Matthieu’s Tech Blog

How Cloudflare helps you democratize AI access for your teams, developers, and applications — without losing visibility, security, or your budget. TL;DR — In part one of this series, I covered the AI traffic hitting your infrastructure from the outside — crawlers, training bots, the broken value exchange between content creators and AI platforms. This post is the mirror image: the AI your organization reaches out to, every day, across every team — and why that consumption is far less controlled than most organizations realize. Shadow AI usage, fragmented provider accounts, API keys scattered across codebases, and no centralized data governance are the norm, not the exception. The real challenge isn’t getting your teams to use AI — they already are. It’s building the infrastructure layer that makes that adoption sustainable, secure, and cost-controlled. Cloudflare’s AI Gateway, combined with the broader Cloudflare developer platform, is that layer. Not because of what it says on a product page, but because of what I see in the field. ...

Disclaimer: This post reflects my own synthesis and perspective on publicly available Cloudflare research and announcements — it does not represent an official Cloudflare position. TL;DR — AI crawlers now represent a structural threat to how the web creates and distributes value. They consume content at massive scale, send little traffic back, and are quietly degrading CDN performance for real users. This post covers how Cloudflare is responding — not just with bot controls, but with a coherent platform: cryptographic bot identity (co-authored as an IETF standard), content monetization via Pay Per Crawl, token-efficient delivery for agents, a pub/sub AI Index to replace blind crawling, AI-aware cache architecture, and a secure execution layer for agentic code. Each piece reinforces the others. Together they represent Cloudflare’s answer to the question: what should the AI-era internet actually look like? ...

Disclaimer: This article reflects my personal views and experiences and does not represent the official stance of Cloudflare. It is not an official Cloudflare tutorial or documentation. The project discussed is a personal initiative created independently. The Moment I Realized Simple Wasn’t Enough “It works perfectly!” I remember telling myself three months ago, watching Claude query my Cisco Meraki network in real-time. The AI assistant could check device status, monitor client connections, and even troubleshoot network issues—all through a simple API key I’d hardcoded into my Cloudflare Worker. ...

Introduction Over the past two posts (Building a Scalable Zero Trust Demo environment with Cloudflare and Terraform (Part 1) and Automating Cloudflare Zero Trust at Scale: Terraform, Multi-Cloud, and Identity (Part 2) ), we’ve explored the foundations of building a scalable Zero Trust demo environment and how to automate its deployment with Cloudflare and Terraform. In Part 1, we laid the groundwork by designing a robust, modular Zero Trust architecture. Part 2 took things further, demonstrating how to streamline and scale this setup using Infrastructure as Code principles. Now, in part 3 (final part), we will explore advanced use cases you can demonstrate with this environment. ...

Introduction In Part 1 , we demonstrated how Terraform can streamline reproducible security configurations. In this follow-up, I’ll show how to extend those principles across AWS, Azure, and GCP using Cloudflare Zero Trust. You’ll see how the project’s modular structure, automation, and dynamic routing reduce manual security tasks by up to 80%—based on my own benchmarks. What’s new since Part 1: Custom subnets and improved network segmentation Automated device profiles and dynamic WARP routing Expanded multi-cloud support with updated diagrams Terraform code is now 4100+ lines of code, 87 files and 21 directories (even if the quantity does not mean quality!) with 143 resources Let’s dive into the updated architecture and key modules powering this environment. ...

Disclaimer: This article reflects my personal views and experiences and does not represent the official stance of Cloudflare. It is not an official Cloudflare tutorial or documentation. The project discussed is a personal initiative created independently. Introduction As a Solutions Engineer at Cloudflare, I frequently work with customers exploring Zero Trust security solutions. While Cloudflare offers a 50-user free tier perfect for initial testing, I identified a gap: there was no simple, scalable way to quickly demonstrate the full power of Cloudflare’s Zero Trust platform in a controlled demo environment. ...

Welcome! 👋 I’m excited to announce the launch of my new blog! After years of sharing technical content on LinkedIn and GitHub, I decided it was time to have a dedicated space for more in-depth articles, tutorials, and insights. Why a New Blog? As a Senior Sales Engineer working with cutting-edge cloud and security technologies, I’ve accumulated a wealth of knowledge that I want to share with the broader community. While LinkedIn posts are great for quick insights, a blog allows me to: ...