Guard Overview
Guard is frugally.app's FinOps governance pillar. It helps teams manage infrastructure changes through approval workflows, enforce spending limits with budgets, attribute costs to teams, and maintain compliance through scanning and posture assessments.
What Guard provides
| Feature | What it does |
|---|---|
| Projects | Structured proposals for infrastructure changes with versioned approval workflows |
| Budgets | Spending limits with threshold alerts at configurable percentages |
| Cost Attribution | Assign AWS costs to teams, projects, or departments using configurable adapters |
| Violations & Remediation | Detect and resolve breaches of budgets, policies, and compliance rules |
| Scans & Findings | Periodic compliance checks that produce actionable findings |
| Cost Posture | A snapshot score of your team's overall cost health |
| Maturity Assessment | Self-assessment of your FinOps practice across key dimensions |
| Recommendations | AI-powered suggestions for rightsizing, scheduling, and waste reduction |
| Executive Dashboard | High-level view for leadership and finance stakeholders |
| Resource History & Locks | Track resource changes and prevent automation on critical resources |
How Guard relates to other pillars
Guard works alongside Automate and Intelligence:
| Pillar | Relationship |
|---|---|
| Automate | Guard Projects can propose changes that Automate executes. Resource locks in Guard can prevent Automate from acting on critical resources. |
| Intelligence | Guard uses Intelligence cost data for budget tracking, cost attribution, and anomaly-driven violations. |
Key concepts
| Concept | Definition |
|---|---|
| Project | A governance container for an infrastructure change proposal, with an intent (create, modify, optimise, or destroy), affected resources, and an approval workflow |
| Budget | A spending limit tracked against actual AWS costs, with alerts at configurable thresholds |
| Violation | A detected breach of a budget, policy, or compliance rule |
| Scan | A periodic compliance check that evaluates your environment against configured rules |
| Finding | A specific issue discovered during a scan |
| Posture | A composite score representing overall cost health |
For a full list of terms, see the Glossary.
Getting started with Guard
- Create a Project — Propose an infrastructure change and route it through an approval workflow
- Set up Budgets — Define spending limits for your team or specific services
- Configure Cost Attribution — Assign costs to the teams responsible for them
- Run your first Scan — Check your environment for compliance issues
- Review your Cost Posture — Understand your team's overall cost health
Pro feature
Guard features are available on the Pro and Enterprise plans. See Billing for plan details.