Two forces are colliding: the rapid rise of generative AI and the uncompromising security and compliance expectations of the US public sector. Agencies want to use AI to improve constituent services, analysis, and mission support — but stitching together GPU capacity, inference services, data stores, and audit trails in a compliant way slows delivery.

Cloudflare’s aim is simple: make secure, serverless AI practical for the US public sector at Internet scale. We will do that through two pillars:

Workers AI. Workers AI is our serverless inference platform that runs models on Cloudflare’s global network — close to users and data — without requiring customer teams to manage servers or GPUs. It’s built for speed, scale, and a great developer experience, with performance features that lower latency and keep costs predictable.

FedRAMP at Cloudflare. Cloudflare for Government maintains FedRAMP Moderate authorization today, and our roadmap includes expanding services aligned to FedRAMP High. Security and compliance aren’t bolt-ons for us; they’re how our platform is designed and operated.

Today, we are announcing our intent to bring the entire suite of AI Developer products including Workers AI, AI Gateway, and Vectorize — into our FedRAMP High and Moderate boundaries in 2026.

Why this matters

While we don’t know what the future holds, we want you to imagine the public sector when the power of AI is placed in the hands of America’s dedicated public servants. Here’s what that future could look like with Cloudflare AI products.

For public sector missions

Agencies can finally modernize public-facing services without waiting on bespoke infrastructure.

Imagine an agency trying to reduce wait times for questions regarding benefits.  With Workers AI, inference runs close to users on Cloudflare’s global network, so a benefits assistant can answer questions quickly and consistently while keeping data inside a FedRAMP boundary. Vectorize grounds those answers in the agency’s own guidance — permits, policy memos, eligibility rules — allowing for accurate and explainable responses. AI Gateway adds the operational layer that production services require: caching to control costs during peak traffic, rate limits to protect upstream systems, and detailed logs to show exactly how inputs and outputs were handled.

The same pattern applies to back-office workflows. Freedom of Information Act (FOIA) queues, case file summaries, and daily briefings can move faster than before with a retrieval-augmented generation flow that ingests documents, stores embeddings in Vectorize, retrieves the most relevant context, and calls a Workers AI LLM to synthesize results — all with audit-ready traces from AI Gateway. In the field, translating forms, redacting PII on upload, or classifying imagery can happen in near-real time because inference executes at the edge; if connectivity wobbles, gateway-level controls provide graceful degradation while Vectorize keeps mission knowledge close to the workload. From day one, traffic can be routed in-region, logs can be scoped to the minimum necessary, and the artifacts required for an Authority to Operate (ATO) evidence are available without building a parallel auditing stack.

For developers

Cloudflare’s Workers AI stack removes undifferentiated heavy lifting, so teams can ship sooner and touch less infrastructure.

Workers AI abstracts GPUs, autoscaling, and placement decisions, letting developers focus on prompts, policies, and products. AI Gateway becomes the control plane in front of any model, providing unified analytics, request policies, safety filters, caching, and spend controls — features you usually have to bolt on late in the project. Vectorize offers a native vector database for fast, affordable semantic search that plugs directly into Workers, which means your retrieval layer doesn’t require a separate cluster or custom glue code.

A repeatable blueprint emerges: chunk and embed documents with Workers AI, store vectors and metadata in Vectorize, retrieve the top-k context, and call your chosen LLM on Workers AI — then evolve that deployment over time by swapping models or tuning policies in AI Gateway without a rewrite. Because these services are first-class citizens on Cloudflare’s platform, you can combine them with Secrets, KV, R2, D1, and Queues, adopt canary routes and retries from the gateway and move from prototype to production with minimal code churn and fewer late surprises.

For security & compliance teams

Targeting FedRAMP Moderate and FedRAMP High for Workers AI aligns cutting-edge capabilities with the federal baselines that agencies already trust elsewhere on our platform. Consolidating inference, routing, and vector search can reduce supplier count and narrow the audit surface, which can directly simplify third-party risk reviews.

AI Gateway provides a consistent enforcement and observability layer across models: the same place to define retention windows, restrict egress, set rate policies, enable safety filters, and produce the logs that demonstrate how requests were processed. Vectorize segments mission data by collection and namespace, carries metadata to support access decisions and lifecycle policies, and keeps retrieval behavior predictable even as models change. Combined with the resiliency of edge execution in Workers AI, gateway-level circuit breakers and caching insulate systems against traffic spikes and upstream instability, so citizen-facing services can remain responsive while core systems stay protected. The result is an architecture you can explain to auditors and rely on in production — without trading away velocity.

Imagine: an AI powered FOIA triage and response drafting system

Freedom of Information Act (FOIA) work is hard. Every request is unique — different date ranges, custodians, keywords, and formats — and the source material sprawls across email archives, shared drives, legacy systems, and scanned PDFs. Metadata is inconsistent or missing, duplicates are everywhere, and sensitive information must be redacted precisely. Staff may have to acknowledge each request, scope it, find likely-responsive records, generate a draft reply with citations, apply privacy and law-enforcement exemptions, and keep an auditable trail, all under statutory timelines. What agencies need is a single path that is fast, explainable, and compliant from the first form submission to the final letter.

Here’s how Workers AI, AI Gateway, and Vectorize could work together to deliver that path. A resident seeks, for example: “All emails between January 2019 and December 2021 regarding water quality monitoring from the Office of Environmental Programs.” A Cloudflare Worker acts as the front door, validates the request, applies lightweight PII scrubbing, and hands off orchestration. The agency’s policies, historical responses, custodian lists, and public documents have already been ingested: a background Worker chunked each file, used Workers AI to generate embeddings in batch, and stored vectors plus provenance metadata in Vectorize.  Originals, meanwhile, live in R2 and relational attributes (custodian, retention, sensitivity labels) live in D1. When the new request arrives, the orchestrator embeds the query with Workers AI, executes a nearest-neighbor search against Vectorize to retrieve the most relevant passages, and assembles a bounded context window that reflects current guidance and past decisions.

The Worker then sends a single normalized call through AI Gateway — prompt, parameters, and a digest of the retrieved context — rather than talking to a model endpoint directly. Gateway is the control and observability layer: it enforces rate limits so a traffic spike on one route won’t starve others, caches identical query-context pairs to control token spend during surges, applies safety and redaction policies, and emits structured logs and metrics with consistent trace IDs. AI Gateway invokes the configured model on Workers AI, which performs the generation close to the user for low latency.

The Worker streams tokens back to staff and the requester: an acknowledgment letter that states the scope it inferred, cites the specific policy passages it used, proposes clarifying questions if needed, and outlines likely custodians and next steps. Staff see the same draft with provenance links to R2 objects and Vectorize IDs; they can click into source snippets, adjust the scope, or kick off downstream collection. Because retrieval (Vectorize) is decoupled from generation (Workers AI), developers can swap to a newer model or tune temperature and max tokens in AI Gateway without re-indexing the corpus or touching application code. Security teams get an audit-ready trail from the web form to the generated letter: what was retrieved, which model ran, how outputs were filtered, where logs are retained, and which regional boundaries were enforced.

The road ahead & our commitment

This is a natural next step in our mission to help build a better Internet for the US public sector. We’ve delivered on FedRAMP before and will continue to invest in the controls, documentation, and operational rigor agencies expect — bringing Workers AI, AI Gateway, and Vectorize into scope methodically as we progress toward 2026.

Secure, serverless AI should be accessible to every agency team — not just those with the largest budgets. If you’re exploring how Workers AI can accelerate your mission, reach out for a consultation or visit Cloudflare for Government to learn more.