Migration Guide

Version 3.0 Last updated: Oct 24, 2025 Production Ready

A comprehensive, step-by-step guide to migrating your existing configuration management system to App Config.json with zero downtime. Designed for DevOps engineers and platform teams.

Overview

App Config.json provides a unified, version-controlled, and real-time synchronized configuration layer for modern applications. This guide walks you through migrating from legacy solutions (environment variables, YAML files, HashiCorp Vault, AWS Parameter Store, etc.) to our platform safely and efficiently.

The migration process typically takes 15-45 minutes depending on environment complexity. We support a phased rollout with automatic fallback mechanisms to ensure zero service disruption.

Prerequisites

  • App Config.json account with Project Admin permissions
  • Existing configuration files or secret manager exports
  • Application SDK v3.2+ compatible language/runtime
  • Network access to api.appconfig.json (or VPC endpoint configured)
  • Rollback strategy documented for your deployment pipeline

Step 1: Audit & Export

1

Identify Configuration Sources

Run our CLI scanner to automatically discover configuration files, environment variables, and hardcoded values across your codebase.

Terminal 
appconfig scan ./my-project --output audit.json
# Output: Found 142 keys across 8 environments
# Secrets detected: 3 | Hardcoded configs: 11 | Duplicates: 5

Review audit.json to understand dependencies, deprecation warnings, and environment-specific overrides before proceeding.

Step 2: Schema Mapping

2

Define Your Configuration Schema

App Config.json enforces JSON schemas to prevent invalid deployments. Map your legacy keys to our structured format.

Legacy FormatApp Config.json MappingType
DB_HOST=prod-db.internaldatabase.connection.hoststring
MAX_RETRIES=3retries.max_attemptsnumber
FEATURE_FLAG_X=trueflags.experimental_xboolean

Use the dashboard's Schema Builder to generate a validation rule set, or upload your audit.json for auto-mapping.

Step 3: SDK Integration

3

Install & Initialize

Add the SDK to your application. It runs as a lightweight sidecar process or in-process library depending on your runtime.

JavaScript / TypeScript 
npm install @appconfig/json-sdk

import { AppConfig } from '@appconfig/json-sdk';

const config = new AppConfig({
  projectId: 'proj_8x92kd',
  environment: process.env.NODE_ENV || 'development',
  fallback: './local-config.json',
  pollInterval: 5000
});

// Start listening for real-time updates
config.subscribe((key, value) => {
  console.log(`[Config] ${key} updated to ${value}`);
});

Initialize early in your app lifecycle. The SDK caches configurations locally and syncs on boot, ensuring fast cold starts.

Step 4: Validation & Testing

4

Staging Verification

Before touching production, validate your migration in a sandbox environment. Use the CLI diff tool to compare expected vs actual configs.

Terminal 
appconfig diff --env staging
✓ database.connection.host matches
✓ retries.max_attempts matches
⚠ flags.beta_ui has environment override
Run `appconfig validate --strict` to enforce schema compliance.

Run your full integration test suite. The SDK provides a config.snapshot() method to verify runtime state matches dashboard definitions.

Step 5: Zero-Downtime Cutover

5

Phased Rollout & Rollback

Deploy using our recommended shadow sync pattern:

  1. Deploy new code with SDK pointing to appconfig.json but keep legacy configs active as fallback
  2. Enable shadowMode: true in SDK config to sync without overriding
  3. Monitor logs for sync success rates (>99.5% recommended)
  4. Flip shadowMode: false to activate live sync
  5. Verify health checks, then decommission legacy config files/secrets

If anomalies are detected, revert by setting SDK_OVERRIDE=true in your deployment manifest. All changes are versioned and reversible within 30 days.

FAQ & Troubleshooting

How do I handle encrypted secrets during migration?

App Config.json supports seamless integration with HashiCorp Vault, AWS Secrets Manager, and Azure Key Vault. Use our secret-proxy middleware to route sensitive keys without storing plaintext in the platform.

What if my app doesn't support the native SDK?

You can use our REST API with any HTTP client, or deploy the lightweight agent as a sidecar container. The agent exposes a local gRPC/HTTP endpoint at http://localhost:8090 for config retrieval.

How is rollback handled?

Every configuration change is immutable and versioned. In the dashboard, click Version History to revert any key or environment to a previous state instantly. Rollbacks propagate in <50ms.

Will this increase cold start times?

No. The SDK uses aggressive local caching and edge-sync. Initial boot fetches take ~12ms. Subsequent updates are event-driven and zero-latency.

Need Migration Assistance?

Our platform engineers can run a free migration audit and provide a custom cutover plan for your stack.

Schedule a Migration Call