ioenv Environment Cloud
Environment Cloud for Developers & AI Teams

Manage all environments in one controlled place.

Centralize environment variables, secrets, and runtime configs. Inject them into Cloudflare Workers, Vercel, Kubernetes, and more with full audit and versioning.

CLI-first. No lock-in. Designed for serious engineering teams.

env

API_URL=https://api.internal
DB_HOST=db.cluster.local
LOG_LEVEL=info

secrets

OPENAI_KEY ··············
GITHUB_TOKEN ··············
ioenv
Environment Cloud Core
Cloudflare Workers injected
Vercel injected
Kubernetes injected

Single source of truth for dev, staging, and prod. Fully encrypted. Fully auditable.

Why ioenv

Configuration scattered across repos, chats, and memory does not scale. ioenv gives you one strict environment layer.

Prevent secret leaks

Remove secrets from source code, Slack, and Notion. Store them in one encrypted place with strict access control.

One source of truth

Keep dev, staging, and production in sync with versioning, diff, and instant rollback.

Inject anywhere

Push environment data into Cloudflare Workers, Vercel, Kubernetes, Docker, and CI pipelines.

Core capabilities

A minimal, strict environment layer for modern teams building serious systems.

Environment Manager

  • Multi-environment: dev, staging, prod
  • Hierarchical config with overrides
  • Diff, history, and rollback
  • Import/export .env files

Secrets Manager

  • AES-256-GCM encryption at rest
  • Zero plaintext storage
  • Per-secret access control and audit
  • Temporary tokens and expiration policies

Integrations

  • Cloudflare Workers and Pages
  • Vercel projects
  • Docker / Compose
  • Kubernetes Secrets
  • GitHub Actions and other CI
Project core-api
Key Value Last updated
API_URL https://api.internal 2 min ago
DB_HOST db.cluster.local 1 hour ago
LOG_LEVEL info yesterday

Every change is versioned and auditable. Move fast without losing control.

Developer-first

Use ioenv from the CLI, the web console, or directly via API. Everything is scriptable.

  • CLI-first workflow
  • Simple, stable HTTP API
  • No framework lock-in
CLI
ioenv set OPENAI_KEY="sk-..." --env=prod
ioenv get OPENAI_KEY --env=prod
ioenv pull --env=staging
ioenv diff staging prod
API
GET /v1/env?project=core-api&env=prod
Authorization: Bearer <token>

{
  "API_URL": "https://api.internal",
  "DB_HOST": "db.cluster.local",
  "LOG_LEVEL": "info"
}

AI Key Proxy

Route all LLM traffic through ioenv. Keys never touch client code. Usage and cost become observable.

Hide keys from clients

Stop shipping LLM keys to browsers, apps, and untrusted environments.

Unified usage

See per-provider usage and cost in one place across OpenAI, Anthropic, and more.

Centralized routing

Route traffic to different providers by model, latency, or cost.

Pricing

Start free. Scale with your team. No per-request surprises.

Free

For solo developers.

$0
  • 1 project
  • Up to 3 environments
  • Basic secrets and env management

Pro

For teams shipping production systems.

$9/user/mo
  • Unlimited projects
  • Unlimited environments
  • History, diff, rollback
  • Cloud and CI integrations
  • Basic AI Key Proxy

Team

For organizations that need full control.

Custom
  • RBAC and SSO
  • GitOps workflows
  • Advanced audit and compliance
  • VPC / private deployments
  • Advanced AI routing and limits

Security model

ioenv never stores plaintext secrets. Everything is encrypted at rest and in transit.

  • AES-256-GCM encryption with unique IV per record
  • Zero plaintext secrets in databases or logs
  • Hardware-backed root keys and rotation policies
  • Full audit logs for reads, writes, and rotations