cheatsheets Jun 28, 2026 updated Jun 28, 2026
Secrets Management Checklist
A checklist for safely handling API keys, database credentials, and service secrets.
- Status
- evergreen
- Visibility
- public
- Category
- Security
- Difficulty
- intermediate
- Published
- Jun 28, 2026
- Updated
- Jun 28, 2026
Storage
- Secrets are not committed.
- Managed secret store is used.
- Local
.envfiles are ignored. - Secret names are documented without revealing values.
Access
- Access is least-privilege.
- Human and service access are separated.
- Temporary access has an expiration.
- Production secret access is auditable.
Rotation
- Owner is known.
- Rotation procedure exists.
- Dependent services are listed.
- Old values are revoked.
Source Links
Related Notes
Docs Jun 28, 2026 intermediate
Secrets, IAM, and RBAC Mental Model
A practical way to reason about identity, permissions, secrets, and access boundaries.
Cheat Sheets Jun 28, 2026 beginner
GCP Cloud Run Checklist
A deployment checklist for containerized backend services on Google Cloud Run.
Cheat Sheets Jun 28, 2026 intermediate
Docker Production Checklist
A checklist for production-friendly Docker images and container runtime behavior.
Docs Jun 28, 2026 beginner
Cloudflare Pages Deployment Runbook
A deployment checklist for publishing the knowledge base to Cloudflare Pages and mapping notes.bianrui.net.
Cheat Sheets Jun 28, 2026 intermediate
FastAPI Production Checklist
A compact checklist for taking a FastAPI service from useful prototype to production-ready backend.
Backlinks
Docs Jun 28, 2026 intermediate
Secrets, IAM, and RBAC Mental Model
A practical way to reason about identity, permissions, secrets, and access boundaries.