What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Requesting AWS Service Quota Increases: A Practical Guide

Requesting AWS service quota increases is a routine part of operating at scale, but there's a gap between how the process is described in documentation and what actually gets requests approved quickly. This guide covers the practical side: which quotas are auto-approved, what makes a good justification for quotas requiring review, and how to build the monitoring and automation that eliminates quota-induced surprises.

Auto-Approved vs. Review-Required Increases

Many quota increases are approved automatically without human review. The AWS Service Quotas system has auto-approval logic for commonly requested increases at reasonable multiples. Requesting 2x your current EC2 vCPU limit, doubling your Lambda concurrency, or increasing your DynamoDB table count typically processes within minutes. The Service Quotas console shows immediately whether a request was approved or is pending review.

Increases that require human review include: large multipliers (5x or more above your current usage), GPU and specialized compute quotas, new quotas for services you haven't used before, and some network-level quotas. These route to the AWS service team for evaluation and typically take 1-3 business days for routine cases.

How to Write a Quota Increase Justification That Works

The free-text justification field is important for review-required increases. AWS support agents reviewing quota requests want to understand two things: that the request is for legitimate use and that the increased quota will actually be used. Vague justifications ("we need more capacity for growth") take longer to process than specific ones ("we're migrating a workload from on-premises that requires X vCPUs — here's the breakdown by application tier").

A good justification includes:

Current usage and trend (attach a CloudWatch metric screenshot if the request is urgent)
Expected usage at the requested limit (what specific workload consumes this capacity)
Timeline — when you need the increased capacity (if there's a migration or launch deadline, say so explicitly)
Geographic scope — confirm whether you need increases in additional regions beyond your primary request

For GPU instance quotas, expect to explain the specific ML or compute workload. AWS's review process for GPU quotas is thorough because GPU instances are commonly requested by crypto mining operations. A detailed description of your training workload, the model architecture, and why your workload requires specific GPU instance types substantially accelerates approval.

Using Service Quotas API for Automation

The Service Quotas API allows programmatic quota management. The key operations are GetServiceQuota (get current limit and usage for a specific quota), ListServiceQuotas (enumerate all quotas for a service), and RequestServiceQuotaIncrease (submit an increase request).

A practical automation pattern: when a CloudWatch alarm fires at 70% quota utilization, a Lambda function calls GetServiceQuota to get the current limit, calculates a target (e.g., 2x current limit), checks whether a pending increase request already exists using GetRequestedServiceQuotaChange, and submits a new request if none is pending. This eliminates the manual step of noticing the alarm and submitting the request.

The automation needs a parameter to handle cases where auto-approved requests would be insufficient — for high-growth scenarios, the 2x target might need to be larger. Wire in a configuration parameter that engineering can adjust without changing code.

Requesting Increases Across Multiple Regions

Quota increases are region-specific. The Service Quotas API requires specifying the region for each request. For multi-region architectures, loop through all active regions and submit increase requests for each. The Service Quotas console also supports applying a quota change to multiple regions simultaneously for some services — look for the "Apply to all supported regions" option when submitting.

For organizations with multi-account AWS architectures, quota management is per-account as well. Automate quota increase submissions for new account provisioning — when a new account is created in your organization, trigger a workflow that requests standard quota levels for commonly needed resources, rather than waiting for the team using the account to discover the default limits aren't sufficient.

Tracking Quota Increase Status

The Service Quotas console shows pending and completed increase requests under "Quota request history." For automation, poll GetRequestedServiceQuotaChange with the request ID to check status programmatically. Send a notification when an increase is approved (status changes from PENDING to CASE_CLOSED) so the engineering team knows the capacity is available.

Build quota request history into your operational runbooks. When an incident involves quota limits, having a record of when increases were requested and approved helps with post-incident reviews and capacity planning for similar situations in the future.

FAQ

Can I request a quota decrease?

Yes, but there's rarely a reason to. Having a higher quota doesn't cost anything — you only pay for resources you actually use. Some organizations prefer to keep quotas tight to limit blast radius for credential compromise scenarios (an attacker with stolen credentials can't launch 10,000 vCPUs if the account limit is 2,000). This is a legitimate security consideration for accounts with sensitive workloads.

What happens if my quota increase request is rejected?

AWS support will provide a reason for the rejection. Common reasons include insufficient justification for the amount requested, concerns about the workload type, or account standing issues. Respond to the rejection with additional context addressing the stated concern. If you believe the rejection is in error, escalate through AWS Support to a senior support engineer.

Do I need a support plan to request quota increases?

No. Quota increases can be submitted by any AWS account regardless of support plan tier. However, a Business or Enterprise support plan provides faster response times and the ability to call AWS Support directly, which can substantially accelerate quota increase processing for urgent cases.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO