Exploring DevOps Config

  • Release version: Yokohama
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Exploring DevOps Config

    DevOps Config serves as a centralized system for storing and managing configuration data, acting as a single source of truth. It enables ServiceNow customers to validate configuration data before deployment, detect unintended changes (configuration drift), and resolve conflicts in deployed configurations. By consolidating configuration data from multiple sources with role-based access control, it enhances security and governance.

    Show full answer Show less

    Important Note: Starting with the Washington D.C. release, DevOps Config is being prepared for future deprecation. It will no longer be activated on new instances but will continue to be supported on existing ones.

    Key Features

    • Single Source of Truth: Stores all configuration data in one consolidated model, improving management and security.
    • Validation Before Deployment: Automatically validates configuration data using policies before deployment to prevent risky or non-compliant changes.
    • Configuration Drift Detection: Allows comparison of current and past configuration data versions to identify and resolve unintended changes quickly.
    • Role-Based Access Control: Secures configuration data by controlling access based on user roles.
    • Integration with CI/CD Pipelines: Supports automated gates to halt deployments if configuration changes are deemed risky or non-compliant.
    • Policy Customization: Includes generic policies via the DevOps Config Policy content pack that can be tailored to specific use cases.
    • Cross-Product Integration: When creating an app in DevOps Config, it links with other ServiceNow products like DevOps Change Velocity for enhanced visibility and lifecycle management.
    • Powered by CDM and PaCE: Utilizes Configuration Data Management and Policy as Code Engine capabilities for managing configuration data and policies effectively.

    Practical Use for ServiceNow Customers

    • DevOps Engineers: Use the DevOps Config interface and API to manage and validate configuration data, enabling faster, safer releases by preventing risky or non-compliant changes.
    • App Engineers and IT Infrastructure Owners: Validate configuration changes seamlessly in the background, ensuring compliance with corporate policies without disrupting existing workflows or introducing new tools.
    • Incident and Change Management: Leverage configuration data snapshots for root cause analysis of configuration-related outages or alerts, facilitating quick resolution and rollback to desired states.

    Outcome

    By implementing DevOps Config, ServiceNow customers gain enhanced control and visibility over configuration data, minimizing risks associated with configuration drift and non-compliant changes. This leads to improved deployment safety, faster release cycles, and stronger alignment with organizational security and compliance policies.

    Use DevOps Config to store and manage all of your config data as a single source of truth. You can also use DevOps Config to validate your config data before deployment, and resolve conflicts in deployed config data.

    Important:
    Starting with the Washington D.C. release, DevOps Config is being prepared for future deprecation. It will be hidden and no longer activated on new instances but will continue to be supported.

    Watch this short video to see how config data snapshots in DevOps Config can help you identify issues caused by unintended config data changes.

    Use root cause analysis of configuration-related outages or alerts to quickly identify and resolve unintended config data changes, also known as configuration "drift." Compare current and past versions of intended config data changes attached to change requests, and roll back to the desired state when needed.

    For more information, see Investigate an alert that involves a change to config data.

    DevOps Config Use Cases for applications and Infrastructure as Code

    Manage your configuration data

    DevOps Config becomes the single source of truth for your configuration data, rather than the source tool. A consolidated model manages and secures config data across multiple sources with role-based access control.

    Although DevOps Config prevents non-compliant changes by validating your configuration data before deployment, security of the configuration data can't be enforced if the data is kept at the source and not stored in DevOps Config.

    • Workflow

      DevOps Config manages all your data in one location, validates it as it's written, and exports, when needed.

    • DevOps Engineer persona

      Use DevOps Config and DevOps Config API to manage and validate configuration data. Thus, enabling DevOps teams to release at a faster speed, ensuring that no risky or non-compliant changes are introduced in production.

      Use automated gates in a CI/CD pipeline or deployment script so that a deployment is stopped if any change to the application or infrastructure configuration is deemed risky or non-compliant.

      Manage DevOps Config as more policies are added and more exporters are defined.

    Validate your configuration data

    DevOps Config acts as a test tool by automatically validating your configuration data before deployment to prevent non-compliant changes, while ensuring adherence to policy frameworks.

    Validation before deployment occurs by executing policies on the configuration data. The DevOps Config Policy content pack includes generic policies that check for standard issues, but can be customized based on use case.

    • Workflow

      When configuration data is changed or added, DevOps Config runs policies on the configuration data that's stored across multiple sources, validates it, and returns the outcome.

      In the pipeline, the decision on whether to deploy is made, and the configuration data is retrieved from the source (Git, for example) to deploy.

    • App Engineer (or IT infrastructure owner) persona

      Use DevOps Config to validate configuration data. Thus, making sure no risks are introduced and that all changes are compliant with company policies before any changes are applied in a production environment.

      Since the tool integrates with the existing toolset, there's no change to the way work is done and there are no new tools to learn. Changes made to configuration data are validated in the background, and when the outcome is reported, action can be taken.