Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@coldsurf/parley

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@coldsurf/parley

Git-style env sync between your machine and AWS Parameter Store + KMS. A self-hosted alternative to Doppler/Infisical for AWS-native teams.

latest
npmnpm
Version
0.1.0
Version published
Maintainers
1
Created
Source

parley

Git-style env sync between your machine and AWS Parameter Store + KMS. A self-hosted alternative to Doppler/Infisical for AWS-native teams.

parley treats environment variables like source code: push, pull, diff. The store is your own AWS account (SSM Parameter Store, encrypted by KMS). No SaaS subscription, no third-party vault. Works great in TS monorepos.

Why parley

  • AWS-native, IAM-bound — secrets live in your account; access is governed by your existing IAM/SSO policies.
  • Git-style workflowparley push / pull / diff map cleanly to how you already think.
  • Monorepo-aware — first-class apps × profiles matrix in a typed parley.config.ts.
  • Ephemeral injectionparley run --app api --profile production -- node server.js (no disk writes).
  • CI-friendlyparley diff --exit-code fails the build when local and remote drift.

Install

pnpm add -D @coldsurf/parley
# or
npm i -D @coldsurf/parley

Quickstart

# 1. Generate a parley.config.ts at repo root
pnpm parley init

# 2. Edit prefix / region / kmsKeyId / apps mappings
# 3. Validate AWS credentials and KMS/IAM
pnpm parley doctor

# 4. Push your local .env.<profile> → SSM
pnpm parley push api production

# 5. Pull from SSM → local .env.<profile>
pnpm parley pull api production

Commands

CommandDescription
initScaffold parley.config.ts, sanity-check AWS credentials
pushLocal .env.<profile> → SSM (changes only)
pullSSM → local .env.<profile>
diffCompare keys between local and remote (values hashed)
listList SSM keys for an app/profile
get / set / unsetSingle-key operations
run -- <cmd>Inject env from SSM and exec a command (no disk writes)
`sync pushpull`
doctorDiagnose credentials, SSM access, KMS access, mappings

Configuration

// parley.config.ts
import { defineConfig } from '@coldsurf/parley/config';

export default defineConfig({
  region: 'ap-northeast-2',
  prefix: '/myorg/myproject',
  kmsKeyId: 'alias/parley',
  apps: {
    api: { path: 'apps/api', profiles: ['development', 'staging', 'production'] },
    web: { path: 'apps/web', profiles: ['development', 'production'] },
  },
});

Comparison

parleychamberDoppler / Infisicalsops
BackendAWS SSM + KMSAWS SSM + KMSSaaSFile (any backend)
Self-hostedPaid plan
TS DX❌ (Go)
push/pull/diffpartialpartial
Monorepo apps × profilespartial

License

MIT © COLDSURF

Keywords

aws
ssm
parameter-store
kms
secrets
env

FAQs

Package last updated on 06 May 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages

Research

/

Security News

Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages

A mini Shai-Hulud campaign compromised Red Hat Cloud Services npm packages to steal developer and CI/CD secrets during installation.

By Socket Research Team  -  Jun 01, 2026