Skip to main content
CloudKeepers are autonomous pilots that enforce guardrails for cost, security, and operational health across every connected cloud. Use them to detect drift, surface remediation playbooks, and alert teams so issues are fixed before they become incidents.

Responsibilities

  • Policy enforcement: apply cost, security, and operational guardrails through CostOps and SecurityOps pilots for day-to-day operations.
  • Drift detection: continuously scan for misconfigurations, risky defaults, and resource bloat.
  • Remediation playbooks: attach implementation steps and automation options to every finding.
  • Alerting: notify the right channels by severity so teams can triage quickly.

Prerequisites

  • At least one cloud account connected with permissions for read/monitoring and (optionally) remediation.
  • Slack or email destinations configured if you want outbound alerts in addition to in-app notifications.
  • Optional: tags or filters ready if you plan to scope findings to specific environments.

Quick Start

1

Open CloudKeepers

Go to CloudKeepers and select Configure CloudKeepers to start the pilots.
CloudKeepers landing with configure CTA, how-it-works timeline, and cost/security value cards
2

Configure pilots and schedules

Enable CostOps and SecurityOps pilots, set cron-style schedules, or run them manually to start a scan immediately.
Pilot configuration modal with schedule fields, enable toggles, and manual run buttons
3

Set alerting thresholds

Choose channels (Email, Slack, In-App) and the minimum severity each channel should receive to avoid alert fatigue.
Notification settings showing per-channel toggles and minimum severity dropdown
4

Review findings

Monitor Findings Over Time, total findings, critical/high counts, and potential savings. Use Recent Findings to triage new items.For each recommendation:
  • Save: send it to Plan and suppress re-recommendation in future runs.
  • Delete: remove it now; the agent may recommend it again on the next run.
  • Ignore: dismiss it and prevent the agent from recommending it again on future runs.
Findings dashboard with trend chart, savings card, and recent findings tiles by pillar
5

Open a recommendation

Drill into a finding to see impact analysis, estimated savings, and implementation guidelines before acting.
Recommendation detail showing impact analysis table and step-by-step implementation checklist
6

Choose an action

From the Actions modal, pick how to proceed: run Impact Analytics, generate guidelines, ask a custom question, or implement directly.
Actions modal with options for analytics, guidelines, custom prompt, and implement

How enforcement and drift detection work

  • Pilots run on the schedules you set (or on-demand) to scan all permitted resources for cost, security, and operational risk—not limited to what you previously discovered. CloudKeepers is intended for daily operations and continuous guardrails.
  • Findings are tagged with pillar, risk, effort, and savings to prioritize the highest-value fixes.
  • CloudKeepers findings start as drafts; save them to Plan when you are ready for approvals, scheduling, and execution tracking.
CloudKeepers is your daily operational guardrail. Assessment is a deeper, periodic evaluation and is not meant for day-to-day runs.

Remediation playbooks

  • Every finding includes an impact analysis with before/after estimates and a step-by-step playbook.
  • Use Impact Analytics for deeper analysis, Generate Guidelines for shareable runbooks, Custom Prompt to explore edge cases, or Implement to execute changes.
  • Track status and outcomes in Plan so governance, FinOps, and security teams share the same source of truth.

Alerting and routing

  • Set per-channel minimum severities to keep noise low while still surfacing critical issues quickly.
  • Use Slack for real-time triage, email for audit trails, and in-app alerts for operators working inside CloudThinker.
  • Combine alerting with Plan workflows to ensure findings get reviewed, approved, and closed.