Documentation
Deploy a headless, stateless execution agent on any system, tell the AI what you want done, and approve as it executes.
Video Walkthrough
Getting Started
Prerequisites
- • Google account for authentication
- • Cloud Operator: AWS account with ability to launch EC2 instances
- • Standalone Binary: Linux or macOS system with outbound internet access
- • Port 443 outbound to the internet open on the target system
DropOps eliminates friction between intent and execution. Authenticate, and immediately manage infrastructure through natural language.
- The Operator - Headless, stateless execution agent—your AI's gateway to the physical world
- Cloud Operator - Enterprise-ready EC2 AMI with Terraform, kubectl, AWS CLI, and security tools pre-installed. Zero Standing Privileges—AI requests access only when needed.
- Standalone Binary - Lightweight 5MB agent for Linux/macOS. Same security model, zero dependencies—a flexible building block for any environment.
- No Inbound Connections - Zero listening ports, zero attack surface
- Unique API Keys - Each Operator authenticates independently. Revoke instantly.
- Least-Privilege - Operators run with only the permissions you grant
- Human-in-the-Loop - You approve all changes before execution
Login & Authentication
Sign In with Google
DropOps uses Google OAuth for authentication. Click "Sign in with Google" on the landing page, authorize the application, and you're in. No passwords to manage, no separate credentials to remember.
After signing in, you'll be presented with our Terms of Service. Review and accept to continue to your dashboard.
Web Session Security
Your browser session is encrypted and stored securely. Sessions expire after inactivity for security. If you're logged out unexpectedly, simply sign in again—your operators, investigations, and history remain intact.
Operator Authentication
Each operator authenticates using its own unique API key found in the Operator Panel dropdown drawer. These operator keys are different from the user download key—the user's download key can only be used to download the operator binary, while each operator's individual API key can be used to both download and start that specific operator. Revoke an operator key instantly to disconnect that specific operator.
Session Management
Your web sessions and operator connections are completely independent. Logging out of the dashboard doesn't disconnect your operators—they continue running until you explicitly revoke their keys or stop the process.
Deploy the Standalone Binary
The standalone binary is a lightweight 5MB execution agent for Linux and macOS. For AWS environments, consider the Cloud Operator instead—it includes pre-installed tools and intent-based IAM permissions.
Step 1: Download The Operator
From your dashboard, click the "0 of 100 OPERATORS ACTIVE" tab in the Operator Panel to expand the operator list.
This reveals the operator list where you can see all your available operators.
Click the "Operator Download" button. This opens the download drawer where you'll find your Download API Key—used only for downloading the operator binary.
Follow the steps in the download drawer: copy the install command, paste your download key when prompted, and the operator binary will be downloaded to your system.
Step 2: Get Your Operator API Key
Click "Operator List" or the back arrow to return to the Operator Panel. Find an available operator and copy its unique Operator API Key—this key can be used to both download and start that specific operator.
Important: Know the difference between keys. The user's download key can only download the binary. Each operator's individual API key can both download and start that specific operator.
Step 3: Authenticate & Run
Run The Operator with the operator-specific API key from the Operator Panel (not the download key). It connects, registers, and starts listening for commands. Run it as a background service, in screen, or via systemd.
$ curl -fsSL https://dropops.ai/operator/drop | bash
DropOps Operator Drop Script
Detected platform: linux/amd64
Enter your DropOps Download API key:
Downloading operator binary... Fetching checksum... Downloading binary... Verifying integrity... Checksum verified. Operator dropped successfully! Enter the API key for an eligible DropOps Operator:
Starting operator... ================= DropOps Operator Version: 1.0.0 ================= - Requires port 443 outbound only - Run with sudo only if elevated permissions are needed. - Login to https://DropOps.ai ============================================ INFO: DropOps Operator initializing... INFO: Authenticating with DropOps.ai... INFO: Authentication successful INFO: Applying operator configuration... INFO: Execution service initialized - max_concurrent_tasks: 25 - max_memory_mb: 2048 INFO: File operations ready INFO: Establishing DropOps connectivity... INFO: Establishing connection with operator.dropops.ai - operator_id: 421979eb-5...073 - operator_session_id: session_17...832d2 INFO: Connection established - Standing by INFO: Channel established - Ready to receive INFO: DropOps Operator started successfully! - max_concurrent_tasks: 25 - startup_duration: 596ms INFO: Standing by
That's it. Your operator appears in the dashboard with system metadata, heartbeat status, and connectivity status. Run it as a background service, in screen, or via systemd.
Pro Tip: Multiple Operators
Copy the same binary to multiple systems, but each needs its own unique operator API key from the Operator Panel. Manage your entire infrastructure from a single chat interface.
DropOps Cloud Operator for AWS
For AWS environments, the DropOps Cloud Operator for AWS provides a pre-configured EC2 instance with all infrastructure tools pre-installed. The Cloud Operator uses a Zero Standing Privileges model—it starts with zero AWS access and requests permissions only when needed to fulfill your intent.
shield Security Model
The Cloud Operator role includes a permission boundary that prevents it from ever granting itself admin-level access:
- check_circle Can grant: Scoped permissions like
ec2:DescribeInstances,s3:GetObject,lambda:InvokeFunction - cancel Cannot grant:
AdministratorAccess,iam:*,*:*, or policies with*Admin*in the name
Prerequisites: DropOps account (Professional tier or above). Cloud Operators are not available on Free or Personal tiers.
Quick Launch
The fastest way to get started—no passwords, no JSON policies to write. Launch from AWS Marketplace with your DropOps API key (from the Operator Panel), select the Cloud Operator IAM role, and the Operator connects automatically. The IAM role provides AWS credentials; the API key provides DropOps platform authentication.
How It Works
Step 1: Create the IAM Role
Use CloudFormation to create a minimal IAM role that allows the Operator to discover its identity and update its own permissions based on your chat responses.
CloudFormation Console
1. Open CloudFormation Console → Create stack
2. Template: https://dropops-public.s3.amazonaws.com/operator-role.yaml
3. Stack name: DropOps-Operator-Role
4. "I acknowledge that AWS CloudFormation might create IAM resources with custom names."
5. Submit
Option B: AWS CLI (Recommended)
$ aws cloudformation create-stack \ --stack-name DropOps-Operator-Role \ --template-url https://dropops-public.s3.amazonaws.com/operator-role.yaml \ --capabilities CAPABILITY_NAMED_IAM $ aws cloudformation wait stack-create-complete --stack-name DropOps-Operator-Role
The CloudFormation template creates:
- Permission Boundary: Hard security ceiling preventing admin escalation (always enforced)
- Base Policy: Self-discovery and permission checking (always present)
- Self-Escalation Policy: Allows the Operator to update its own IAM permissions via chat (optional, enabled by default)
The permission boundary ensures the Operator can only grant itself least-privilege, scoped permissions—never admin access.
Step 2: Launch the Cloud Operator
Get your API key first. Go to https://dropops.ai, open the Operator dropdown, copy your API key, and paste it in User Data during launch.
EC2 Console
1. Navigate to EC2 → Launch Instance
2. Name: DropOps Cloud Operator
3. Search: DropOps > Select the AMI
4. Instance type: t3.micro
5. Key pair: None required
6. Network settings: Select or create a security group which includes resources you would like the DropOps Operator to access.
7. Configure Storage: 30GB is the minimum for t3.micro
Advanced Details
• IAM Instance Profile: DropOps-Cloud-Operator-InstanceProfile
• User Data: Go to https://dropops.ai, open the Operator dropdown, copy your API key, and paste it here
dropops_op_XXXXX
8. Click 'Launch Instance'
Note: The IAM role provides AWS credentials (via IMDS). The API key provides DropOps platform authentication. Both are required.
Step 3: Connect Your Cloud Operator
The Operator appears in the Operator dropdown. Click the link link icon to bind it to your chat session and start.
Zero Standing Privileges
The Cloud Operator launches with zero access to your AWS resources. When you request something outside its current permissions, the AI asks for approval, grants itself least-privilege access, and executes—all in one step. Revoke any permission anytime.
