← Back to Guides

    How to Secure Upstash

    Step-by-step guide to securing your Upstash Redis, Kafka, and edge data services.

    Upstash Security Context

    Upstash provides serverless Redis and Kafka with REST API access for edge functions. Token management and proper access control are essential for securing your data.

    Security Checklist

    1

    Secure REST API tokens

    Critical

    Store Upstash tokens securely in environment variables.

    2

    Configure token permissions

    Critical

    Use read-only tokens where write access isn't needed.

    3

    Review edge access patterns

    Critical

    Understand security implications of edge data access.

    4

    Enable TLS encryption

    Verify TLS is enabled for all connections.

    5

    Configure team permissions

    Set appropriate access levels for team members.

    6

    Review Redis data security

    Understand serverless Redis security model.

    7

    Configure Kafka security

    If using Kafka, configure topic access appropriately.

    8

    Enable audit logging

    Track database access and modifications.

    9

    Review rate limiting

    Configure appropriate rate limits.

    10

    Configure eviction policies

    Set appropriate data expiration.

    11

    Review QStash security

    If using QStash, configure webhooks securely.

    12

    Configure backups

    Verify backup settings are appropriate.

    13

    Review vector database

    If using Vector, configure access appropriately.

    14

    Configure monitoring

    Set up alerts for suspicious activity.

    15

    Test token rotation

    Plan for token rotation procedures.

    16

    Run security scan

    Use VibeEval to scan your application.

    Related Resources

    Is Upstash Safe?

    In-depth security analysis.

    Upstash Checklist

    Interactive security checklist.

    Automate Your Security Checks

    Let VibeEval scan your application for vulnerabilities.

    Scan Your App