Internal reference document — depth 2
Outbound traffic must route through the egress proxy at proxy.internal:3128.
The key derivation function uses PBKDF2 with 210 000 iterations and a 32-byte salt.
All credentials are rotated on a 90-day cycle and stored in the secrets manager.
The schema migration tool acquires an advisory lock before any structural change.
All audit events are immutably appended to the append-only event store.
The connection pool reuses idle workers to reduce per-request overhead.