┌─────────────────┐
│ Cloud Operator │ ◀── Starts with ZERO access
│ (Your VPC) │
└────────┬────────┘
│
┌───────────────────┼───────────────────┐
│ │ │
┌────▼────┐ ┌────▼────┐ ┌────▼────┐
│ EC2 │ │ S3 │ │ RDS │
│ Access │ │ Access │ │ Access │
└─────────┘ └─────────┘ └─────────┘
Just-in-Time Permissions (granted on request—revocable anytime)
Intent-Based Permissions
The DropOps Cloud Operator for AWS starts with minimal permissions—just enough to identify what it can reach using the AWS SDK. The AI asks you questions in plain English:
The AI might ask:
- • "I see I'm running in your Production-VPC. Should I have permission to see other instances?"
- • "Should I be able to read from your S3 buckets?"
- • "Do you want me to manage Terraform state?"
You answer Yes or No. The AI translates your intent into IAM policies and the Operator updates its own role—no JSON required.
Available Intent Policies
The AI can request these permissions through natural conversation:
| Intent | AI Question | Grants |
|---|---|---|
| EC2 Discovery | "See other EC2 instances?" | ec2:Describe* |
| EC2 Management | "Start/stop EC2 instances?" | ec2:Start/Stop/Reboot |
| SSM Execution | "Run commands on other instances?" | ssm:SendCommand |
| S3 Read | "Read from S3 buckets?" | s3:GetObject, ListBucket |
| S3 Write | "Write to S3 buckets?" | s3:PutObject, DeleteObject |
| Terraform State | "Manage Terraform state?" | S3 + DynamoDB for tfstate |
| CloudWatch Logs | "View/write CloudWatch Logs?" | logs:* |
| Secrets Read | "Read from Secrets Manager?" | secretsmanager:GetSecretValue |
Auto-Approved Self-Discovery
The Cloud Operator can check its own IAM identity and permissions without requiring your approval. These read-only commands are always allowed:
- •
aws sts get-caller-identity- Identify the operator's IAM role - •
aws iam get-role- Inspect the role's configuration - •
aws iam get-role-policy,aws iam list-role-policies- Check current permissions - •
aws iam list-attached-role-policies- List managed policies - •
aws iam simulate-principal-policy- Test what actions are allowed - • Local system commands (
ls,cat,systemctl,journalctl, etc.)
Security Note: These commands can only query the operator's own role—they cannot access other AWS resources or make any changes. All other commands require your explicit approval.
Pre-installed Tools
The DropOps Cloud Operator for AWS comes with everything needed for infrastructure automation:
Terraform
Infrastructure as Code
AWS CLI v2
AWS Management
kubectl
Kubernetes
Helm
K8s Packages
jq / yq
JSON/YAML Tools
Python 3
Scripting
Git
Source Control
Security Tools
The DropOps Cloud Operator for AWS includes security tools preconfigured to use AWS IAM role credentials:
| Tool | Purpose |
|---|---|
| Restic | Fast encrypted backups with S3 support (uses IAM role) |
| fail2ban | Intrusion prevention (SSH brute-force protection) |
| auditd | Linux audit daemon with security rules |
Helper Scripts
The DropOps Cloud Operator for AWS includes convenient wrapper scripts for backup operations:
# Backup files to S3 (uses IAM role automatically) $ dropops-backup init $ dropops-backup backup /home /etc $ dropops-backup snapshots
Security Group Requirements
The DropOps Cloud Operator for AWS requires minimal network access:
Inbound Rules
- • SSH (22) - Your IP only, for initial setup (optional)
Outbound Rules
- • HTTPS (443) - Required for DropOps communication
- • DNS (53) - Required for name resolution
File Locations
Key files and directories on The DropOps Cloud Operator for AWS:
| Path | Description |
|---|---|
/opt/dropops/dropops-operator |
Operator binary |
/opt/dropops/config/operator.env |
Configuration file |
/usr/local/bin/dropops-* |
Helper scripts (setup, backup, security) |
/var/log/dropops/ |
Log directory |
/etc/restic/ |
Backup configuration |
DropOps Cloud Operator for AWS Troubleshooting
If the operator panel isn't showing the correct status:
- Refresh the page
- Stop the operator in the operator panel
- Restart the EC2 instance from the AWS Console or CLI
The operator service starts automatically on boot and will appear in your operator panel when it reconnects.
Slack Interface Coming Soon
Slack Integration Coming Soon
We're working on native Slack integration that will allow you to manage your infrastructure directly from your Slack workspace. The same powerful AI, the same approval workflow, delivered where your team already collaborates.
When available, Slack integration will provide:
- Direct Messages - DM the DropOps bot for private, individual work sessions
- Channel Integration - Invite the bot to any channel for team collaboration
- Same Approval Workflow - Approve changes with interactive buttons directly in Slack
- Full Feature Parity - Everything you can do in the web UI, available in Slack
In the meantime, use the DropOps web interface for full functionality.
Your First Investigation
Once your operator is running, start a new investigation from the dashboard. Investigations are conversational sessions where you and the AI accomplish a goal—diagnosing issues, deploying software, configuring services, or auditing security.
Starting Simple
Try asking the AI to perform basic reconnaissance:
Example requests:
- • "Show me the disk usage on this system"
- • "What processes are consuming the most CPU?"
- • "Check if nginx is running and show me its configuration"
- • "List all failed systemd services in the last 24 hours"
The AI analyzes your request, presents commands for approval, executes them, and streams results in real-time. You control everything—every command requires your explicit approval.
Moving to Complex Workflows
Move to multi-step workflows when ready. The AI handles dependencies, sequences operations, and adapts based on results.
Multi-step examples:
- • "Install Docker, configure it to start on boot, and deploy a test nginx container"
- • "Audit all SSH configurations for security best practices and fix any issues"
- • "Debug why the application server is slow—check logs, resource usage, and network connections"
- • "Set up automated backups for the database and verify they're working"
The AI breaks requests into logical steps and guides you through execution. When something fails, it analyzes the error and suggests fixes.
Working with AI
DropOps acts like a senior systems engineer. It understands infrastructure, security, and best practices. Here's how to get the most out of it.
Context Awareness
The AI maintains full context throughout your investigation. When you bind an operator to your session, that system becomes part of the conversation—the AI remembers commands run, results received, system state, and everything you've discussed.
Each conversation works with one bound operator. To work on multiple systems, start separate investigations and bind different operators to each one. The AI maintains context within each investigation.
This means you can have natural, continuous conversations within a single investigation: "Check disk space, then check memory usage, and compare the results." The AI doesn't forget what it just saw—it's working with complete information for that system.
Be Conversational
Talk to the AI naturally—describe what you want to accomplish and it figures out the technical details. Or, just type a command directly. The AI will interpret your intent, understand you want to execute that command, and propose it for your approval.
All of these work:
- • Natural language: "Check if any disks are running out of space"
- • Direct command:
df -h - • Mixed: "Show me the output of
systemctl status nginx"
Provide Context
Mention what you're trying to accomplish, what's broken, or what you've tried. The AI uses conversation history to make better decisions.
Ask Questions
The AI explains commands before execution, suggests alternatives, and walks you through complex operations.
AI Capabilities
- • Google Search: Looks up documentation, error messages, and best practices
- • Multi-step reasoning: Plans complex operations with dependencies
- • Error analysis: Diagnoses failures and suggests fixes automatically
- • Security awareness: Flags risky operations and recommends safer alternatives
- • Documentation: Generates audit trails and runbooks from your sessions
Approval Workflow
All commands require your approval. You remain in complete control of what executes on your systems.
Command Approval Required
All commands require your explicit approval before execution. The AI analyzes each command for risk and presents you with clear approval requests.
Auto-Approved Exceptions
Only specific read-only commands are auto-approved for Cloud Operators to help them discover their own permissions:
- •
aws sts get-caller-identity- Check IAM role identity - •
aws iam get-role- Inspect role configuration - •
aws iam simulate-principal-policy- Test permissions
Changes Require Approval
Any operation that modifies system state requires your explicit approval:
Requires Your Approval
- • Writing, modifying, or deleting files
- • Installing or removing packages
- • Starting, stopping, or restarting services
- • Changing configurations
- • Network modifications
- • Any destructive or state-changing operation
Intelligent Risk Assessment
The AI evaluates each change contextually—considering the command itself, your system state, and the broader operation. It provides clear explanations of what each command does and flags anything that could have significant impact.
Approval Cards
Each command is presented with an approval card showing what will be executed. The AI explains the purpose, potential effects, and suggests safer alternatives when appropriate.
Multi-Step Operations
For complex workflows, the AI breaks operations into logical steps. You can approve individual commands or review the full plan. The AI adapts based on results from each step.
You're Always in Control
No changes execute without your explicit approval. The AI freely explores to gather information, but modifying your systems always requires your consent.
Managing Operators
The Operator Panel provides complete control over all your deployed operators. Monitor real-time status, manage connections, and organize your infrastructure from a central dashboard.
Operator Types & Slot Costs
Different operator types consume different numbers of operator slots from your tier limit:
- • Binary Operators - Standalone binaries for Linux/macOS (1 slot each)
- • Cloud Operators (AWS) - Pre-configured EC2 instances with infrastructure tools (5 slots each)
Availability: Binary operators available on all tiers. Cloud operators require Professional tier or above.
Operator Status
Each operator sends comprehensive heartbeat data every 30 seconds, including system metrics (CPU, memory, disk), network information, and active investigations. Status is determined by authentication, binding, and heartbeat state:
| Status | Description |
|---|---|
| Available | Operator has never authenticated |
| Active | Authenticated and sending heartbeats, not bound to a session |
| Bound | Bound to a web session and sending heartbeats |
| Offline | Previously authenticated but no heartbeat in >60 seconds |
| Stale | Was bound but no heartbeat in >60 seconds |
| Stopped | Manually stopped by user |
Tier Limits & Capacity
Your tier determines the maximum number of operator slots available:
| Tier | Total Slots | Max Binary | Max Cloud |
|---|---|---|---|
| Free | 1 | 1 | 0 |
| Personal | 3 | 3 | 0 |
| Professional | 15 | 15 | 3 |
| Ultra | 45 | 45 | 9 |
| Founding | 100 | 100 | 20 |
| Enterprise | 100+ | Unlimited | Unlimited |
Operator Binding
Binding connects an operator to your current web session for command execution:
- Manual Binding Required - Click the link icon next to any active operator to bind it to your session
- One-to-One Binding - Each web session can bind to only one operator at a time
- Operator Exclusivity - Each operator can only be bound to one web session
- Unbinding - Click the unlink icon or bind a different operator to unbind the current one
- Session Independence - Unbinding leaves the operator running and available for other sessions
Canceling Running Operations
You maintain full control over executing operations at all times:
- Stop AI Processing - Click the stop button in the chat header to cancel active AI reasoning and any pending commands
- Cancel Executing Commands - While a command runs, click the cancel button to terminate the process immediately via SIGKILL
- Deny Command Approval - When presented with an approval card, click "Deny" to prevent execution entirely
No Automatic Timeouts
Commands run until completion or until you cancel them. Long-running operations like terraform apply, package installations, and large builds complete naturally without artificial time limits. You're always in control.
Stopping Operators
Multiple ways to stop an operator, from remote control or direct system access:
- Remote Stop Button - In the Operator Panel, click the stop icon next to any online operator to send a shutdown command via the DropOps network
- Refresh API Key - Click the refresh icon to generate a new API key, instantly destroying the old key and disconnecting the operator
- Local Process Termination - On the target system, use
Ctrl+Corkillto terminate the operator process directly - Cloud Operator Service - For AWS Cloud Operators, use
systemctl stop dropops-operatoror manage the EC2 instance directly - System Reboot - Rebooting the target system stops all operator processes
Cloud Operator Management
For AWS Cloud Operators, you have additional control options:
- • Service Control:
systemctl stop dropops-operator(keeps instance running) - • Instance Control: Stop/reboot/terminate EC2 instance from AWS Console or CLI
- • CLI Commands:
aws ec2 stop-instances --instance-ids i-xxx
Clean Stateless Design
The operator is a single stateless binary that leaves no services running, no daemons, and no open ports when stopped. Run it however you prefer: foreground, background, in screen/tmux, or as a systemd service. There's nothing to clean up on the target system.
Revoking Access
Refresh an operator's API key from the Operator Panel to immediately invalidate its credentials. The old key is destroyed instantly—any operator using it is disconnected and unable to reconnect. Generate new keys as needed for security rotations or access control.
Organizing Operators
Tag operators with descriptive labels (production, staging, database-servers, web-tier) to organize your infrastructure. Filter by tags when starting investigations to quickly target the right systems.
Team Management
Professional, Ultra, Founding, and Enterprise tiers include team collaboration features. Invite team members to share operators and work together on investigations.
Availability
Team management is available on Professional tier and above. Free and Personal tiers are single-user accounts.
Accessing Team Management
Click your profile avatar in the top-right corner to open the profile dropdown. Professional+ users will see a Manage Team button that opens the Team Dashboard.
Team Dashboard
The Team Dashboard at /team provides a central place for managing your organization:
- Organization Name - Customize your team's display name
- Team Members - View all members with their roles (Admin or Member)
- Invite Links - Generate shareable invite links with optional restrictions
- QR Codes - Download QR codes for easy invite sharing
- Statistics - Track invites sent and accepted
Inviting Team Members
Create invite links with customizable options:
| Option | Description |
|---|---|
| Max Uses | Limit how many times the invite can be used (1, 5, 10, 25, or unlimited) |
| Expires In | Set expiration from 1 to 30 days |
| Restrict to Email | Optionally limit the invite to a specific email address |
Team Member Limits by Tier
| Tier | Team Members | Operator Slots |
|---|---|---|
| Free / Personal | 1 (single user) | 1 / 3 |
| Professional | 5 | 15 |
| Ultra | 15 | 45 |
| Founding | 50 | 100 |
| Enterprise | Unlimited | Custom |
Managing Members
As the team admin, you can:
- Remove Members - Click the remove icon next to any team member
- Revoke Invites - Cancel pending invites before they're used
- View Activity - See when members joined and invite usage
Joining a Team
When you receive an invite link, click it to join the team. You must be logged in with a Professional+ tier account. Once joined:
- Shared Operators - Access the team's operator pool
- Pooled Resources - Approved operations count against the team's shared pool
- Leave Anytime - Use the "Leave Team" button to exit the organization
Pooled Operations
Team members share a pooled allocation of approved operations. For example, a Professional team has 1,500 pooled operations per month that all 5 members can use collaboratively.
Security Model
Security is foundational, not an afterthought.
Zero Inbound Connectivity
The Operator initiates all connections outbound. Your systems never listen on ports, never accept inbound connections, and never require firewall exceptions. All communication is pull-based.
API Key Authentication
Each operator uses a unique API key scoped to that specific system. These operator keys are separate from the user's download key—the download key can only download, while an operator's individual API key can both download and start that operator. Rotate or revoke operator keys instantly from the Operator Panel if suspicious activity is detected.
Least-Privileged Access
The Operator runs with whatever privileges you assign—typically a standard user. You control the user context, sudo permissions, and access policies. Root access is not required.
Human-in-the-Loop Control
Every command requires your explicit approval before execution. Combined with AI risk analysis, this ensures you review and authorize all operations.
Complete Audit Trail
Every command, result, and approval is logged for compliance. You can delete conversations from your dashboard, but we maintain immutable compliance logs following industry-standard data retention practices. Data export is available upon request—contact support if you need investigation history for documentation or runbooks.
Government Ready
Built by a certified Veteran Owned Small Business (VOSB) with deep defense and critical infrastructure experience. Security-first architecture designed for SOC 2 and FedRAMP standards—formal certifications in progress.
Best Practices
Start with Reconnaissance
Gather information before making changes. Ask the AI to check system state and verify prerequisites first.
Use Descriptive Names
Give investigations clear names: "Deploy monitoring stack" or "Debug slow API". Makes finding historical investigations easier.
Verify Changes
Ask the AI to verify modifications worked: "Confirm the service is running" or "Check firewall rules are active".
Leverage History
Investigation history is searchable. Reference past solutions when tackling similar problems.
Work with One Operator at a Time
Each conversation works with a single bound operator. To work on multiple systems, start separate investigations and bind different operators to each one.
Trust but Verify
You're the expert on your infrastructure. Review approvals carefully, especially HIGH risk operations.
