Cloud cost decisions you can trust.
CloudJaeger connects your bill, architecture review, services and their owners, Kubernetes cost basis, and ranked advisory actions into one operating loop. See what changed, why it happened, who owns it, and what to do next — findings leave as Jira tickets, execution stays off until you approve it, and savings stay projected until your bill proves them.
Read-only first scan · No card, no agents on your workloads · Access manually approved
What you're looking at: the command center — daily spend with a flagged anomaly, what moved month-over-month, and the two next best actions. Execution stays off until you arm it. Next step: see how the loop works below, or request access for a read-only pilot.
CloudJaeger turns cloud bills into owned architecture decisions.
See what changed, which service or architecture choice caused it, who owns it, what action is safest, and whether the bill later proves the result.
- Cost per service — $40.38 attributed
- Cost per request — $0.0031 · denominator: partial
- Cost per customer — when you push a denominator
- Unowned spend — $3,020/mo, called out
- Projected waste — $4,790/mo flagged · our estate: $0
- Change by driver — Compute +$18k · May → Jun
- Action outcome — graded against the bill · 'not verified yet' today
Illustrative product view — not customer data.
- Every number carries source, freshness, and confidence
- Read-only role — we publish the exact policy
- Within ~1% of CUR on our own estate
- Execution ships off — armed only by written mandate
- Savings graded against your bill — "not verified yet" until it moves
- $0 means $0 — we don't pad findings
Cloud cost is the financial footprint of your architecture.
Every deployment, service boundary, scaling choice, NAT path, storage policy, and Kubernetes request can change the bill. Cloud cost is not a procurement line that happens to engineering — it is the running financial trace of the system you built, and it moves when the architecture moves.
Finance sees the invoice after the fact. Engineering owns the causes but often lacks the bill context to connect them. Platform teams operate the shared infrastructure that product teams do not claim. And dashboards show the cost — not the architecture cause, the owner, the risk, or the next step. That is why cloud cost governance is an operating discipline, not a reporting exercise.
CloudJaeger links the bill, architecture review, service ownership, ranked action, workflow, and verification into one loop. CloudJaeger turns cloud spend into architecture, ownership, and action.
Architecture drift
“Cloud architectures accumulate waste, coupling, and risk.”
Business impact: every quarter of drift makes the estate more expensive to run and riskier to change
CloudJaeger: the architecture advisor reviews design and cost posture together — deterministic, advisory, validated against 13 golden scenarios
Microservice ownership
“Services run on shared infrastructure and ownership gets lost.”
Business impact: showback nobody accepts; spend nobody claims
CloudJaeger: the ownership cockpit and service economics with unit denominators — unowned spend is called out, not hidden
Shared-platform spend
“Platform teams run the infrastructure everyone uses — and nobody claims.”
Business impact: shared clusters, gateways, and data platforms become an unallocated blob finance writes off
CloudJaeger: shared spend is split into attributed service costs with the overlap labeled — never a fake clean partition
Kubernetes opacity
“Workload usage and the cloud bill do not naturally match.”
Business impact: cluster decisions made on dollars nobody can defend
CloudJaeger: the Kubernetes cost-basis ladder — usage-only, estimated, imported, or bill-backed, explicit on every surface
Recommendation bottleneck
“Recommendations die in dashboards.”
Business impact: the same waste reappears quarter after quarter
CloudJaeger: a ranked Action Center with risk, confidence, and reversibility on every row — findings become owned Jira tickets, outbound proven against a sandbox
Unsafe automation risk
“Unsafe automation can cost more than it saves.”
Business impact: one wrong optimization erases a quarter of savings
CloudJaeger: execution ships off — arming needs a written mandate, caps, and a named approver, on a hash-chained audit trail
Before and after CloudJaeger.
Before
- Bills arrive after the decisions that caused them.
- Tags do not map to ownership.
- Service costs hide inside shared platforms.
- Kubernetes dollars are hard to defend.
- Recommendations die in dashboards.
- Automation is too risky to trust.
After
- Bill lines map to services, architecture, and owners.
- Spend changes become explainable drivers.
- Findings become ranked, evidenced actions.
- Risky actions carry risk, reversibility, and rollback context.
- Jira workflow makes ownership operational — sandbox outbound and read-back proven.
- Savings stay projected until the bill proves them.
- Execution stays off until approved.
Built for the teams who have to explain the bill.
Catch cost regressions from deployments, scaling choices, and service changes.
The pain: The Monday bill question lands on you.
With CloudJaeger: A trend with the anomaly flagged and the driver named — before the meeting.
Turn spend reports into owned, ranked actions with evidence and reversibility.
The pain: A hundred recommendations, no ranking you trust.
With CloudJaeger: One queue, deterministic scores, owner attached.
Explain shared infrastructure, Kubernetes basis, and unowned spend.
The pain: Shared clusters and gateways become an unallocated blob.
With CloudJaeger: Attributed costs with overlap labeled, basis-aware K8s dollars, unowned spend first-class.
Understand gross-margin pressure without giving write access.
The pain: You want the picture without handing over the keys.
With CloudJaeger: Spend by owner, unowned called out, nothing executes.
Review cost and design risk together before the bill arrives.
The pain: Design reviews happen without the bill in the room.
