieval

**S3 Compatibility**: Works with standard S3 SDKs and tools (aws-cli, rclone, Terraform)

**Location Hints**: Not strict geo-fencing; data may be stored in other locations for redundancy

**Durability**: Automatic replication across multiple data centers

**Security**: Use bucket-scoped tokens for least-privilege access; never expose API tokens in client code

**Custom Domains**: Proxied through Cloudflare CDN for SSL and caching

**Rate Limits**: Check current R2 limits in Cloudflare docs (requests per second, object size)

Related Resources

Cloudflare R2 Documentation: https://developers.cloudflare.com/r2/

Wrangler CLI: https://developers.cloudflare.com/workers/wrangler/

S3 API Compatibility: https://developers.cloudflare.com/r2/api/s3/api/

Pricing: https://developers.cloudflare.com/r2/pricing/

Cloudflare R2 Setup

Cloudflare R2 Setup

What This Skill Does

Use Cases

Instructions

1. Gather Requirements

2. Create R2 Bucket

3. Configure Access Method

4. Configure CORS (If Needed)

5. Implement Integration Code

6. Configure Custom Domain (Optional)

7. Set Up Lifecycle Policies (Optional)

8. Verify and Test

Important Notes

Related Resources

Reviews (0)