Exploring DevOps Config

  • Release version: Zurich
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Exploring DevOps Config

    DevOps Config provides ServiceNow customers with a centralized platform to store, manage, and validate configuration data as a single source of truth. It helps prevent configuration drift by enabling root cause analysis of unintended changes, compares current and past configuration states, and allows rollback to desired configurations when necessary. Note that starting with the Washington D.C. release, DevOps Config is being prepared for future deprecation and will not be activated on new instances, although existing support continues.

    Show full answer Show less

    Key Features

    • Centralized Configuration Management: Consolidates configuration data from multiple sources into one model secured by role-based access control, ensuring security and compliance.
    • Pre-deployment Validation: Automatically validates configuration data against policy frameworks before deployment to prevent risky or non-compliant changes.
    • Policy-Driven Controls: Uses customizable policies from the DevOps Config Policy content pack to enforce standards and compliance during validation.
    • Integration with DevOps Pipelines: Supports automated gates in CI/CD pipelines or deployment scripts to halt deployments if configuration changes are non-compliant or risky.
    • Change Tracking and Root Cause Analysis: Enables comparison of configuration snapshots over time, aiding in identifying and resolving configuration-related outages or alerts.
    • Application-Centric Model: Organizes configuration data per application, linking DevOps Config with other ServiceNow products like DevOps Change Velocity for enhanced lifecycle visibility.
    • Powered by CDM and PaCE: Leverages Configuration Data Management and Policy as Code Engine for efficient management of config data and policies.

    Key Outcomes

    • Improved Release Velocity: DevOps teams can release faster with confidence, as configuration validation ensures only compliant changes reach production.
    • Reduced Risk of Configuration Drift: Early detection and remediation of unintended changes help maintain stable and secure environments.
    • Seamless Integration: Validates changes in the background without disrupting existing workflows or requiring new tools, preserving operational continuity for app engineers and infrastructure owners.
    • Enhanced Visibility and Control: Provides a unified view and governance over configuration data, supporting comprehensive policy enforcement and audit capabilities.

    Use DevOps Config to store and manage all of your config data as a single source of truth. You can also use DevOps Config to validate your config data before deployment, and resolve conflicts in deployed config data.

    Important:
    Starting with the Washington D.C. release, DevOps Config is being prepared for future deprecation. It will be hidden and no longer activated on new instances but will continue to be supported.

    Watch this short video to see how config data snapshots in DevOps Config can help you identify issues caused by unintended config data changes.

    Use root cause analysis of configuration-related outages or alerts to quickly identify and resolve unintended config data changes, also known as configuration "drift." Compare current and past versions of intended config data changes attached to change requests, and roll back to the desired state when needed.

    For more information, see Investigate an alert that involves a change to config data.

    DevOps Config Use Cases for applications and Infrastructure as Code

    Manage your configuration data

    DevOps Config becomes the single source of truth for your configuration data, rather than the source tool. A consolidated model manages and secures config data across multiple sources with role-based access control.

    Although DevOps Config prevents non-compliant changes by validating your configuration data before deployment, security of the configuration data can't be enforced if the data is kept at the source and not stored in DevOps Config.

    • Workflow

      DevOps Config manages all your data in one location, validates it as it's written, and exports, when needed.

    • DevOps Engineer persona

      Use DevOps Config and DevOps Config API to manage and validate configuration data. Thus, enabling DevOps teams to release at a faster speed, ensuring that no risky or non-compliant changes are introduced in production.

      Use automated gates in a CI/CD pipeline or deployment script so that a deployment is stopped if any change to the application or infrastructure configuration is deemed risky or non-compliant.

      Manage DevOps Config as more policies are added and more exporters are defined.

    Validate your configuration data

    DevOps Config acts as a test tool by automatically validating your configuration data before deployment to prevent non-compliant changes, while ensuring adherence to policy frameworks.

    Validation before deployment occurs by executing policies on the configuration data. The DevOps Config Policy content pack includes generic policies that check for standard issues, but can be customized based on use case.

    • Workflow

      When configuration data is changed or added, DevOps Config runs policies on the configuration data that's stored across multiple sources, validates it, and returns the outcome.

      In the pipeline, the decision on whether to deploy is made, and the configuration data is retrieved from the source (Git, for example) to deploy.

    • App Engineer (or IT infrastructure owner) persona

      Use DevOps Config to validate configuration data. Thus, making sure no risks are introduced and that all changes are compliant with company policies before any changes are applied in a production environment.

      Since the tool integrates with the existing toolset, there's no change to the way work is done and there are no new tools to learn. Changes made to configuration data are validated in the background, and when the outcome is reported, action can be taken.