As AI-powered coding assistants become essential development tools, managing file access permissions efficiently is crucial. If you're using Gemini CLI and finding yourself repeatedly approving the same directory prompts, this guide will help you configure trusted directories and reclaim your valuable development time.
The Gemini CLI is Google's powerful command-line interface for interacting with Gemini AI models directly from your terminal. Whether you're building cloud native applications, automating infrastructure tasks, or leveraging AI for code generation, the Gemini CLI can significantly enhance your productivity—but only if it's properly configured.
The Trust Prompt Challenge
When you first run Gemini CLI in a new directory, you'll encounter trust dialogs that ask for permission to access files in that location. While this security feature protects your sensitive data, it can become a productivity bottleneck when working across multiple projects or frequently switching between directories.
The problem: Every time you navigate to a new folder, you're interrupted by permission requests. For platform engineers and DevOps practitioners managing multiple repositories, microservices, or infrastructure-as-code projects, these interruptions add up quickly.
The solution: Configure trusted directories once, and work uninterrupted across all your projects.
Three Ways to Configure Trusted Directories
Gemini CLI offers three flexible approaches to managing trusted directories, each suited to different workflows and preferences. Let's explore each method in detail.
1. Interactive Prompts: The Quick Start Method
The most straightforward way to configure trust settings is through the interactive prompts that appear when you first use Gemini CLI in a new directory.
How It Works
When running Gemini CLI in an untrusted folder, you'll see a dialog with two primary options:
Trust Folder: This option trusts only the current directory. Choose this when:
- You're working in a single, isolated project
- The directory contains sensitive information and you want granular control
- You want to test Gemini CLI functionality in a specific location
Trust Parent Folder: This option trusts the current folder and all its subdirectories. This is ideal when:
- You're managing a monorepo with multiple projects
- Your workspace contains related microservices
- You want to streamline trust management across a project hierarchy
Trusting parent folders intelligently reduces configuration overhead—one decision covers an entire project tree, letting you focus on building rather than managing permissions.
Platform Engineering Best Practice
Layer5 Community
Modifying Trust Settings
Already working in a directory but want to change its trust level? No problem. Simply run:
This command brings up the interactive dialog from within your current directory, allowing you to adjust trust settings on the fly without leaving your workflow.
2. Command-Line Multi-Directory Support
For engineers who prefer command-line efficiency or need to work across multiple unrelated directories simultaneously, Gemini CLI provides powerful command-line options for directory management.
Starting a Session with Multiple Directories
To give Gemini CLI access to multiple directories from the start, use the --include-directories flag:
Key points:
- Paths can be absolute (e.g.,
/home/user/projects/api) or relative (e.g.,../frontend) - Separate multiple paths with commas (no spaces)
- This is particularly useful for cross-project workflows
Example use case: A platform engineer working on a Meshery deployment might need access to:
- The main application repository
- A shared Kubernetes manifests directory
- Infrastructure-as-code configurations
- Documentation repository
Adding Directories During an Active Session
Already in a Gemini CLI session and need to add another directory? Use the /directory add command:
You can even add multiple directories at once by separating them with commas:
The alias /dir works identically for convenience:
Viewing Active Directories
To see all directories currently accessible in your session:
Or using the shorter alias:
This command displays a complete list of all trusted directories for the current session, helping you verify your configuration and understand the scope of file access.
💡 Pro Tip for DevOps Teams
When working with infrastructure design tools like Kanvas, organize your Kubernetes manifests, Helm charts, and configuration files in a parent directory. Trust that parent folder once, and Gemini CLI will have seamless access to your entire infrastructure-as-code setup.
3. Manual Configuration: The Power User Approach
For advanced users, automation enthusiasts, or those managing multiple machines, manually editing the trusted folders configuration file provides the ultimate control and reproducibility.
Understanding the Configuration File
Trusted folder rules are stored in a JSON file located at:
This file resides in your home directory's .gemini folder and persists across CLI sessions.
File Structure and Format
The trustedFolders.json file uses a straightforward JSON structure. Here's an example:
Editing the Configuration File
You can edit this file directly using any text editor:
Or with your preferred editor:
Adding and Removing Paths
To add a new trusted directory:
- Open the file in your editor
- Add the full path to the
trustedFoldersarray - Ensure proper JSON formatting (commas between entries, quotes around paths)
- Save the file
To remove a trusted directory:
- Open the file
- Delete the line containing the path (and any trailing comma if it's the last entry)
- Save the file
Example workflow:
Manual configuration enables version control and automation—commit your trustedFolders.json to your dotfiles repository and deploy consistent Gemini CLI settings across all your development machines.
DevOps Automation Strategy
Infrastructure as Code
Applying Changes
After editing the file, changes take effect when you:
- Restart your current Gemini CLI session
- Start a new Gemini CLI session
Important: Changes to trustedFolders.json do not apply to already-running CLI sessions. Simply exit and restart the CLI to pick up your modifications.
Best Practices for Trusted Directories
Security Considerations
While configuring trusted directories improves workflow efficiency, it's essential to maintain security best practices:
- Be selective: Only trust directories you actively use with Gemini CLI
- Avoid overly broad permissions: Trusting your entire home directory (
~) exposes all files—use specific project directories instead - Regular audits: Periodically review
~/.gemini/trustedFolders.jsonand remove directories for completed or archived projects - Sensitive data: Keep directories containing secrets, credentials, or PII (Personally Identifiable Information) untrusted unless absolutely necessary
Organizational Strategies
For Solo Developers:
- Trust parent folders for active projects
- Use specific folder trust for exploratory or temporary work
- Maintain a clean project directory structure to minimize trust scope
For Teams and Organizations:
- Standardize project directory layouts across the team
- Document trusted directory policies in team onboarding materials
- Consider using absolute paths in shared documentation for consistency
- Leverage version-controlled dotfiles to distribute configuration
For Multi-Environment Workflows:
- Separate development, staging, and production directories
- Apply stricter trust policies to production-related directories
- Use environment-specific parent folders (e.g.,
~/dev/,~/staging/,~/prod/)
Integration with Cloud Native Workflows
Gemini CLI's trusted directories feature becomes even more powerful when integrated into cloud native development workflows. Here are practical examples:
Kubernetes and Container Development
When working with Kubernetes orchestration, trust your entire K8s workspace:
This configuration allows Gemini CLI to assist with:
- Generating and validating YAML manifests
- Troubleshooting deployment configurations
- Analyzing pod logs and resource definitions
- Creating Helm chart templates
Infrastructure as Code
For infrastructure automation with tools like Terraform, Pulumi, or Ansible:
Benefits include:
- AI-assisted infrastructure code generation
- Configuration validation and best practice suggestions
- Documentation generation from IaC definitions
- Troubleshooting infrastructure drift
Multi-Repository Projects
Modern cloud native applications often span multiple repositories. Configure Gemini CLI to work seamlessly across your architecture:
Troubleshooting Common Issues
Permission Prompts Still Appearing
Problem: You've configured trusted directories, but prompts still appear.
Solutions:
- Verify the exact path in
~/.gemini/trustedFolders.jsonmatches your working directory - Check for typos in paths (case-sensitive on Unix-like systems)
- Ensure you've restarted the Gemini CLI session after configuration changes
- Confirm you're working in a subdirectory of a trusted parent folder
JSON Syntax Errors
Problem: Configuration changes aren't working, or Gemini CLI reports errors.
Solutions:
- Validate JSON syntax:
python3 -c "import json; json.load(open('$HOME/.gemini/trustedFolders.json'))" - Check for missing commas between array entries
- Ensure all paths are enclosed in double quotes
- Verify the closing bracket and brace are present
Symbolic Links and Mount Points
Problem: Trusted directories aren't recognized when accessed via symbolic links.
Solutions:
- Add both the real path and symlink path to trusted folders
- Use absolute paths to avoid resolution issues
- Check with
realpath <directory>to find the canonical path
Maximizing Productivity
With trusted directories properly configured, you can fully leverage Gemini CLI's capabilities without interruption:
- Code generation: Generate boilerplate, utility functions, or entire components
- Documentation: Create comprehensive docs from code comments and structure
- Debugging: Get AI-powered assistance analyzing logs and stack traces
- Refactoring: Safely modernize codebases with intelligent suggestions
- Learning: Explore unfamiliar codebases with AI-guided explanations
Conclusion
Configuring Gemini CLI trusted directories is a one-time investment that pays continuous dividends in productivity and workflow smoothness. Whether you choose interactive prompts for simplicity, command-line options for flexibility, or manual configuration for automation, the result is the same: uninterrupted access to AI-powered assistance across all your development projects.
Quick Recap:
- Interactive prompts: Fast and intuitive for ad-hoc configuration
- Command-line flags: Powerful for multi-directory workflows and scripting
- Manual editing: Ultimate control for automation and reproducibility
By implementing these configurations, platform engineers, DevOps practitioners, and cloud native developers can focus on what matters most: building innovative infrastructure and applications without the friction of repetitive permission requests.
Ready to accelerate your development workflow? Configure your trusted directories today and experience the full power of AI-assisted development with Gemini CLI.
Want to learn more about AI-powered development tools and cloud native best practices? Join the Layer5 community on Slack to connect with platform engineers, DevOps practitioners, and cloud native experts from around the world.
Team
