Go back

Migrating to Cloudflare Pages: One Prompt, Zero Manual Work

Updated
10 min read
Listen to this article
AI

We migrated website infrastructure from Amazon Route53 + GitHub Pages to Cloudflare in 2 hours, during business hours. This included hosting, DNS, and CI/CD. Zero downtime. Zero manual commands.

The entire migration: One prompt. Then review and approve AI-proposed changes.

Why this matters for executives: DNS migrations traditionally require specialized DevOps knowledge, extended maintenance windows, and carry significant risk. A single misconfigured record can break email, take down services, or disrupt business operations for hours. This approach eliminates that risk through programmatic validation and automation.

The only manual step: Creating a Cloudflare API token.

Table of contents

Contents

The Starting Point

Infrastructure:

Critical services:

The Goal

Migrate everything to Cloudflare:

Why This Matters for Your Business

The Traditional Challenge

DNS migrations can be done with zero downtime, but they require extensive planning and careful execution. One misconfigured MX record means email down for hours, and human error causes 66-80% of outages (Uptime Institute, 2025). Imagine missing customer orders, support tickets, or sales inquiries during your peak season.

The Difference with AI Assistance

Same zero-downtime outcome, but with programmatic validation instead of manual checklists. Business hours execution becomes feasible because pre-validation eliminates guesswork. Teams without specialized DevOps expertise can execute complex migrations confidently.

Strategic Value

Infrastructure changes shift from high-stress, weekend events to business-hours execution with automated validation. Experienced engineers still evaluate proposals, but with dramatically reduced risk and time investment. Preview deployments enable stakeholder review before release.

The transformation: From possible-but-stressful to routine-and-confident.

The Starting Prompt

What we told Goose (open-source AI assistant powered by Claude Sonnet 4.5):

I want to migrate from GitHub Pages to Cloudflare Pages. The domain clouatre.ca is registered at Squarespace. I need zero downtime - email and Google Workspace cannot break. Check if DNSSEC is enabled and handle it appropriately. Use a risk-adverse approach.

This prompt started a 5-phase recipe workflow with mandatory approval gates: I reviewed and approved each phase (Analyze → Research → Plan → Implement → Prepare). Not autonomous execution, AI-assisted with human governance at every decision point.

We didn’t need to specify where DNS was hosted (discovered Route53 automatically), how many DNS records existed (found 20+), which records were critical vs obsolete, how to configure Cloudflare Pages, or how to set up GitHub Actions for Cloudflare. The AI handled discovery, analysis, and execution.

Critical: We reviewed every decision. The AI proposed, we approved. The combination of automation + human judgment enabled confidence.

Cloudflare migration workflow diagram showing approval gates and validation steps Figure 1: AI-assisted migration workflow with two human approval gates ensuring governance and confidence

What Got Automated

The migration workflow orchestrated five critical phases.

Discovery and Cleanup

Claude analyzed 20+ Route53 records and separated signal from noise: 15 critical records (email, Google Workspace, SSL validation) and 5 obsolete entries (old servers, expired validations). DNSSEC verification came back negative, confirming no migration blocker.

Pre-Migration Validation

Records were exported from Route53 and imported to Cloudflare via APIs, then tested against Cloudflare nameservers before switching. This included verifying email servers (MX priorities), SPF, DKIM, DMARC (exact TXT values), CNAMEs (Google Workspace), and comparing TTL values between source and target. The validation report confirmed 100% match.

# Verify records match before switching nameservers
dig @nameserver1.cloudflare.com clouatre.ca MX +short
# Output: 1 aspmx.l.google.com. (matches Route53)
diff <(aws route53 list-resource-record-sets) <(curl cloudflare-api)
# Output: (empty = 100% match, zero risk)scripts/validate-cloudflare-dns.sh

Code Snippet 1: Pre-validation against Cloudflare nameservers before switching (zero output from diff = zero risk)

CI/CD Reconfiguration

GitHub Actions were updated to deploy to Cloudflare Pages via wrangler (Cloudflare’s CLI), with base URL fixes (GitHub’s /repo/ path to root /) and a preview deployment workflow with 7-day auto-cleanup. Result: 38-second deploys, down from 5-8 minutes.

# Cloudflare Pages deployment (38-second deploys)
- name: Deploy to Cloudflare Pages
  uses: cloudflare/wrangler-action@v3
  with:
    apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
    accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
    command: pages deploy dist --project-name=clouatre-ca.github/workflows/deploy.yml

Code Snippet 2: GitHub Actions deployment to Cloudflare Pages (replaced GitHub Pages action for 88% faster deploys)

Governance Trail

The assistant created PRs with migration context, rationale, and rollback procedures. Every change was reviewable before production, creating an audit trail for compliance.

Preview Infrastructure

Every branch gets a preview URL automatically. Stakeholders can review before merge, and the system handles auto-cleanup with zero maintenance.

The Only Manual Step

Creating a Cloudflare API token (2 minutes):

  1. Cloudflare dashboard → API Tokens
  2. Create token with Pages permissions
  3. Store in GitHub secrets

Everything else: automated.

BEFORE: Fragmented Infrastructure

Before migration infrastructure

AFTER: Unified Platform

After migration infrastructure

Figure 2: Infrastructure transformation - from fragmented AWS/GitHub setup to unified Cloudflare platform

Results

Traditional manual DNS migrations typically require 4-6 hours of focused work and weekend execution windows to minimize business risk: planning, exporting records, importing, testing, monitoring propagation. The stakes are high. Downtime costs Global 2000 companies $400B annually (Splunk/Oxford Economics, 2024).

MetricBeforeAfterBusiness Impact
DNS Resolution20-30ms10-15ms50% faster global access
Deploy Time5-8 min38 sec88% reduction - 10x faster iteration
Platform CostRoute53: $12/yearCloudflare: FreeCost-neutral migration
Preview DeploymentsNonePer PRCatch issues before production
Migration WindowWeekend (risk mitigation)2 hours, business hoursEliminates deployment stress

Table 1: Before and after metrics - Complete migration (DNS + Hosting + CI/CD) completed in 2 hours, zero downtime, zero manual commands

What Business Impact Does AI-Assisted Migration Deliver?

What this approach enables:

Who benefits:

Key Lessons

1. The AI Stack Handles Implementation Details

You still need to understand what you’re migrating, but you don’t need to remember exact API syntax, AWS CLI flags for Route53 operations, Cloudflare API endpoints, DNS record format specifics, or YAML workflow syntax.

Claude discovered our infrastructure (Route53) and analyzed the records. Goose orchestrated the execution with tool access. We provided the goals and constraints, reviewed the approach, and approved changes.

Value: Reduces specialized knowledge requirement, eliminates manual typos, compresses migration timeline from 4-6 hours to 2 hours. McKinsey research shows developers complete tasks up to 2x faster with AI assistance (2023).

2. Pre-Validation Eliminates Risk

All DNS records were tested against Cloudflare’s nameservers before switching. This included email servers, Google Workspace records, and SSL validation. The process queried Cloudflare nameservers for each record type, verified all 5 MX records, verified TXT records (SPF, DKIM, DMARC), verified CNAME records (Google Workspace services), and generated a validation report.

Business outcome: We knew email, Google Workspace, and website would work before changing nameservers. Zero guessing.

3. Automate Record Migration

20+ DNS records, each with specific formats, priorities, TTLs. Manual copying guarantees typos. APIs provided accuracy: export from Route53 (AWS CLI), import to Cloudflare (API), and programmatic comparison to verify all matched.

Result: Zero typos. Zero manual record editing.

4. Preview Deployments Change Everything

Preview deployments reduce deployment anxiety, catch issues early, enable stakeholder review, and enable faster iteration. For technical leaders, preview deployments shift risk from production to staging, enabling confident releases.

5. The Paradigm Shift: From Careful Planning to Confident Execution

Traditional DNS migrations rely on weekend deployment windows (lower risk, higher stress), manual command execution (careful, but one typo equals disaster), sequential testing after switching (discover errors in production), specialized knowledge (dig syntax, DNS formats, cloud CLIs), and extensive planning with checklists (mitigates risk but time-intensive).

AI-assisted migrations enable business hours execution (confidence through pre-validation), programmatic execution (eliminates manual typos), pre-validated testing (know it works before switching), offloaded domain expertise (AI handles implementation syntax), and less planning overhead (validation happens automatically).

The transformation: From “plan exhaustively and execute carefully” to “validate programmatically and execute confidently.”

We knew every record worked before switching. No deployment anxiety, no weekend stress, no contingency planning. Just confidence through programmatic validation.

When Does This Approach Apply?

This approach works best for infrastructure migrations (DNS, hosting, CI/CD platforms) where teams lack specialized DevOps resources but need zero-downtime execution and audit trails. Requirements include AI assistant with CLI/API access (Goose or similar), API access to source and target platforms, clear migration constraints, and human review processes.

The trade-offs: reviewing AI decisions takes time, complex migrations may need human judgment on priorities, and initial setup requires configuring API tokens. Not suitable for instant-execution scenarios, environments prohibiting API access, or situations where teams lack domain knowledge to evaluate AI proposals.

What Is the ROI of AI-Assisted Infrastructure Migration?

Time savings compound quickly. Deployment speed improved 88% (5-8min to 38sec), saving ~7 minutes per deploy. At 5 deploys per day, that’s 35 minutes daily or 213 hours yearly of developer time recovered. Migration execution took 2 hours versus typical 2-3 day weekend projects.

Risk avoidance delivers additional value. Zero-downtime migrations eliminate revenue loss windows. Pre-validation prevents email outages (typical cost: hours of missed customer communications). Preview deployments catch production issues before customer impact.

Platform economics favor Cloudflare. The free tier (500 builds/month, unlimited bandwidth) serves most businesses. High-traffic sites may need paid plans ($20-$200/month), but deployment speed gains alone justify the cost through developer productivity.

The real ROI: Developer time back for feature work, not infrastructure babysitting.

References

About Hugues Clouâtre

AI and platform engineering insights from an AWS veteran and technology executive. Practical guides for CTOs and engineering leaders.

Hugues Clouâtre - AI & Platform Engineering on GitHub Hugues Clouâtre - AI & Platform Engineering on LinkedIn Hugues Clouâtre - AI & Platform Engineering on the Fediverse Hugues Clouâtre - AI & Platform Engineering RSS Feed
Next Post
AI-Assisted Development: From Implementation to Judgment

Related Posts