Enterprise

Built for teams that can't afford surprises

Self-hosted control plane, SSO, JIT access, eBPF observability, and org-wide service registry. Everything your platform team actually needs — deployed in your cluster, under your control.

Talk to us → See pricing

SSO — Okta, Google, Azure, OIDC

One-click SAML/OIDC setup with Okta, Google Workspace, Azure AD, or any generic OIDC provider. Enforce login through your IdP.

SCIM auto-provisioning

Sync users from your identity provider automatically. Members are created, updated, and deprovisioned in real time via SCIM 2.0.

JIT access control

Engineers request time-limited access to remote services. Approvals, automatic expiry, and a full audit trail built in.

Custom roles & permissions

Define fine-grained roles beyond owner/admin/member. Assign exactly which actions each role can perform across servers, tethers, and billing.

2FA enforcement & session timeout

Require TOTP 2FA across the org. Set session inactivity timeouts. Non-compliant members are blocked at the API level.

IP allowlisting

Restrict API access to approved CIDRs. Requests from outside your office or VPN are rejected before reaching any resource.

Audit log with retention policy

Every access request, approval, server change, and config update logged with timestamps. Set retention windows and export to CSV or SIEM.

Slack bot (/gretl commands)

Let your team sleep, wake, and check servers directly from Slack. Per-org credentials — your data never touches a shared bot.

Budget alerts & cost reports

Set monthly spend limits per org. Get Slack or email alerts at 80% and 100% of budget. Monthly cost reports by environment emailed automatically.

Kubernetes workload management

Register clusters, discover deployments, and sleep idle agent pods from the dashboard. Wake them on demand from Slack. Port-forward tethers without kubectl — full access control and audit trail included.

MCP server for AI agents

Cursor, Claude Code, and Cline can list services, wake sleeping environments, and register ports directly from the agent loop — no context switching, no dashboards, no manual steps.

eBPF observability

Kernel-level telemetry with zero instrumentation. CPU, memory, and network flows per pod — continuous profiling, service traffic maps, and process-level visibility across every node in your cluster.

Let's talk

Tell us about your team and we'll get back to you within one business day. Enterprise deals include a guided onboarding, dedicated Slack channel, and SLA.

Custom pricingVolume discounts for larger teams and multi-year contracts available.

Security reviewWe'll provide documentation for your infosec team and support SOC 2 reviews.

Dedicated supportPrivate Slack channel, guaranteed response times, and a named contact.

Prefer email? enterprise@gretl.dev

Get in touch

We'll respond within one business day.

✓ Message sent — we'll be in touch shortly.