GitKraken.dev

Security Controls & Cloud Patch Configuration

Last updated: June 2025

GitKraken provides centralized security settings to help your organization control data-sharing features, enforce compliance, and manage where Git patches are stored.


GitKraken AI Features

GitKraken AI features can suggest code or perform smart actions to improve your workflow. These features may require sending code snippets to GitKraken AI or third-party providers.

If these features don’t align with your organization’s security policies, you can control access across your organization.

Manage AI Feature Access

To enable or disable GitKraken AI features for all organization members:

GitKraken AI feature toggle in Security Controls
Organization-level toggle for GitKraken AI features

Enforce AI Providers

Organizations on the Business+ plans can enforce restrictions on which AI providers are allowed across GitKraken products. This ensures compliance with your data policies.

To configure provider-level controls:

  1. Go to Settings > Security Controls > Enforce AI providers.
  2. Enable the toggle to display supported providers.
  3. For each provider, you can:
    • Enable: Allow team members to use the provider’s models.
    • Disable: Block the provider completely.

For the following marked* providers, you can also:

  • Set an API Key: Enforce the use of your key.
  • Add a Custom URL (requires a key): Restrict access to a specific endpoint.

Supported providers include:

  • Anthropic*
  • Azure*
  • DeepSeek
  • GitHub Copilot
  • GitKraken AI
  • Google*
  • Hugging Face*
  • Mistral*
  • Ollama*
  • OpenAI*
  • OpenAI compatible*
  • OpenRouter
  • xAI
AI provider settings showing API key and URL fields
Example of AI provider configuration fields

Providers marked with an asterisk (*) support setting a custom API key and URL.

These settings apply across all GitKraken products used by your organization.


Cloud Patches

Allow developers in your organization to create Cloud Patches that can be shared with others. Cloud Patches are encrypted Git patch files that GitKraken can store in GitKraken-managed or customer-managed storage.

If your company policies require internal storage, you can set up self-hosted Cloud Patches using your own AWS S3 bucket.

If this setup is not feasible, please contact our customer success team.

Self-Host Cloud Patches with AWS S3

Configure your GitKraken organization to store Cloud Patches on your own infrastructure.

Requirements

  • An AWS account with S3 access
  • Admin permissions to apply bucket policies
  • GitKraken Pro or Enterprise plan

Setup Steps

  1. Create an S3 bucket and give it a meaningful name (e.g., gitkraken-cloud-patches).
  2. Apply the GitKraken-supplied bucket policy using the UI template.
  3. Enter your AWS credentials into GitKraken:
    • Bucket name
    • Access key ID
    • Secret access key
    • AWS region
  4. Test the connection and save your configuration.
AWS S3 bucket permissions configuration
AWS S3 permissions screen for GitKraken Cloud Patches

GitKraken encrypts all Cloud Patches, even when self-hosted. Only users with access to the patch link and repository permissions can view contents.


Next Steps

Have feedback about this article? Did we miss something? Let us know!
On this page