What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Why AWS Accounts Get Suspended: The 7 Most Common Causes

AWS account suspension doesn't happen without warning — but the signals are easy to miss if you're not watching for them. Here are the seven most common reasons AWS restricts or suspends accounts, and what you can do to avoid each.

1. Unpaid or Declined Bills

The most straightforward cause: if your credit card on file is declined and the balance goes unpaid for more than a few days, AWS will restrict your account. This happens when cards expire, limits are reached after a cost spike, or payment methods are updated inconsistently across accounts.

What to watch for: Set up billing alerts for when your estimated monthly spend exceeds a threshold, and ensure your payment method is always current.

2. Billing Anomalies and Usage Spikes

A sudden 10x spike in EC2 usage, unexpected data transfer costs, or runaway Lambda invocations can trigger an automated AWS review — especially if the spend pattern looks unusual compared to your history. Common triggers include misconfigured auto-scaling groups, forgotten development environments, and compromised credentials spinning up crypto-mining workloads.

3. Compromised Credentials and Security Incidents

If AWS GuardDuty detects that your credentials have been compromised — evidenced by unusual API calls from unknown IP ranges, unexpected regions, or unusual service usage — AWS may lock the account to prevent further abuse.

Root access keys and long-lived IAM user credentials are particularly high-risk. If exposed in a public repository, they are typically exploited within minutes.

4. SES Sending Reputation Issues

Amazon SES enforces strict thresholds: bounce rates above 10% and complaint rates above 0.1% cause AWS to place your SES account on probation or suspend sending. Left unresolved, this escalates to broader account restrictions that affect all services.

5. Service Quota Violations

Running workloads that consistently approach or exceed service quotas — particularly for EC2 instances, EIP addresses, or Lambda concurrent executions — without requesting increases surfaces in compliance reviews. More importantly, they often mask underlying architectural problems worth fixing.

6. Terms of Service Violations

Using AWS resources for activities prohibited by the Acceptable Use Policy — hosting illegal content, running large-scale scraping operations, or using EC2 for DDoS attacks (even unknowingly, if compromised) — leads to immediate suspension without warning.

7. Tax and Compliance Documentation Gaps

In certain regions, AWS requires VAT registration numbers or other tax compliance documentation. Failing to provide these when requested can result in account restrictions, particularly for accounts in the EU, India, and other regulated markets.

The Common Thread

All seven causes share something important: they are detectable before AWS takes action — if you're monitoring the right signals. Billing trends, IAM activity, GuardDuty findings, and SES metrics all give advance warning when something is heading in the wrong direction.

The challenge is that these signals come from different parts of the AWS console and don't talk to each other. A billing spike is far more significant when it correlates with GuardDuty findings from an unfamiliar IP — but you'll only see that correlation if you're looking at both signals in the same place, in real time.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO