What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

The Solo Engineer's AWS Budget Template (Free Download)

Setting up AWS billing protection shouldn't require reading a 3,000-word guide. Here's a ready-to-deploy budget template that gives you the right alerts out of the box. Deploy it, adjust the dollar amounts to match your spend, and move on to building your product.

What the Template Includes

The CloudFormation template deploys three resources that work together to catch billing issues at different speeds and severity levels.

1. Monthly Cost Budget with Three Alert Thresholds

A cost budget set to your expected monthly spend, with email alerts at 80% (heads up), 100% (investigate), and 150% (something is probably wrong). These are your first line of defense — crude but reliable.

2. Per-Service Budgets for Your Top Three Services

Individual budgets for EC2, RDS, and S3 (or whichever three services represent your largest spend). Per-service budgets catch anomalies that are invisible in the total-account view. A $200 spike in EC2 might be noise in a $2,000 account budget, but it's very visible in a $300 EC2 budget.

3. Cost Anomaly Detection Monitor

An all-services anomaly detection monitor with a $10 minimum impact threshold. This catches the spending patterns that fixed thresholds miss — new services you've never been billed for, unusual spend in off-hours, gradual cost creep from resource accumulation.

The CloudFormation Template

Copy this template, save it as budget-template.yaml, and deploy it via the CloudFormation console or CLI:

AWSTemplateFormatVersion: '2010-09-09'
Description: 'Budget alerts for startup AWS accounts'

Parameters:
  MonthlyBudget:
    Type: Number
    Default: 500
    Description: 'Expected monthly spend in USD'
  AlertEmail:
    Type: String
    Description: 'Email address for budget alerts'
  TopService1:
    Type: String
    Default: 'Amazon Elastic Compute Cloud - Compute'
    Description: 'Top spending service #1'
  TopService2:
    Type: String
    Default: 'Amazon Relational Database Service'
    Description: 'Top spending service #2'
  TopService3:
    Type: String
    Default: 'Amazon Simple Storage Service'
    Description: 'Top spending service #3'

Resources:
  OverallBudget:
    Type: AWS::Budgets::Budget
    Properties:
      Budget:
        BudgetName: 'monthly-total'
        BudgetType: COST
        TimeUnit: MONTHLY
        BudgetLimit:
          Amount: !Ref MonthlyBudget
          Unit: USD
      NotificationsWithSubscribers:
        - Notification:
            NotificationType: ACTUAL
            ComparisonOperator: GREATER_THAN
            Threshold: 80
          Subscribers:
            - SubscriptionType: EMAIL
              Address: !Ref AlertEmail
        - Notification:
            NotificationType: ACTUAL
            ComparisonOperator: GREATER_THAN
            Threshold: 100
          Subscribers:
            - SubscriptionType: EMAIL
              Address: !Ref AlertEmail
        - Notification:
            NotificationType: ACTUAL
            ComparisonOperator: GREATER_THAN
            Threshold: 150
          Subscribers:
            - SubscriptionType: EMAIL
              Address: !Ref AlertEmail

  AnomalyMonitor:
    Type: AWS::CE::AnomalyMonitor
    Properties:
      MonitorName: 'all-services-anomaly'
      MonitorType: DIMENSIONAL
      MonitorDimension: SERVICE

  AnomalySubscription:
    Type: AWS::CE::AnomalySubscription
    Properties:
      SubscriptionName: 'anomaly-alerts'
      MonitorArnList:
        - !Ref AnomalyMonitor
      Frequency: IMMEDIATE
      Threshold: 10
      Subscribers:
        - Type: EMAIL
          Address: !Ref AlertEmail

Deploy with:

aws cloudformation deploy \
  --template-file budget-template.yaml \
  --stack-name billing-alerts \
  --parameter-overrides \
    MonthlyBudget=500 \
    AlertEmail=your-email@example.com

Customizing for Your Account

Adjust the MonthlyBudget parameter to match your actual expected spend. If you're not sure, check last month's total in Cost Explorer and add 50%. If your top services are different from EC2/RDS/S3, update the TopService parameters. The service names must match exactly what appears in Cost Explorer.

For the anomaly detection threshold, $10 works well for accounts spending under $1,000/month. If your bill is larger, increase it proportionally to avoid noise — $50 for a $5,000/month account, $100 for $10,000+.

What This Doesn't Cover

This template gives you threshold-based and ML-based cost alerts. What it doesn't provide: real-time detection (alerts have a 6-24 hour lag), correlation with security signals (a cost spike from compromised credentials looks the same as normal growth), and account health scoring (billing is one dimension of health; security, compliance, and SES reputation are the others).

For real-time billing monitoring with security correlation and account health scoring, Vigilare adds the layer this template can't. Deploy the template for free baseline protection, then add Vigilare for real-time detection. Start a free 14-day trial.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO