diff --git a/.asf.yaml b/.asf.yaml
index 32f9b9c7..22857af6 100644
--- a/.asf.yaml
+++ b/.asf.yaml
@@ -16,7 +16,14 @@
 #
 
 # `.asf.yaml` is a branch-specific YAML configuration file for Git repositories to control features such as notifications, GitHub settings, etc.
-# See its documentation for details: https://cwiki.apache.org/confluence/display/INFRA/Git+-+.asf.yaml+features
+# See its documentation for details: https://github.com/apache/infrastructure-asfyaml
+
+#
+# Additional non-standard features
+#
+meta:
+  environments:
+    - github_rulesets
 
 # Bare minimum `notifications` to
 #
@@ -61,22 +68,25 @@ github:
   features:
     issues: true
 
-  # Prevent force pushes to primary branches
-  protected_branches:
-    main:
-      # All commits must be signed
-      required_signatures: true
+  # Clear Protected Branches configuration: it is replaced by GitHub Rulesets
+  protected_branches: { }
+
+  rulesets:
+    - name: "Branch protection"
+      type: branch
+      branches:
+        includes:
+          - "test/rulesets"
       # All reviews must be addressed before merging
       required_conversation_resolution: true
       # Require checks to pass before merging
       required_status_checks:
-        checks:
-          # The GitHub Actions app: 15368
-          - app_id: 15368
-            context: "build / build (ubuntu-latest)"
-          # The GitHub Advanced Security app: 57789
-          - app_id: 57789
-            context: "CodeQL"
+        # The GitHub Actions app
+        - app_slug: github-actions
+          name: "build / build (ubuntu-latest)"
+        # The GitHub Advanced Security app
+        - app_slug: github-advanced-security
+          name: "CodeQL"
       # At least one positive review must be present
       required_pull_request_reviews:
         required_approving_review_count: 1