Cursor Rules Template: Python FastAPI API Monitoring
Cursor Rules Template for building a Python FastAPI API monitoring platform with uptime checks, latency metrics, error tracking, and incident notifications. Includes a copyable .cursorrules configuration and stack-specific project guidance.
Target User
Developers building an API monitoring platform using Python FastAPI and PostgreSQL
Use Cases
- Define and enforce a consistent API monitoring backend architecture
- Automate uptime checks, latency tracking, error surfacing, and incident notifications
- Share a copyable Cursor .cursorrules configuration across teams
Markdown Template
Cursor Rules Template: Python FastAPI API Monitoring
Framework: Python FastAPI
FrameworkRoleAndContext:
framework: Python FastAPI
context: Build an API monitoring platform with uptime checks, latency metrics, error tracking, and incident notifications. Use Cursor AI to enforce architecture and security for this stack.
Stack: PostgreSQL + SQLAlchemy
ArchitectureAndDirectoryRules:
root: .
src: src/
app: src/app/
models: src/app/models/
routers: src/app/api/
services: src/app/services/
migrations: migrations/
tests: tests/
CodeStyleAndGuidelines:
tooling: [black, isort, mypy]
lint: true
formatting: black
typing: true
AuthenticationAndSecurity:
auth: JWT/OAuth 2.0
requiredScopes: [ monitor.read, monitor.write ]
secretManagement: 'env vars / AWS Secrets Manager'
httpSecurity: TLS, HSTS, secure cookies
DatabaseAndORM:
ORM: SQLAlchemy
pattern: UnitOfWork + Repository
migrations: Alembic
dbURL: postgresql://{user}:{pass}@{host}:{port}/{db}
TestingAndLinting:
tests: pytest
lintTools: [ruff, black]
ci: true
ProhibitedActionsAndAntipatterns:
- Do not bypass authentication
- Do not log raw secrets
- Do not use raw SQL without parameterization
- Do not bypass migrations in production
UptimeChecksAndIncidents:
healthEndpoint: /healthz
latencyMetric: P90 < 200ms
uptimeTarget: 99.9%
incidentNotifications: [ Slack, PagerDuty ]Overview
Direct answer: This Cursor Rules Template provides a complete .cursorrules configuration for a Python FastAPI API monitoring platform, covering uptime checks, latency metrics, error tracking, and incident notifications using Cursor AI to enforce architecture and security for this stack.
The Cursor rules configuration is intended for developers who want a copyable baseline that can be pasted into a project root as .cursorrules to govern AI-assisted coding, architecture decisions, and policy enforcement during development and deployment.
When to Use These Cursor Rules
- When building an API monitoring platform that tracks uptime, latency, error rates, and incidents for a Python FastAPI backend with PostgreSQL
- When you want a repeatable, auditable set of AI constraints to enforce security, performance, and maintainability
- When collaborating across teams to standardize project structure, dependencies, and testing workflows
Copyable .cursorrules Configuration
Framework: Python FastAPI
FrameworkRoleAndContext:
framework: Python FastAPI
context: Build an API monitoring platform with uptime checks, latency metrics, error tracking, and incident notifications. Use Cursor AI to enforce architecture and security for this stack.
Stack: PostgreSQL + SQLAlchemy
ArchitectureAndDirectoryRules:
root: .
