Use this checklist before exposing Caracal to production workloads or protected upstreams.
| Check | Expected |
|---|
| Mode | CARACAL_MODE=stable or rc; never rely on dev defaults for production. |
| Ports | Public ingress exposes only required API/Gateway endpoints; storage remains private. |
| Network | NetworkPolicy or equivalent restricts ingress and egress. |
| Containers | Non-root, dropped capabilities, no-new-privileges, read-only root filesystem where supported. |
| Check | Expected |
|---|
| Secret delivery | Mounted secret files or platform secret manager, not inline production secrets. |
| HMAC keys | AUDIT_HMAC_KEY, STREAMS_HMAC_KEY, and GATEWAY_STS_HMAC_KEY are strong and rotated under control. |
| Zone KEK | ZONE_KEK is protected and backed up with the database. |
| Admin/Coordinator tokens | Stored privately, rotated, and scoped to operator need. |
| Runtime profiles | caracal.toml and secret files are owner-only when written locally. |
| Check | Expected |
|---|
| STS | Fails closed on invalid client credentials, policy denial, revoked sessions, replay, invalid delegation, and unsatisfied step-up. |
| Gateway | Requires bearer token and X-Caracal-Resource, validates binding, rejects path traversal and unsafe upstreams. |
| Control | Disabled unless explicitly needed; invoke endpoint requires gate, JWT, replay protection, rate limit, and audit. |
| Resource servers | Verify mandate signature, issuer, audience, scopes, token use, agent/delegation requirements, hop limits, and revocation. |
| Check | Expected |
|---|
| Audit stream | caracal.audit.events and DLQ are monitored. |
| Tamper checks | Audit tamper alerts page the security/on-call path. |
| Backups | Postgres, runtime secrets, and audit exports are restorable. |
| Replay | STS/Gateway audit replay volumes are preserved through rollouts. |
Use Report a Vulnerability if hardening review uncovers a suspected vulnerability.