Prerequisites
Use this page as a data generation readiness check to go live with Syntho.
The Implementation Statement of Work Status Tracker contains the full list and latest status
Start early
Initiate these actions as early as possible. They are approval heavy and often take the longest:
InfoSec / security review
AI review (if required)
Legal / privacy officer approval (use-case dependent)
Infrastructure provisioning request submitted (VM/cluster, DNS, TLS)
Firewall rule approvals requested (UI/API exposure & DB connectivity)
Source database access approval requested (read-only user)
Destination database access approval requested (write + truncate permissions)
1. Governance and approvals
Governance
IT onboarding / intake
InfoSec / security review
Ownership is clear for any required reviews
Optional (if required by policy)
AI review
Legal / DPA review
Data access approvals
Data owner(s) identified for priority use-case datasets/databases
Approval granted to read from the source database
Approval granted to write and truncate the destination database
2. Infrastructure and deployment
Deployment method and sizing
Deployment method selected:
Docker Compose: Docker Compose
Kubernetes (Helm): Kubernetes (Helm)
Hardware meets minimum recommendations (or has an approved exception)
Network and firewalling
UI is reachable for intended users (HTTP(S))
Firewall rules implemented for UI/API exposure and DB ports
Outbound connectivity from Syntho to source database works
Outbound connectivity from Syntho to destination database works
Internet access
Syntho does not require outbound internet access at runtime
Internet access is required only for image pulls and upgrades, unless images are available in a local image registry.
Platform health checks
Syntho UI loads without errors
Syntho Appilcation PostgreSQL is reachable
Logs show no critical startup errors
Backups for Syntho Applicaiton DB
Backup plan exists for Syntho PostgreSQL metadata databases (
syntho-core,syntho-backend)Docker Compose: Back up PostgreSQL
Kubernetes: Back up PostgreSQL
DNS and TLS
DNS/TLS posture is defined for the production endpoint
Proxy / load balancer / ingress routing is configured (if required)
3. Data access and database preparation
Source access (read-only)
Source access is approved for the agreed scope
Source is reachable from Syntho (routes, DNS, firewall)
Source user is read-only (
SELECTonly)Source data is static for the full run (consistent snapshot)
Do not connect Syntho directly to a live production database. Use a restored dump or replica copy instead.
Destination access (write + truncate)
Destination access is approved for the agreed scope
Destination is reachable from Syntho
Destination user can write and alter data (as required by your destination DB)
Destination supports reset between runs (
TRUNCATE)
Schema alignment and validation
Source and destination are the same database type
Destination schema matches the source (tabla names, column names and datatypes allign)
Connection tests pass in the workspace (source + destination)
Validate source/destination schema:
End-to-end test run
End-to-end test succeeds on a controlled scope (subset or small table set)
4. Operational readiness
Super users
An onboarding owner exists (super user or admin)
1–3 super users assigned
Super users have availability for onboarding activities
Super users can cover:
Fatabase basics (schemas, grants, SQL),
Docker Compose or Kubernetes operations,
Anonymization concepts (PII, utility vs privacy)
Users, access, and roles
At least one admin user exists. See Manage admin users
Admin login works
Non-admin users created for day-to-day work. See Manage non-admin users
Admin + at least one editor user are provisioned
Workspace roles assigned (owner/editor/reader) alligned with internal policy
Super users can log in and create a workspace using the provided Syntho + DB credentials
Workspace and scope
First-run scope agreed (schemas/tables for initial setup and the first test run)
Workspace exists with configured connections. See Create a workspace
AI-powered generation
If using AI-powered generation, data is structured as:
one row per independent entity (entity table), or
entity table + linked table (for event/sequence data). See Entity tables
Accesibility
Ray dashboard is accessible from the UI. See Logs and monitoring
Team can access service logs for troubleshooting
Monitoring and log access is operational for incident response
Last updated
Was this helpful?