Flexible Plans
DropOps offers flexible plans to match your needs, from individual hobbyists to enterprise teams.
| Features | Free | Personal | Professional | Ultra | Founding | Enterprise |
|---|---|---|---|---|---|---|
| Operator Slots | 1 | 3 | 15 | 45 | 100 | 100+ |
| Team Members | 1 | 1 | Up to 5 | Up to 15 | Up to 50 | Unlimited |
| Approved Operations | 25/month | 200/month | 1,500 Pooled | 4,500 Pooled | 10,000 Pooled | Unlimited |
| Overage | — | $0.25/op | $0.20/op | $0.15/op | $0.10/op | Negotiated |
| Chat Messages | 50/month | Unlimited | Unlimited | Unlimited | Unlimited | Unlimited |
| Retention | 24 Hours | 30 Days | Unlimited | Unlimited | Unlimited | Unlimited |
| Support | Community | Priority | Dedicated / Slack | Dedicated / Slack | Custom SLA |
Cloud Operators
The DropOps Cloud Operator for AWS counts as 5 operator slots due to its expanded capabilities for managing your entire AWS infrastructure.
Cloud Commands Require Cloud Operators
Cloud and infrastructure commands can only be run on Cloud Operators. Binary operators can run everything except for the cloud commands listed below.
Cloud-only commands:
- - AWS:
aws,eksctl,sam,cdk - - GCP:
gcloud,gsutil,bq - - Azure:
az - - Kubernetes:
kubectl,helm,k9s - - IaC:
terraform,pulumi,ansible
| Tier | Binary Operators | OR Cloud Operators |
|---|---|---|
| Free / Personal | 1 / 3 | Not available |
| Professional | 15 | 3 Cloud Operators |
| Ultra | 45 | 9 Cloud Operators |
| Founding | 100 | 20 Cloud Operators |
Approved Operations & Overage
An Approved Operation is any command or file change you approve. Your monthly allocation depends on your tier:
Smart Command Chaining
The AI intelligently chains related commands into single approvals to minimize approval fatigue. Some approvals may contain one operation, others multiple—the AI groups logical steps together while keeping approval requests to a minimum. You always see exactly what will be executed before approving.
- Free - 25 operations/month (hard cap, no overage)
- Personal - 200 operations/month, then $0.25/operation overage
- Professional - 1,500 pooled operations, then $0.20/operation overage
- Ultra - 4,500 pooled operations, then $0.15/operation overage
- Founding - 10,000 pooled operations, then $0.10/operation overage
Pooled Operations
Professional and above tiers pool operations across all team members. Your entire team shares the monthly allocation, making it easy to scale without per-user tracking.
View Full Pricing
Visit our Pricing page for complete tier details, feature comparisons, and to select your plan.
Troubleshooting
Operator Won't Connect
Check connectivity: Requires HTTPS to operator.dropops.ai:443. Verify firewall allows outbound connections.
Verify operator API key: Ensure you're using the operator-specific key from the Operator Panel. Note that each operator's API key can be used to both download and start that operator. Confirm it's correct and available, or already licensed to the existing operator.
Check logs: Run in foreground or review log file for connection/authentication errors.
Commands Running Slowly
No timeouts: Long-running operations like terraform apply complete naturally. Cancel manually if needed.
Check resources: Have the AI check CPU, memory, and disk I/O for bottlenecks.
AI Suggests Wrong Commands
Add context: Describe your setup, mention software versions, reference previous investigations.
Correct and guide: Tell the AI why something's wrong and what you prefer. It learns from feedback.
Permission Denied Errors
Check user context: The Operator runs as the Linux user that launched it.
Privilege escalation is blocked: The AI cannot use sudo or other privilege escalation. If a command requires elevated permissions, the AI will recognize the restriction and attempt alternative approaches that work within the current user's permissions.
Need elevated access? If the AI determines a task requires root privileges, it will let you know and suggest restarting the operator with sudo ./dropops-operator.
Still Stuck?
Email support@dropops.ai and we'll help you out.
Get Help with DropOps
DropOps is its own support system. Need help with DropOps or The Operator? Just ask. The AI has access to current DropOps documentation and can search the web when needed—support is built in.
Try Asking
Get help with setup, troubleshooting, or understanding features:
- • "How do I set up the operator to run as a systemd service?"
- • "Why isn't my operator connecting?"
- • "What commands can I run on my current tier?"
- • "How do I invite team members to my organization?"
The AI can help you understand features, troubleshoot issues, and guide you through setup—all from the same chat interface you use to manage your infrastructure.
Human Support Available
For billing questions, account issues, or anything the AI can't resolve, reach out to support@dropops.ai. We're here to help.
This guide evolves with DropOps. If something's unclear or missing, let us know. The goal is simple: eliminate friction.