What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

Free AWS Monitoring Tools: What They Cover and Where They Stop

Before you spend a dollar on monitoring, you should know exactly what AWS gives you for free. The answer is more than most people think — but less than most people need. Here's the complete inventory of free AWS monitoring capabilities, what each one actually covers, and the specific gaps that remain when you rely exclusively on free tools.

The Free Monitoring Stack

CloudWatch Free Tier

Every AWS account gets CloudWatch basics at no cost: 10 custom metrics, 10 alarms, 1 million API requests, 5 GB of log ingestion and storage, 3 dashboards with up to 50 metrics each, and basic monitoring (5-minute intervals) for EC2 instances. For a small account running a handful of services, this covers your core infrastructure metrics and a few key alarms.

What it covers: CPU, disk, network metrics for EC2. Basic alarms on thresholds. Log collection from Lambda (automatic) and EC2 (with agent). Simple dashboards.

Where it stops: Detailed monitoring (1-minute intervals) costs extra. Custom metrics beyond 10 cost $0.30/metric/month. Log storage beyond 5 GB is $0.50/GB. No APM, no distributed tracing, no cross-service correlation.

AWS Cost Anomaly Detection

Completely free. No limits on monitors or alerts. Uses machine learning to detect unusual spending patterns and alerts you via email or SNS.

What it covers: Detects spend deviations from historical baselines. Identifies the probable root cause (service, account, region). Adapts to your spending patterns over time.

Where it stops: 24-hour detection lag. No correlation with security signals. Alerts tell you spending changed, not why — root cause analysis requires manual investigation across Cost Explorer, CloudTrail, and resource consoles.

AWS Budgets (first 2 budgets)

Two budgets are free. Each can have up to 5 alert thresholds with email notifications.

What it covers: Fixed-threshold spend alerts. Monthly, quarterly, or annual budget periods. Alerts at configurable percentages.

Where it stops: Static thresholds that don't adapt to growth. No anomaly detection. No automated response in the free tier (budget actions require additional budgets at $0.10/day each).

GuardDuty (30-day free trial)

GuardDuty's 30-day trial gives you full threat detection capability for free. After the trial, cost depends on data volume — typically $10-30/month for a small account.

What it covers during the trial: Credential compromise detection. Cryptocurrency mining detection. Unusual API activity. Network threat indicators. All protection plans available.

Where it stops: It stops being free after 30 days. Also: GuardDuty detects threats but doesn't correlate them with billing data. A GuardDuty finding and a billing spike appear in separate consoles with no connection between them.

AWS Config (limited free rules)

AWS Config records resource configuration changes. The recording itself has costs, but evaluating against AWS-managed rules starts with a free tier of sorts — the first 25 rule evaluations per rule per region per month are free.

What it covers: Configuration change tracking. Compliance evaluation against managed rules. Drift detection.

Where it stops: Even with the partial free tier, running Config with meaningful coverage typically costs $5-15/month. No aggregation across accounts without additional setup.

IAM Access Analyzer

External access analysis is included at no additional cost. It identifies S3 buckets, IAM roles, KMS keys, Lambda functions, and SQS queues that are shared with external entities.

What it covers: Finds resources accessible from outside your account. Identifies unused permissions (with the unused access analyzer, which has a 90-day analysis window).

Where it stops: No real-time monitoring. Findings are generated on changes, not continuously evaluated. No alerting integration — you have to check the console or build your own notification pipeline.

CloudTrail (1 management trail)

One trail recording management events across all regions is free. Logs are delivered to S3 at no CloudTrail charge (S3 storage costs apply).

What it covers: Every API call in your account — who, what, when, from where. Essential for security investigation and compliance.

Where it stops: Data events (S3 object access, Lambda invocations) cost extra. The free trail delivers to S3, but querying those logs requires Athena or CloudTrail Lake, both of which have per-query costs. No built-in alerting — you need CloudWatch Logs or EventBridge integration for real-time detection.

AWS Health Dashboard

Free. Shows account-specific events including scheduled maintenance, service disruptions, and abuse notifications.

What it covers: Account-level communications from AWS. Service health events. Abuse notifications.

Where it stops: No aggregation. No correlation with other signals. Integration with EventBridge requires additional configuration.

The Gaps in the Free Stack

If you enable everything listed above, your free monitoring covers infrastructure metrics (basic), threat detection (trial only), compliance (limited), cost monitoring (delayed), and audit logging. What it does not cover:

Signal correlation: No free tool connects a billing spike with a GuardDuty finding with a Config change. Each tool operates in isolation. The most dangerous scenarios — credential compromise causing both a security incident and a billing explosion — require manual correlation across three or four consoles.

Real-time cost monitoring: The fastest free cost signal is CloudWatch's EstimatedCharges metric, which updates every ~6 hours. Cost Anomaly Detection is 24 hours behind. For fast-moving billing incidents, 6-24 hours of delay can mean thousands of dollars in damage.

Account health scoring: No free tool gives you a single metric that says "your account is healthy" or "your account needs attention." You have to check billing, security, compliance, SES reputation, and service quotas in separate places and make that judgment yourself.

Suspension risk assessment: No free tool monitors the specific combination of signals — billing status, AUP compliance, security posture, SES reputation — that determine whether AWS might take enforcement action against your account.

Filling the Gaps for $29/Month

Vigilare's Solo plan adds the three things the free stack is missing: signal correlation (billing + security + compliance in one view), real-time monitoring (5-minute intervals instead of 6-24 hour delays), and account health scoring (a single risk score that tells you whether your account needs attention). It connects via a read-only IAM role, requires no agents, and takes under 5 minutes to set up. Start a free 14-day trial.

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO