You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This tutorial explains how to use [Cloudflare AI Gateway](/ai-gateway/) and Zero Trust to create a functional and secure AI agent wrapper. Cloudflare Zero Trust administrators can protect access to the wrapper with [Cloudflare Access](/cloudflare-one/policies/access/). Additionally, you can enforce [Gateway policies](/cloudflare-one/policies/gateway/) to control how your users interact with AI agents, including executing AI agents in an isolated browser with [Browser Isolation](/cloudflare-one/policies/browser-isolation/), enforcing [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention/) profiles to prevent sensitive data exfiltration, and scanning content to avoid answers from AI agents that violate internal corporate guidelines. Creating an AI agent wrapper is also an effective way to enforce tenant control if you have an enterprise plan of a specific AI provider, such as ChatGPT Enterprise.
10
+
This tutorial explains how to use [Cloudflare AI Gateway](/ai-gateway/) and Zero Trust to create a functional and secure website wrapper for an AI agent. Cloudflare Zero Trust administrators can protect access to the wrapper with [Cloudflare Access](/cloudflare-one/policies/access/). Additionally, you can enforce [Gateway policies](/cloudflare-one/policies/gateway/) to control how your users interact with AI agents, including executing AI agents in an isolated browser with [Browser Isolation](/cloudflare-one/policies/browser-isolation/), enforcing [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention/) profiles to prevent your users from sharing sensitive data, and scanning content to avoid answers from AI agents that violate internal corporate guidelines. Creating an AI agent wrapper is also an effective way to enforce tenant control if you have an enterprise plan for a specific AI provider, such as ChatGPT Enterprise.
11
11
12
12
This tutorial uses ChatGPT as an example AI agent.
13
13
14
14
## Before you begin
15
15
16
16
Make sure you have:
17
17
18
+
- A [Cloudflare Zero Trust organization](/cloudflare-one/setup/).
18
19
- An API key for your desired AI provider, such as an [OpenAI API key](https://platform.openai.com/api-keys) for ChatGPT.
19
20
20
21
## 1. Create an AI gateway
21
22
22
-
First, create an AI gateway to control an AI app.
23
+
First, create an AI gateway to control your AI app.
23
24
24
-
1. Log into the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
25
+
1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
25
26
2. Go to **AI** > **AI Gateway**.
26
27
3. Select **Create Gateway**.
27
28
4. Name your gateway.
@@ -430,7 +431,7 @@ Now that you have full control over access to your AI agent wrapper, you can enf
430
431
431
432
### Apply Data Loss Prevention profiles
432
433
433
-
You can use [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention/) to prevent your users from sending sensitive data to the AI agent.
434
+
You can use [Data Loss Prevention (DLP)](/cloudflare-one/policies/data-loss-prevention/) to prevent your users from sending sensitive data to the AI agent.
434
435
435
436
1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **DLP** > **DLP profiles**.
436
437
2. Ensure that the [DLP profiles](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/) you want to enforce are properly configured.
@@ -443,6 +444,8 @@ You can use [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention
443
444
444
445
4. Select **Create policy**.
445
446
447
+
For more information on creating DLP policies, refer to [Scan HTTP traffic](/cloudflare-one/policies/data-loss-prevention/dlp-policies/).
448
+
446
449
### Execute in a clientless isolated browser
447
450
448
451
Because you published your wrapper as a self-hosted Access application, you can execute it in an [isolated session](/cloudflare-one/policies/browser-isolation/setup/clientless-browser-isolation/) for your users by creating an [Access policy](/cloudflare-one/policies/access/) and configuring it for your application.
0 commit comments