Production scope
What an n8n production setup includes
The final scope is confirmed in the SOW. Every production option addresses security, recovery, observability and handover—not merely starting a container.
Infrastructure and environments
Deploy to n8n Cloud or customer-controlled infrastructure with environments matched to risk.
- Domain, TLS and reverse proxy
- PostgreSQL for self-hosting
- Staging plus production in Launch and Scale
- Redis and workers only for queue mode
Secrets and access
Keep credentials out of workflows and source repositories.
- Explicit N8N_ENCRYPTION_KEY stored outside code
- Separate service accounts where practical
- Least-privilege access and owner list
- n8n security audit before handover
Backup and disaster recovery
Back up the assets required for a real recovery and document ownership.
- Database backup and retention
- Workflow/configuration export
- Restore runbook
- Restore test in Launch and Scale
- RPO/RTO agreed to business criticality and budget
Logs, monitoring and alerts
Give operators a clear signal when a workflow or the platform fails.
- Structured application logs
- Health and readiness checks
- Metrics/alerting for self-hosting
- Error workflow and alert channel
- Execution retention matched to need
Workflow production hardening
Prepare business integrations for bad input and upstream outages.
- Input validation and use-case idempotency
- Timeout, retry and rate-limit handling
- Manual-review or dead-letter path where appropriate
- Test cases and acceptance criteria before go-live
Documentation and handover
Avoid locking the customer into contractor-owned accounts or undocumented knowledge.
- Customer-controlled cloud and domain accounts
- Architecture diagram and inventory
- Deployment, rollback and operating runbooks
- Admin and workflow-operator training
- Support window and SLA stated in the SOW