Cloudflare R2

Provides S3-compatible object storage with zero egress fees, integrating natively with Cloudflare Workers and supporting standard AWS S3 SDKs pointed at a custom endpoint.

Evaluated Mar 06, 2026 (0d ago) vcurrent

Homepage ↗ Other cloudflare s3-compatible object-storage zero-egress storage

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

100

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Data encrypted at rest with AES-256; S3-compatible HMAC signing for request auth; bucket policies and public access controls available

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You want S3-compatible object storage with no egress fees and your compute already runs on Cloudflare Workers or needs global CDN delivery.

Avoid When

Your pipeline depends on advanced S3 lifecycle management, S3 Event Notifications, or specific AWS-only storage classes not replicated in R2.

Use Cases

• Store large agent artifacts (model outputs, reports, generated files) without incurring egress costs when serving them globally via Cloudflare CDN
• Use as a drop-in S3 replacement in agent pipelines to eliminate data transfer costs between compute and storage layers
• Stage intermediate pipeline data (e.g., scraped content, transformed datasets) between agent processing steps
• Serve agent-generated static assets or cached API responses directly from R2 through a Workers-fronted public bucket
• Archive structured logs or audit trails from agent runs for compliance or debugging retrieval

Not For

• Workloads requiring S3 features like Object Lock, Lifecycle policies with complex rules, or Requester Pays — R2 support is partial
• Real-time streaming or append-heavy workloads where many small sequential writes are made to the same object
• Applications that rely on S3 Event Notifications to trigger downstream processing — R2 uses Workers triggers instead

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

SDK

Yes

Webhooks

Authentication

Methods: api_key worker_binding s3_access_key

OAuth: No Scopes: Yes

R2 API tokens generate an Access Key ID and Secret Access Key for S3-compatible auth; Workers binding requires no credentials in code; endpoint format: https://<account_id>.r2.cloudflarestorage.com

Pricing

Model: freemium

Free tier: Yes

Requires CC: Yes

Credit card required to enable paid usage; egress is always free regardless of tier — major differentiator from AWS S3

Agent Metadata

Pagination

cursor

Idempotent

Full

Retry Guidance

Documented

Known Gotchas

⚠ S3 SDK must point to the R2 endpoint (https://<account_id>.r2.cloudflarestorage.com) — forgetting this causes silent routing to AWS S3
⚠ R2 does not support S3 Object Lock or WORM — agents assuming immutability guarantees will need application-level enforcement
⚠ Public bucket access requires explicit configuration; newly created buckets are private by default with no public URL generated automatically
⚠ ListObjectsV2 returns at most 1000 keys per page — agents iterating large buckets must implement pagination correctly
⚠ CORS configuration is required for browser-based agent UIs that access R2 directly; misconfigured CORS silently blocks uploads from frontend

Alternatives

aws-s3 google-cloud-storage backblaze-b2 storj-api filebase-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Cloudflare R2.

$99

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.