ErasureDocs
Guides

Production checklist

Go-live hygiene for Erasure privacy operations.

Production checklist

Use before production traffic. Complements the DPDP operational checklist.

Access

  • Strong passwords (min 12)
  • Correct Owner/Admin/Viewer roles
  • Publishable keys not committed to git
  • Operator sessions treated as sensitive (XSS critical while tokens live in localStorage — Beta)
  • Notice copy reviewed
  • Published version only in production SDK config
  • Production baseUrl points at your real Erasure origin
  • Receipts observed in staging before production cutover

Systems

  • Production SQL uses TLS
  • Least-privilege DB users
  • HTTP/Webhook targets SSRF-safe and intentional
  • Health green or consciously accepted degraded

Data Maps

  • Personal data tables mapped
  • Retention tables marked SKIP with intent
  • Preview counts reviewed on staging subjects
  • Re-discover after schema migrations

Execution

  • Worker always on
  • Readiness not blocked
  • Test COMPLETED case in staging
  • Evidence export tested

Ops

  • Backups owned for Postgres (Erasure does not replace backup policy)
  • Billing entitlements match expected volume
  • Security contact path known for disclosure

Next

Security · Getting Started