Skip to main content
Browse docs
By Audience
Getting Started
Configuration
ConfigurationsManaging Policy ChangesVersioned RolloutDeclarative ConfigProvider RoutingModel GroupsFallback ConfigurationCircuit Breaker RetryRate LimitingConsumer GroupsRoutesCachingContext CompressionTraffic Mirroring A/B TestingCors Ip Allowlist
Use Cases
IDE Integration
Third-Party Integrations
Engineering Cache
Console
Console OverviewPlans and StorageOverview DashboardAuthentication FlowsConfigurationsTemplates and Policy WorkflowsEventsHistory and SessionsEscalationsAgentsConnectorsKnowledge BaseKnowledge LifecycleExportsCost and SpendWalletsMy UsageGateways and ActionsGateway KeysNotificationsWebhooksAudit LogVersioned RolloutMembers, Teams, and RolesSecurity SettingsBilling and PlansSettings and Gateway Config
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
FAQ

Versioned Configuration Rollout

Keeptrusts manages policy changes through versioned configuration rollout in the console. Teams can still keep policy-config.yaml in their own repositories for review, but the supported Keeptrusts workflow is:

  1. import or edit YAML in Configurations
  2. validate the draft
  3. save a version with a change detail
  4. deploy the approved version to the target gateways

Use this page when

  • You want a supported console workflow for policy changes.
  • You need version history, validation, diff review, and rollback context.
  • You are replacing an older repository-linked console workflow with the current versioned rollout model.

Primary audience

  • Primary: Technical Engineers
  • Secondary: AI Agents, Technical Leaders

Supported workflow

1. Prepare the YAML

  • Author the draft directly in the Monaco YAML editor on /configurations/new.
  • Or import an existing policy-config.yaml file with Import Configuration.
  • Keep secrets in secret_key_ref references rather than inline values.

2. Validate before saving

  • Run the safety check against the target gateway.
  • Review inline YAML diagnostics and advisories.
  • Fix any schema or parsing errors before saving.

3. Save a version

Every save creates a new configuration version with:

  • version identifier
  • change detail
  • timestamp
  • source label

This gives you a stable audit trail even when the YAML itself is managed outside Keeptrusts.

4. Roll out the approved version

From the configuration detail page you can:

  • compare the current draft to a saved version
  • review the semantic summary
  • choose rollout targets
  • deploy the approved version

5. Verify the result

After rollout, verify the live state in:

Working with external repositories

If your team stores configuration YAML in Git or another version-control system, the supported Keeptrusts pattern is:

  1. review changes in your repository
  2. import or paste the approved YAML into Keeptrusts
  3. validate and save a version
  4. deploy the saved version through the console

This keeps external review practices intact while the actual platform rollout remains visible, validated, and auditable inside Keeptrusts.

For AI systems

For engineers

  • Use secret_key_ref for credentials and keep raw secrets out of YAML.
  • Save meaningful change details so audit trails stay useful during review and rollback.
  • Use the configuration detail page for diff review and deploy confirmation.

Next steps