src: src/
app: src/app/
models: src/app/models/
routers: src/app/api/
services: src/app/services/
migrations: migrations/
tests: tests/
CodeStyleAndGuidelines:
tooling: [black, isort, mypy]
lint: true
formatting: black
typing: true
AuthenticationAndSecurity:
auth: JWT/OAuth 2.0
requiredScopes: [ monitor.read, monitor.write ]
secretManagement: 'env vars / AWS Secrets Manager'
httpSecurity: TLS, HSTS, secure cookies
DatabaseAndORM:
ORM: SQLAlchemy
pattern: UnitOfWork + Repository
migrations: Alembic
dbURL: postgresql://{user}:{pass}@{host}:{port}/{db}
TestingAndLinting:
tests: pytest
lintTools: [ruff, black]
ci: true
ProhibitedActionsAndAntipatterns:
- Do not bypass authentication
- Do not log raw secrets
- Do not use raw SQL without parameterization
- Do not bypass migrations in production
UptimeChecksAndIncidents:
healthEndpoint: /healthz
latencyMetric: P90 < 200ms
uptimeTarget: 99.9%
incidentNotifications: [ Slack, PagerDuty ]
Recommended Project Structure
PROJECT_ROOT/
├─ app/
│ ├─ main.py
│ ├─ api/
│ │ ├─ endpoints/
│ │ └─ v1/
│ ├─ core/
│ │ ├─ config.py
│ │ ├─ logging.py
│ │ └─ security.py
│ ├─ db/
│ │ ├─ base.py
│ │ ├─ session.py
│ │ ├─ models/
│ │ └─ migrations/
│ ├─ services/
│ ├─ workers/
│ └─ tests/
├─ alembic.ini
└─ requirements.txt
Core Engineering Principles
- Idempotent uptime checks and deterministic incident creation
- Single source of truth for configurations and rules
- Security by default with strict input validation
- Clear separation of concerns across API, data, and monitoring concerns
- Automated testing, linting, and CI for gatekeeping changes
Code Construction Rules
- Use FastAPI async endpoints with proper dependency injection and Pydantic models
- Validate all input data and sanitize outputs to avoid leakage of secrets
- Use SQLAlchemy ORM with Repository and UnitOfWork patterns; migrations via Alembic
- Store secrets in env vars or a secrets manager; never hard-code credentials
- Lock dependencies with exact versions in requirements.txt or Poetry lockfile
- Log structured JSON for observability; avoid logging PII
- Implement rate limiting and proper auth checks on admin endpoints
Security and Production Rules
- Enable TLS; enforce HSTS; disable debug in production
- Validate and sanitize all external inputs; use parameterized queries
- Use role-based access controls for monitoring data
- Rotate and secure secrets; audit access to credentials
- Implement immutable infrastructure and blue/green deployments when possible
Testing Checklist
- Unit tests for each API endpoint and service layer
- Integration tests for DB interactions via a test database
- End-to-end tests for uptime checks, latency metrics, and incident flows
- Linting and type checking in CI; run tests on PRs
- Security tests for input validation and auth scopes
Common Mistakes to Avoid
- Overloading endpoints with non-idempotent monitoring calls
- Using non-parameterized queries or leaking credentials in logs
- Skipping migrations or running migrations in production without review
- Ignoring latency skew or misreporting uptime due to caching
- Hard-coding URLs and environment-specific values in code
Related Cursor rules templates
Explore adjacent Cursor rules templates for similar stacks, workflows, and production constraints.
- Cursor Rules Template: LMS with Courses, Lessons, Quizzes, Certificates, Payments, and Admin Dashboard
- Cursor Rules Template: Django Subscription Box Platform
- Cursor Rules Template: Manufacturing Execution Dashboard (NestJS + PostgreSQL)
- Cursor Rules Template for Fitness Trainer SaaS
FAQ
What is this Cursor Rules Template for Python FastAPI API Monitoring?
This Cursor Rules Template defines a complete copyable .cursorrules configuration for a Python FastAPI API monitoring platform. It covers uptime checks, latency metrics, error tracking, and incident notifications, guiding Cursor AI to enforce architecture and security best practices for this stack.
How do uptime checks map to Cursor AI rules?
Uptime checks specify a health endpoint and latency targets. Cursor AI uses these constraints to validate monitoring behaviors, trigger alerts on degradation, and enforce consistent uptime reporting across environments.
What tooling does this template assume?
The template assumes Python 3.11+, FastAPI, SQLAlchemy, PostgreSQL, Alembic, pytest, and linting with Black and Ruff. Secrets are sourced from environment variables or a secrets manager; no credentials are hard-coded.
How can I customize for production deployments?
Customize by adjusting production environment configurations, scaling policies, and alerting channels. Update the .cursorrules to reflect production endpoints and security requirements, and ensure that admin endpoints are protected with proper auth scopes.
How do I run and validate the Cursor Rules Template?
Place the copied .cursorrules configuration in your project root and apply it with Cursor AI tooling. Run unit and integration tests, verify uptime checks, and validate incident notification workflows in a staging environment before production.