With ConfigSeeder you are able to limit access to configuration values. Access restrictions can be based on environments, configuration groups, and/or configuration keys (via secured flag).

ConfigSeeder doesn’t hide configuration keys with restricted access. You just won’t be able to see the affected values.

 

Of course, the access restriction is also enforced if you compare different environments with each other:

 

Technically, access to environments, configuration groups, and secured values are granted via roles.

On creation or update of a configuration group, needed data roles are immediately visible.