DataStrict
Integrations

Integrations

Cloudflare

Put enforcement at the edge - govern Workers AI and AI Gateway traffic before it reaches a model.

Overview

DataStrict can enforce at the edge. Deploy it in front of your AI endpoints so Workers AI and AI Gateway traffic is governed at the network layer, before a request reaches a model.

It is a natural fit where you already terminate and route traffic through Cloudflare.

How it works

Cloudflare routes model-bound requests to the DataStrict gateway, which adjudicates each one against policy and forwards, redacts, or blocks it. Decisions are recorded to the Ledger. Because enforcement happens in-path at the edge, application services stay thin.

Connect

Send your AI Gateway or Workers AI traffic through the DataStrict endpoint and attach policy. No change to the calling code beyond the route.

# datastrict.yaml
gateway:
  mode: edge
  upstream: https://gateway.ai.cloudflare.com/v1/...
  ledger: postgres://ledger.internal:5432/datastrict

What you can enforce

  • Workers AI and AI Gateway traffic evaluated against policy at the edge.
  • PII and secrets redacted before a prompt reaches the model.
  • Deny-by-default tool and agent permissions enforced in-path.
  • A tamper-evident record of every edge decision.

Was this page helpful?