DevOps Foundations Pricing & Packaging
Self-Hosted
Your critical CI/CD Pipelines will never fail because of a Gruntwork outage.
Secure
Your state files and secrets are in your own systems. Gruntwork has no access to sensitive data.
Leverage our Expertise
We've invested hundreds of developer-years into production-ready code in the Gruntwork Library.
Fast track procurement of your Gruntwork subscription
Ask about our discounts
Discounted pricing is available for education, non-profits, repeat customers, and resale partners. Contact sales to learn more and see if you qualify.
Need help deciding? We are happy to answer your questions and provide additional information.
Team
$24,000 /yr-20%
Enterprise
Exclusive Pricing
Team
$18,000 /yr-20%
Enterprise
Exclusive Pricing
Exclusive Pricing
Initial Setup
IaC Account Foundations | ||
AWS multi-account setup | ||
Control Tower configuration Use Control Tower as a single pane of glass to see all your accounts and manage their controls. | ||
IaC foundations We’ll set you up with best-practice IaC folder structure and infrastructure patterns. | ||
Tagging & labeling enforcement | ||
Account Factory for AWS | ||
CIS-compliant AWS account baselines | ||
Custom Account Factory baselines | ||
Gruntwork Component Setup | ||
Gruntwork Pipelines setup | ||
Gruntwork Patcher [beta] setup | ||
Network configuration | ||
Standard secure network configuration The standard network configuration provides an app VPC with multiple public & private subnet tiers including IGWs, public NGWs, and NACLs. | ||
Custom network design Work with a Gruntwork Solutions Architect to design a network that suits your needs, with features such as an AWS Transit Gateway, inspection VPC, AWS Firewall manager, RAM networks, zero-trust networks, IPAM, IPv6, and more. |
Account factory
Vend individual AWS accounts | ||
Centralized account approval workflow | ||
CIS-compliant AWS baselines for all vended accounts | ||
Gruntwork Pipelines auto-configured for all vended accounts | ||
Gruntwork Patcher [beta] auto-configured for all vended accounts | ||
Promotion workflows auto-configured for all vended accounts | ||
Multi-account vending Vend a set of accounts, such as dev/stage/prod, in a single, automated operation. | ||
Multi-repo vending for project/teams Vend a separate infrastructure repository for each team/project. | ||
Customized baselines for all vended accounts |
Pipelines
Pull request driven workflow | ||
GitOps infrastructure deployments | ||
Terragrunt plan/apply/destroy | ||
Works with OpenTofu and Terraform Due to licensing restrictions, we can only support Terraform 1.5.x and earlier. | ||
Use OIDC for AWS authentication Access AWS with automatically managed and rotated credentials (instead of manually managed, long-lived secrets). | ||
Audit logging with intelligent pass-through Automatically capture the underlying user who triggered the CI/CD pipeline in the IAM role session name, so you can audit all API calls in CloudTrail. | ||
Centralized IAM role provisioning We provide a single place and tooling to vend IAM roles that give each app team the permissions they need. | ||
Least-privilege OIDC roles Automatically provision least-privilege IAM roles for use with OIDC, limiting each team to only the GitHub repos, AWS accounts, and AWS resources they should have access to. | ||
Number of team licenses included A “team” refers to a unique git repo used to manage infrastructure-as-code. Only git repos that use Gruntwork Pipelines require a team license. | 1 | 2+ |
Patcher [beta]
Automatic PRs for module dependency updates Keep your infrastructure modules up to date with automatic PRs for any releases of module dependencies. | ||
Automatic PRs for live infrastructure updates Keep your live infrastructure up to date with automatic PRs for any releases of module dependencies. | ||
Promote changes across environments Safely and automatically propagate changes from dev to stage to prod, building confidence at each step. |
Library
Library User Licenses | 5 Upgradeable to a maximum of 30 | 20+ |
Machine user licenses | 2 | 4+ |
Commercial maintenance for all modules | ||
Thoroughly tested using Terratest & Terrascan | ||
Compatible with OpenTofu, Terraform, & Terragrunt Due to licensing restrictions, we can only support Terraform 1.5.x and earlier. | ||
Self-hosted private mirror of Gruntwork Library | ||
AWS Foundations | ||
CIS-compliant VPC Our VPC module is compliant with the CIS AWS Foundations Benchmark | ||
CIS-compliant Account Baseline Our account baseline module is compliant with the CIS AWS Foundations Benchmark | ||
Dual Stack/IPv6 [beta] | ||
EKS & Running Apps | ||
Robust EKS cluster support | ||
ArgoCD for EKS GitOps | ||
AWS ECS, ASG, EC2 and Lambda | ||
Application and Network load balancing | ||
STORING DATA & EVENT STREAMING | ||
RDS, Aurora | ||
S3 | ||
EFS | ||
ElastiCache | ||
MSK, SQS, SNS, Kinesis, Redshift |
Support
Number of technical contacts Technical contacts are members of your team that can submit support requests via email. | 2 | 5+ |
KodeKloud training licenses Gruntwork has partnered with KodeKloud to give your team access to over 75 best-in-class DevOps training courses. | 2 | 5+ |
Basic Terragrunt Support | ||
Bugfix & General Support | ||
Email Support | ||
Knowledge Base | ||
Community Slack | ||
Private Slack Channel | ||
Support SLA | 1-Day |
Interested in pricing for individual products?
Contact our sales team so we can discuss a product mix and pricing plan tailored to the needs of your business.
Frequently Asked Questions
Is there a free trial?
Is a subscription required?
Can I purchase products individually?
What payment options do you accept?
What’s a user?
What’s included with each user license?
Can I modify your Terms of Service?
Still unsure? A live demo will change that.
Chat with a DevOps expert and see how our integrated solution can meet the needs of your business and your teams.
© 2024 Gruntwork