Guide to Setting Up Cloudflare R2
Prerequisites Understanding
Before we begin, it’s important to understand that:
- Cloudflare R2 is an S3-compatible object storage service
- There’s a generous free tier (10GB storage, 1M Class A operations, 10M Class B operations)
- No egress fees (this is a major advantage over AWS S3)
Step 1: Account Setup
- First, you’ll need a Cloudflare account
- Go to https://dash.cloudflare.com/sign-up
- If you already have an account, simply log in
- Verify your email address if you’re creating a new account
Step 2: Enable R2
- Log into Cloudflare dashboard
- Look for “R2” in the left sidebar
- If you don’t see it, click “Workers & Pages”
- Then look for “R2” under the storage section
- Click on “R2”
- You might need to set up billing even for free tier
- Add a credit card (won’t be charged within free tier limits)
- Choose a payment method
Step 3: Create Your First Bucket
- In the R2 dashboard:
- Click “Create bucket”
- Choose a unique bucket name (this will be part of your URL)
- Names must be:
- Lowercase letters
- Numbers
- Hyphens
- Between 3-63 characters
- Select your preferred settings:
- Location (usually “Automatic” is fine)
- Early Expiration settings (optional)
- Click “Create bucket”
Step 4: Getting Your Credentials
This is the crucial part where you get your Access Key, Secret, and Endpoint.
-
Navigate to R2 Settings:
- From the R2 Overview page
- Click the ”{} API” button in the top right
- Click “Manage API tokens” from the dropdown menu
-
Create an API Token:
- Click “Create API Token”
- Give it a descriptive name
- Choose permissions:
- For full access: “Admin Read & Write”
- For limited access: Choose specific permissions
-
Important Credentials to Note:
- Access Key ID (appears like: XXXXXXXXXXXXX)
- Secret Access Key (appears like: XXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
- Account ID (found in the URL when you’re in the Cloudflare dashboard)
- Endpoint URL format: https://<account_id>.r2.cloudflarestorage.com
Step 5: Endpoint Construction
Your R2 endpoint will be constructed as follows:
- Public endpoint:
https://<account_id>.r2.cloudflarestorage.com
- Your Account ID can be found in your Cloudflare dashboard URL
- Make note of your bucket name as you’ll need it for configurations
Important Security Considerations
- Never share or expose your Secret Access Key
- Store credentials securely (use environment variables)
- Consider using IP restrictions on your API tokens
- Implement proper bucket policies if needed
Usage Limits to Keep in Mind
- Free tier includes:
- 10GB storage
- 1 million Class A operations (PUT, POST, DELETE)
- 10 million Class B operations (GET, HEAD)
- No egress fees
Verification Steps
After setting everything up, you should have:
- Access Key ID
- Secret Access Key
- Bucket name
- Endpoint URL
- Account ID
To verify your setup is working:
- Test your credentials using the AWS CLI (R2 is S3-compatible)
- Try uploading a test file
- Verify you can access the uploaded file
Common Issues and Troubleshooting
-
If endpoints don’t work:
- Double-check your Account ID
- Verify the endpoint URL format
-
If uploads fail:
- Verify API token permissions
- Check bucket name spelling
- Confirm credentials are correct
-
If access is denied:
- Verify token permissions
- Check IP restrictions if set
- Confirm bucket policies
This setup process provides you with everything needed to start using R2 in your applications. Remember to keep your credentials secure and never commit them directly to your code repository. Use environment variables or secure secrets management systems instead.