One of the superpowers of Kong Gateway that its users most appreciate is its declarative configuration management capabilities, facilitated by the [decK](https://docs.konghq.com/deck/latest/)decK command line tool. Declarative configuration enables you to manage your Kong Gateway configuration using GitOps practices, including federated configuration management, mandatory review processes, and automated policy enforcement via CI/CD.
This is a great start, but it’s not enough anymore. With the advent of Kong Konnect, Kong’s next-generation API management platform, there are a lot more entities that need configuration. You can deploy Kong Mesh control planes, publish API Products, configure your Developer Portal, and more. Declarative configuration only works if all of your configuration is declarative.
The Konnect platform provides a whole set of new capabilities that need to be managed declaratively. Being able to configure which APIs are published to which Developer Portal, and which branding that portal should have is a key workflow for API Product owners. Being able to do it declaratively is a requirement when it comes to operating at scale.
The Kong team considered expanding decK to manage Konnect entities in addition to Gateway entities, but it didn’t feel right to us. decK manages entities that live inside a single Kong Gateway control plane, and adding support to create control planes or manage organization settings was confusing to our users. So we went back to the drawing board and looked for alternatives.
Many of our users are already using Terraform to manage their infrastructure on AWS, Azure, and GCP. Kong is infrastructure too, so why don’t we let you manage Kong Gateway and all other entities above it at the Kong Konnect level with Terraform? This allows users to use a tool that they’re already familiar with.
Enabling customers to practice GitOps is a north star for Kong, and tools such as [Atlantis](https://www.runatlantis.io/)Atlantis allow us to ship Terraform support knowing that GitOps is at the heart of every successful workflow. Existing Terraform users are likely to have this automation in place already, and by shipping a Terraform provider we slot right into that existing infrastructure. All the benefits with none of the CI/CD toil.
It’s with great pleasure that we announce that [terraform-provider-konnect](http://github.com/kong/terraform-provider-konnect)terraform-provider-konnect is now generally available. We’ve been using it internally and with our beta testers for the last six months, and I’m not exaggerating when I say that 90% of the projects I see day to day are using the Terraform provider to manage their Konnect configuration.
The provider has already been installed over 7,500 times, and supports everything you need to get started with Konnect:
You might be wondering what the future looks like for decK now that we have Terraform support. decK isn’t going anywhere. It’s still a strategic tool for Kong Gateway, and the declarative configuration format that decK uses forms the basis for our whole APIOps story.
We see Terraform and decK co-existing indefinitely. There are a *lot* of things that you can do with decK that you can’t do with Terraform:
deck file patchread_timeout must be set) using deck file validatedeck file mergeHowever, we know that many of you want to use Terraform but also benefit from decK’s APIOps capabilities. That’s why we’ve built deck file kong2tf, which takes a decK declarative configuration file and generates Terraform manifests automatically. This means you have two options when it comes to APIOps:
decK to sync your config (you can even run deck from Terraform).deck file kong2tf to convert your declarative config to Terraform and use Terraform for everythingIf I were looking to adopt Terraform today, I’d use deck file kong2tf to provide a complete pipeline that means that the development team only has to write an OpenAPI spec. And thanks to the power of openapi2kong and kong2tf the infrastructure team gets to interact with Terraform manifests that they’re comfortable with.
Some of you may be thinking, “But I don’t use Konnect!” If that’s the case, I have two things for you:
In addition to the terraform-provider-konnect GA release, I’m excited to share that we have a beta release of [terraform-provider-kong-gateway](https://github.com/kong/terraform-provider-kong-gateway)terraform-provider-kong-gateway for you all to test.
The two providers are almost identical, except that the on-prem provider doesn’t require you to specify a control plane ID on your entities. Other than that, all the same Kong Gateway resources can be managed using identical [Terraform resources](https://registry.terraform.io/providers/Kong/kong-gateway/latest)Terraform resources.
Kong and Terraform are a great match. Terraform helps configure critical infrastructure and prevent configuration drift, and Kong Gateway is a key part of that infrastructure.
If you want to try it out, the quickest way to get started is to [create a free Konnect account](https://konghq.com/products/kong-konnect/register)create a free Konnect account and use [terraform-provider-konnect](https://registry.terraform.io/providers/Kong/konnect/latest)terraform-provider-konnect.
If you’re an existing on-prem user, you can use [terraform-provider-kong-gateway](https://registry.terraform.io/providers/Kong/kong-gateway/latest)terraform-provider-kong-gateway to manage your deployment.
No matter which provider you choose, we’d love to hear from you via GitHub about what you’re doing with Kong [Konnect](https://github.com/Kong/terraform-provider-konnect/issues/new)Konnect or [on-prem](https://github.com/Kong/terraform-provider-kong-gateway/issues/new)on-prem.
It’s been almost a year since we released our Konnect Terraform provider . In that time we’ve seen over 300,000 installs, have 1.7 times as many resources available, and have expanded the provider to include data sources to enable federated managem
[](https://konghq.com/blog/product-releases/terraform-provider-konnect-v3)
Today with the release of Insomnia 10 , we are quite stoked to also announce a brand new offering in Insomnia, the AI Runner, a managed SaaS service that provides developers with the ability to accelerate and secure LLM traffic for their applicatio
[](https://konghq.com/blog/product-releases/introducing-the-insomnia-ai-runner)
We're delighted to announce the release of Kong Gateway 3.4 for Kong Enterprise and Kong Konnect , featuring significant enhancements, such as secrets rotation support in secrets management, expanded plugin support in consumer groups, and more. T
[](https://konghq.com/blog/product-releases/gateway-3-4-enterprise-and-konnect)
Managed Redis cache is a turnkey "Shared State" add-on for Kong Dedicated Cloud Gateways. It is designed to combine the performance of an in-memory data store with the simplicity of a SaaS product. When you spin up a Dedicated Cloud Gateway in Kong
[](https://konghq.com/blog/product-releases/multicloud-cloud-gateways-managed-redis-cache)
With Kong Ingress Controller, when your Control Plane was hosted in Kong Konnect, and you were using Kubernetes Gateway API, your dataplane, routes, and services were in read-only mode. When using Kong Ingress Controller with Kubernetes Gateway API
[](https://konghq.com/blog/product-releases/kong-operator-2-1)
The Kong MCP Registry acts as a central directory for AI agents and clients to access services that provide context or take action. For AI agents, think of it as a combination of a "Service Catalog" and a "Developer Portal." It offers the metadata,
[](https://konghq.com/blog/product-releases/kong-mcp-registry-tech-preview)
We've talked about why 2026 is the year of AI unit economics . There, we explored the "2025 hangover" where organizations realized that without financial governance, AI isn't just a science project but has become a margin-bleeding cost center. But
[](https://konghq.com/blog/product-releases/konnect-metering-and-billing-demo)