Connect AWS. Run your first scan.
Follow the in-app workflow to create a read-only role, connect an AWS account, and review your first infrastructure findings.
Every step happens inside the dashboard.
The in-app onboarding generates workspace-specific values (external ID, IAM trust JSON) so they stay in sync with what the platform expects. We don't reproduce those values here.
Land in your workspace
Connect an AWS account
Run your first scan
Review findings
Assign and resolve
Eight cloud intelligence modules.
Each module is a dedicated dashboard page with its own findings, recommendations, scan freshness, and a Run scan action.
Resource Inventory
Cost Analyzer
Identity & Access
Network Exposure
Containers & Serverless
Audit & Compliance
Operations & Reliability
Enterprise Intelligence
Filter, export, and understand savings.
The Cost Analyzer page combines spend visualization, findings, and exports. Filters live in the URL so a view is shareable.
Filtering cost findings
Exporting CSV
Exporting PDF savings reports
Understanding estimated savings
Budgets, Reserved Instances, Savings Plans, Cost Optimization Hub
Turn findings into workflows.
Open /dashboard/automation to schedule recurring scans, refresh recommendations, alert teammates, and run cleanup sweeps.
Scheduled scans
Critical finding alerts
Cost anomaly alerts
Weekly executive reports
Auto-assign findings
Cleanup reminders
Scan limits, account limits, retention by plan.
Module access, scan volume, account count, seat count, and history retention vary by plan. The pricing page has the full comparison table.
Free
Command
Control
Enterprise
Read-only, externally gated, and revocable.
Security details live on the dedicated security page. The high-level model is summarized here.
Read-only AWS access
STS AssumeRole + external ID
Server-side AWS SDK
Revoking access
What trueno can see, and how to scope it.
A read-only, externally gated role; the exact policy JSON + external ID live in the in-product connect flow (single source of truth).
A role, never access keys
AWS-managed read-only policies
The external-ID handshake
Verified before it's saved
Per-module data sources
Coverage + closing permission gaps
Connect Slack, on-call, ticketing, and the API.
Route alerts to Slack (channel + 1:1 DM), page PagerDuty/Opsgenie on SEV1, file findings as GitHub/Jira/Linear tickets, and pull data out via the public REST API + webhooks. Step-by-step setup for each lives in the integrations guide.
Integration setup guide
API reference
Need help?
Best-effort across all tiers; priority support on Control. The support page lists what to include in a request and how to reach real engineers.