Skip to main content
Security best practices for production deployments.

Database

  • Change default passwords
  • Enable SSL/TLS
  • Restrict network access
  • Use strong encryption
  • Rotate credentials regularly

Network

  • Deploy behind VPN
  • Use private networks
  • Enable mTLS
  • Configure firewalls
  • Use NetworkPolicies (Kubernetes)

Data Privacy

Redact PII: 
const redacted = redactPII(userPrompt);
await lumina.traceLLM(
  () => llm.generate(redacted),
  { prompt: redacted }
);
Configure retention: 
TRACE_RETENTION_DAYS=7
Implement data export: 
curl http://api:8081/api/traces?userId=user-123 > user_data.json

Secrets

Never commit secrets:
  • Use environment variables
  • Use secret managers (AWS Secrets Manager, Vault)
  • Rotate secrets regularly
  • Use least privilege access

Auditing

Enable audit logging: 
ENABLE_AUDIT_LOG=true
AUDIT_LOG_PATH=/var/log/lumina/audit.log