You can create a permission, so your staff can enable the 'under attack' mode when you need to mitigate a DDOS attack.
The CloudFlare page will be yourdomain.ext/cloudflare.
New permission to manage CloudFlare's protection.
You can change your CloudFlare security level to : low, medium, high, and under attack.
Configure your CloudFlare API key and domain with ACP options.
New page :
Under attack mode :
Option page :