What AWS services does Vigilare monitor?

Vigilare monitors 7+ AWS services: Billing (cost anomalies and usage spikes), IAM (policy drift, root account usage, missing MFA), GuardDuty (threat findings), SES (sending reputation), CloudTrail (suspicious API patterns), Service Quotas (limit utilisation), and Account Health (AWS notifications). Coverage is continuously expanded.

How does Vigilare access my AWS account?

Vigilare uses a read-only cross-account IAM role that you provision using our open-source Terraform module. The role grants only the minimum permissions required for monitoring — no write access, no credential storage, and no data leaves your account except what is needed to display findings in your dashboard.

How quickly will I be alerted?

Depending on your plan, Vigilare scans every 1, 5, or 15 minutes. Alerts are delivered in real time via email, Slack, or PagerDuty the moment a threshold is crossed. The typical end-to-end latency from event to alert is under 90 seconds.

Can I monitor multiple AWS accounts?

Yes. The Solo plan covers 1 account, Team supports up to 10, Agency up to 50, and Enterprise is unlimited. All accounts appear in a single dashboard with per-account risk scores and consolidated alert feeds.

Is my AWS data secure?

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Vigilare's control plane runs on AWS infrastructure in dedicated, isolated tenants. We never store raw AWS credentials. The platform is SOC 2 Type II compliant and we provide reports on request for Enterprise customers.

Is there a free trial?

Yes — all paid plans include a 14-day free trial. No credit card is required to get started. You can connect your first AWS account and see findings within 5 minutes of signing up.

What happens if I exceed my account limit?

We'll notify you as you approach your account limit and give you the option to upgrade. We won't stop monitoring your existing accounts without notice.

Can I cancel at any time?

Yes. There are no long-term contracts. You can cancel your subscription at any time from the billing settings page. Your access continues until the end of the current billing period.

The Freelance DevOps Toolkit: Essential AWS Monitoring for Consultants

Freelance DevOps work has a unique monitoring challenge: you're responsible for multiple AWS accounts that you don't own, billing to clients who don't want to hear about infrastructure unless something's broken, and you need to keep everything running without spending half your day checking dashboards.

This toolkit covers the tools, configurations, and workflows that make multi-client AWS management efficient and safe. Everything here is designed for one person managing 3-10 client accounts.

Access Management

Cross-Account IAM Roles (One per Client)

Never use shared root credentials. For each client, create a cross-account IAM role that trusts your AWS account. Use aws sts assume-role to switch between accounts. This gives you a clean audit trail (CloudTrail shows your assumed role, not "root"), instant revocability (client deletes the role and your access is gone), and clear permission boundaries (each role has only the permissions you need for that client).

AWS CLI Profile Per Client

Configure a named profile in ~/.aws/config for each client:

[profile client-acme]
role_arn = arn:aws:iam::123456789012:role/FreelancerAccess
source_profile = personal
region = us-east-1

[profile client-widgetco]
role_arn = arn:aws:iam::987654321098:role/FreelancerAccess
source_profile = personal
region = eu-west-1

Now you can switch contexts with --profile client-acme or export AWS_PROFILE=client-acme. No credential juggling, no risk of running a command in the wrong account.

Monitoring Setup (Per Client)

For each client account, deploy this minimum monitoring stack. It takes about 15 minutes per account:

AWS Budgets (free) — monthly cost budget with alerts at 80%, 100%, 150%. Alert both you and the client.
Cost Anomaly Detection (free) — all-services monitor with alerts to both you and the client.
GuardDuty (~$15-30/month) — enable in all regions. Route HIGH/CRITICAL findings to your Slack.
CloudTrail (free for 1 management trail) — one trail, all regions, to S3. Essential for accountability.

This costs the client $15-30/month in GuardDuty fees and provides meaningful coverage of the biggest risks: billing surprises, credential compromise, and audit logging.

Daily Monitoring Workflow

You don't have time to log into 5-10 AWS consoles every morning. You need a monitoring workflow that takes 5 minutes and tells you which accounts need attention.

Option A: Script-Based Morning Check

Write a shell script that iterates over your client profiles and checks: current month-to-date spend (Cost Explorer API), active GuardDuty findings (GetFindings API), and any budget threshold breaches (DescribeBudgets API). Output a summary to your terminal or Slack. This takes 2-4 hours to build and gives you a daily 30-second glance at all accounts.

Option B: Vigilare Dashboard

Connect all client accounts to Vigilare. Open one dashboard, see all accounts with risk scores. Green = healthy, yellow = check it, red = fix it now. Alerts for urgent issues go to Slack automatically. This takes 5 minutes per account to set up and zero daily maintenance.

Client Reporting

Most clients want a monthly summary: how much they spent, whether anything notable happened, and whether their account is healthy. This is easy to automate.

Pull monthly spend from Cost Explorer API. Include a summary of any security findings detected and resolved. Note any infrastructure changes made. Include the account's current risk/health status. Format it as a brief email or a one-page PDF.

If you're using Vigilare, the risk score and finding history provide the content for this report without additional API calls. Export the monthly view and add your narrative.

Billing Your Clients for Monitoring

The monitoring setup costs $15-60/month per client (GuardDuty + optionally Vigilare). You can bill this to the client as a pass-through cost (they pay the AWS charges and your monitoring tool directly), as part of your monthly retainer (include monitoring in your service price), or as a separate "monitoring and security" line item (recommended — it makes the value visible).

Position monitoring as insurance, not overhead. "For $50/month, I continuously monitor your account for security threats, billing anomalies, and the issues that lead to account suspension. Without this, the first time we'll know about a problem is when your application goes down or you get a surprise bill."

The Complete Freelance DevOps Toolkit

Tool	Purpose	Cost
Cross-account IAM roles	Secure access to client accounts	Free
AWS CLI profiles	Fast account switching	Free
GuardDuty	Threat detection per account	$15-30/account/mo
Budgets + Cost Anomaly Detection	Billing protection	Free
CloudTrail	Audit log	Free (1 trail)
Vigilare Solo/Agency	Unified multi-account dashboard	$29-199/mo
Terraform	Infrastructure-as-code	Free

Protect your AWS accounts before it's too late

Vigilare monitors your AWS accounts for suspension risks — billing anomalies, IAM issues, GuardDuty findings, and more — and alerts you before AWS takes action.

See Vigilare pricing Talk to us about securing your AWS Browse documentation →

Written by Viktor B.

Co-founder & CEO