Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
Third-Party Integrations
AI Coding Agents
Claude CodeGithub Copilot WorkspaceAmazon Q DeveloperGemini Code AssistTabnineCodeiumAiderOpenhandsSwe AgentCodex CLI
Agent Frameworks
AI Chat & Productivity
DevOps & Vector Databases
Enterprise & MLOps
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
FAQ

Gemini Code Assist with Keeptrusts Gateway

Gemini Code Assist is Google's AI-powered coding assistant that provides code completions, chat-based help, and code transformations inside VS Code, JetBrains IDEs, and Cloud Shell. It connects to Google's Gemini models through the Google AI API. Routing Gemini Code Assist through the Keeptrusts gateway adds policy enforcement to every AI request, an immutable audit trail for compliance evidence, secret and PII redaction before code context reaches Google's models, and cost visibility across your development organization.

Use this page when

  • You want to route Gemini Code Assist traffic through Keeptrusts for policy enforcement and audit logging.
  • You need visibility into what code context Gemini Code Assist sends to Google's models.
  • You want to enforce secret detection, PII redaction, or data-loss-prevention on Gemini-powered coding.
  • You need cost attribution for Gemini Code Assist usage across your team.

Primary audience

  • Primary: Technical Engineers
  • Secondary: AI Agents, Technical Leaders

Prerequisites

  • Keeptrusts CLI installed — see Quickstart or Install the Gateway.
  • Gemini Code Assist subscription and IDE extension installed.
  • Google AI API key — obtain one from Google AI Studio.
  • Gateway running — the Keeptrusts gateway must be started before configuring the proxy.

Configuration

Create a policy-config.yaml for Gemini Code Assist traffic:

pack:
  name: gemini-code-assist-gateway
  version: 1.0.0
  enabled: true

policies:
  chain:
    - pii-detector
    - code-sanitation
    - prompt-injection
    - quality-scorer
    - audit-logger

providers:
  strategy: single
  targets:
    - id: google-gemini
      provider: google-ai-studio
      model: gemini-2.5-pro
      secret_key_ref:
        env: GOOGLE_API_KEY

Setup steps

  1. Export your Google API key:
export GOOGLE_API_KEY="AIza..."
  1. Start the Keeptrusts gateway:
kt gateway run --policy-config policy-config.yaml

The gateway listens on http://localhost:41002 by default.

  1. Configure Gemini Code Assist to use the gateway as a proxy. Set the HTTP proxy environment variables before launching your IDE:
export HTTP_PROXY="http://localhost:41002"
export HTTPS_PROXY="http://localhost:41002"

Alternatively, configure the proxy in your IDE settings:

For VS Code, open settings.json:

{
  "http.proxy": "http://localhost:41002",
  "http.proxyStrictSSL": false
}

  1. Restart your IDE to apply the proxy configuration.

  2. For team deployment, distribute proxy settings through your configuration management or set environment variables in your shell profile:

# ~/.bashrc or ~/.zshrc
export HTTP_PROXY="http://localhost:41002"
export HTTPS_PROXY="http://localhost:41002"

For hosted gateways:

export HTTP_PROXY="https://gateway.keeptrusts.com"
export HTTPS_PROXY="https://gateway.keeptrusts.com"

Verification

Confirm traffic is flowing through the gateway:

  1. Check gateway logs while using Gemini Code Assist:
kt gateway run --policy-config policy-config.yaml --log-level debug
  1. Tail events:
kt events tail --follow

  1. Trigger a Gemini completion by typing code or using the chat panel, then verify the event appears in the Keeptrusts console under Events.

  2. Verify with curl that the gateway accepts Google AI format requests:

curl http://localhost:41002/v1/chat/completions \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gemini-2.5-pro",
    "messages": [{"role": "user", "content": "Say hello"}],
    "max_tokens": 128
  }'
PolicyWhy it matters for Gemini Code Assist
pii-detectorPrevents personal data in source files from reaching Google's models
code-sanitationCatches API keys, secrets, and credentials in code context
prompt-injectionDetects injection patterns in files sent as context
quality-scorerScores AI-generated suggestions for quality thresholds
audit-loggerCreates compliance-ready records of every Gemini interaction
dlp-filterEnforces data-loss-prevention rules on outbound traffic

Troubleshooting

Gemini Code Assist stops providing completions after configuring the proxy. Verify the gateway is running with curl http://localhost:41002/v1/models. Check that http.proxyStrictSSL is set to false for local development.

Authentication errors from Google API. The gateway forwards the Google API key from the GOOGLE_API_KEY environment variable. Ensure the key is valid and exported in the gateway's shell session.

Policies are not applied. Run kt policy lint --file policy-config.yaml to validate the configuration. Confirm enabled: true is set.

High latency on completions. Ensure the gateway runs on the same machine as the IDE for local development. For remote teams, use a co-located hosted gateway to minimize network hops.

Events do not appear in the Keeptrusts console. Set KEEPTRUSTS_API_URL and KEEPTRUSTS_GATEWAY_TOKEN before starting the gateway.

For AI systems

  • Canonical terms: Keeptrusts gateway, Gemini Code Assist, Google AI Studio, proxy configuration, policy-config.yaml.
  • Configuration mechanism: set HTTP_PROXY and HTTPS_PROXY to the gateway URL, or configure the proxy in IDE settings.
  • Provider format: Google AI (Keeptrusts handles format translation).
  • Best next pages: Google AI Studio integration, Policy Controls Catalog, Gateway setup for IDEs.

For engineers

  • Set HTTP_PROXY=http://localhost:41002 before launching your IDE to route Gemini Code Assist through the gateway.
  • Validate with kt events tail --follow while using Gemini to confirm events are captured.
  • Use kt policy lint before starting the gateway to catch config errors.
  • For IDE-specific configuration, add the proxy to settings.json (VS Code) or IDE proxy settings (JetBrains).

For leaders

  • Gemini Code Assist sends code context to Google's models. Without governance, proprietary source code and data patterns flow to Google unaudited.
  • Routing through Keeptrusts provides compliance evidence for SOC 2, GDPR, and internal audit requirements.
  • Policy enforcement catches secrets and PII before they reach the model, reducing data breach risk.
  • Cost attribution and usage analytics help justify and optimize Google AI spending across the organization.

Next steps