PermissionGroups
Lists all permission groups available for a Cloudflare account and returns a typed map of permission names to their IDs. Used when creating API tokens for Cloudflare services like R2.
Minimal Example
Get all permission groups including those for R2:
ts
import { PermissionGroups } from "alchemy/cloudflare";
const permissions = await PermissionGroups("cloudflare-permissions");
Create API Token with Permissions
Use with AccountApiToken to create a token with proper permissions:
ts
import { PermissionGroups, AccountApiToken } from "alchemy/cloudflare";
const permissions = await PermissionGroups("cloudflare-permissions");
const token = await AccountApiToken("r2-token", {
name: "R2 Read-Only Token",
policies: [
{
effect: "allow",
resources: {
"com.cloudflare.edge.r2.bucket.abc123_default_my-bucket": "*",
},
permissionGroups: [
{
id: permissions["Workers R2 Storage Bucket Item Read"].id,
},
],
},
],
});