Tarmac is a single control plane with two reconciled surfaces: an operations dashboard for the platform team, and a finance-grade console for the CFO. Both read from the same atomic authorization ledger — there is no out-of-sync report and no end-of-month reconciliation.
Every agent request flows through the Enforcement Proxy. Every authorization is decided by the Budget Engine against the live ledger. Every spend lands on the provider — but only after an atomic hold is placed.
Coding, research, monitoring, data-pipeline agents — built on LangChain, CrewAI, raw SDKs, or your own orchestrator. No code change beyond the base URL.
Authorization holds are placed atomically against your live budget. Decisions are made in single-digit milliseconds. The ledger is the system of record.
Inference-API lane (Anthropic, OpenAI, Google, Bedrock, Azure OpenAI) ships first. GPU-rental lane follows as an adapter — same price signal, same enforcement.
The Operations Dashboard is the platform leader's home screen. Admits, holds, throttles and tier moves are visible the moment they happen — not surfaced after a billing window closes. Drilldowns go all the way down to the single authorization decision and the policy rule that produced it.
Every agent, its priority tier, its active model tier, hold rate and live burn — sortable, filterable, deep-linkable.
Stream of admits, throttles, and holds with the rule that fired, the budget remaining at decision time, and the resulting receipt.
When the monthly cap tightens, Tarmac sheds P3 work first, then P2 — automatically. P0 keeps its full model tier.
Soft alerts, hard floors, route-around rules, per-tool quotas. Edit live; rules take effect on the next authorization.
Detects an agent whose mean cost-per-run shifted > 2σ. Catches the runaway loop or new tool spend before it becomes a hold spike.
Slack, PagerDuty, OpsGenie. Forward every authorization to your SIEM. Subscribe to "cap-in-7-days" or "P0 admit rate < 99%" alarms.
The Financial Console reads from the same ledger as Operations — never a separate "billing" dataset reconciled at month-end. Period statements are GL-ready, with optional one-click export to NetSuite, QuickBooks, Sage Intacct, and Workday.
Monthly close with full attribution by cost center, team, agent, lane, and provider. PDF, CSV, JSON-LD.
Map Tarmac cost centers to your chart of accounts once; every period exports automatically with the right tags.
Burn-rate projection updates on every authorization, not at month-end. Confidence intervals fold in trend, seasonality, and current pace.
Charge eval costs to R&D, production support to OpEx, internal-tools agents to G&A. Per-tag, per-agent, per-time-window rules.
Every authorized run gets a permanent receipt — agent, lane, tier, cost, hold-and-release timestamps, the policy rule that decided it.
Append-only, hash-chained record of every authorization, hold, throttle, and settlement. Externally verifiable, retained per your policy.
Every authorization decision needs a current cost. The Price Signal aggregates published rates, observed billing, and customer-negotiated discounts into a single normalized $/token (or $/GPU-second on the GPU lane) — refreshed continuously, audited for drift, and surfaced in the ledger.
Inference-API ships first. The GPU-rental lane lands later as an adapter — same price signal, same enforcement code path. Adding a new provider is a few hundred lines, not a rewrite.
The lane — a model family on a specific provider, or a fixed GPU type — is the part security cares about. We freeze it at onboarding so the security review answers a stable question. What Tarmac changes on every run is the model tier — S / M / L / XL — based on the live price and the remaining budget.
Lane = Anthropic Claude on Bedrock us-east, or OpenAI on Azure swedencentral, or NVIDIA H100 on a fixed cluster. Tiers within that lane are S / M / L / XL — Haiku to Opus, GPT-5-mini to GPT-5, A100 to H200. The decision engine picks the heaviest tier that still fits the remaining budget at the live price.
Most teams point their existing agent traffic at the Tarmac proxy and are governed inside an hour. Teams that want fine-grained tagging at the call site use the SDK. Both modes hit the same Budget Engine; the receipts are identical.
The proxy is OpenAI-, Anthropic- and Bedrock-API-compatible. Point your SDK at api.tarmac.dev; Tarmac authorizes, forwards on a short-lived scoped token, and writes the receipt.
# before client = Anthropic( api_key="sk-ant-..." ) # after client = Anthropic( base_url="https://api.tarmac.dev/v1/anthropic", api_key="tarmac_pk_...", default_headers={"x-tarmac-agent": "support-triage"}, )
For teams that want per-tool, per-step, per-customer attribution baked into the receipt — wrap calls with the Tarmac SDK. Adds a single context-manager; passes through every header and feature of the underlying SDK.
# pip install tarmac from tarmac import authorize with authorize( agent="support-triage", tool="ticket_summarize", attribute={"customer_id": cust_id}, ) as auth: resp = anthropic.messages.create( model=auth.model, # tier-resolved messages=msgs, ) auth.settle(resp.usage)
Design partners are onboarded in pairs. Pilot pricing for the first 12 months, direct access to the founder, and the right to shape the product before it sets.