With CloudJaeger: Deterministic advisory review of design and cost posture together, validated against 13 golden scenarios.
Illustrative product views — not customer data.
From bill lines to architecture decisions.
CloudJaeger is not only a cost dashboard — it connects cloud spend to the architecture shape that produces it: what exists, how it is designed, who owns it, and what to do about it.
What exists
Generated from synced inventory — not a hand-drawn diagram.
What you're looking at: your synced estate as a map — resources, inferred edges, drift since the last snapshot.
Why it matters: architecture conversations start from what is actually running, not a diagram from last year.
Next step: open the map and check the drift badge.
How it is designed
What you're looking at: an architecture review finding set with severities and an advisory ROM.
Why it matters: design and cost posture are reviewed together — deterministic, advisory, validated against 13 golden scenarios every release.
Next step: run a review against your own design.
What each service costs
What you're looking at: cost landing on services with unit denominators — and an honest dash when the denominator is missing.
Why it matters: cost per request is the sentence engineering and finance both understand.
Next step: push your request counts and get real unit costs.
Who owns it
- configuredset by the owning team14 services
- inferredderived from tags + usage9 services
- unknownhonestly unknown3 services
No owner resolved — shown at the top of the queue, never hidden.
What you're looking at: every service's owner source — configured, inferred, or honestly unknown.
Why it matters: an action without an owner is a wish; ownership makes recommendations routable.
Next step: claim the unowned slice.
Illustrative product views — not customer data.
CloudJaeger does not replace architects or FinOps practitioners. It gives them bill-backed context: what exists, what changed, which service owns the cost, which risks matter, and which action is safest to route.
That is the whole point: a bill line becomes an owned, evidence-backed action — and nothing executes unless you approve it.
The operating loop
Connect read-only, see what changed, decide, act only when approved, verify against the bill — nothing acts without you.
- STEP 1 OF 5
Connect read-only
Attach a read-only IAM role — we publish the exact policy before you connect, and you can delete it any time. No agents run on your workloads.
Security review takes minutes — value shows up in the same meeting.
On our estate, first findings landed in sixteen secondsRead-only cloud cost scan · IAM policy excerpt{ "Effect": "Allow", "Action": [ "ce:Get*", "cur:Describe*", "ec2:Describe*", "organizations:List*" ] } // full policy published before you connectread-only0:16 first findings — on our estatedelete the role any timeAWSAzureGoogle CloudAWS, Azure, and GCP connect read-only — per-cloud proof levels are on /product.
- STEP 2 OF 5
See what changed
A daily-spend trend with flagged anomalies and a forecast band, plus a waterfall bridge from last month's total to this month's — driver by driver, exactly what moved. Every number carries source, freshness, and confidence.
The Monday question — “why is the bill up?” — is answered before it’s asked.
Bill-backed — synced from your bill, then reconciled against itDaily spend$4,127 /dayWhat changed from May to JuneA waterfall bridge from last month's total to this month's total$284kMay total+$18kCompute+$6kStorage+$9kKubernetes-$12kRightsizing$305kJune totalincrease decrease totalsource: billing export · freshness: <24h · confidence: high - STEP 3 OF 5
Decide what to do
A ranked queue of evidence-backed actions. Every row carries risk, confidence, reversibility, and effort — scored deterministically, with a plain-English rationale.
You can sort by “safe and easy,” not just “big number.”
Advisory — nothing executes from this queue · dollars are projected#1ComputePROJECTED$1,480/moRightsize 12 over-provisioned instancesEvidence: 14-day CPU p95 under 4% · matched to billing line items
Low riskHigh confidenceReversibleLow effortRanked #1: highest projected $ at lowest risk — 12 instances under 8% CPU for 30 days
Next: file a Jira ticket for the owning team — advisory only, nothing changes in your cloud.
#2StorageDelete 46 unattached volumes$310/mo#3ComputeStop idle dev instances outside working hours$240/mo - STEP 4 OF 5
Act only when approved
Execution is capable and ships off. Arming it takes a written mandate with caps and a named approver on every run — and live purchases are hard-blocked today. Until then, findings leave as Jira tickets, not as changes.
Delegation with a written contract — not a checkbox that spends your money.
EXECUTION OFF · armed only by your written mandateCommitment mandatethe arming contractMax monthly commit$2,000Term1yr, no upfrontApprovernamed, per runlive run → BLOCKED — live purchases not implementeddry run → dry_run_ok · $0 movedUntil you arm it — findings leave as tickets#1Rightsize 12 over-provisioned instancesadvisory — nothing executesoutbound · sandbox-provenJira · sandboxCJ-3In Progressstatus read-back · provenStatus · back on the recIn Progress — synced backadvisorydry-runmandate-gatedhash-chained audit row on every step - STEP 5 OF 5
Verify against the bill
Savings stay projected until your invoice actually moves. Every acted-on item is graded against the real bill — and our own totals are reconciled against the CUR to within ~1% on our estate, window-aligned.
The vendor that refuses to claim savings until the bill moves is the one you can believe later.
Same reconciliation check runs on your estate in week oneOur number vs your CURΔ 0.99% · within thresholdCloudJaeger$128,410Provider CUR$127,152~1% pass lineMeasured on our own estate, window-aligned.
Projected$1,790/mograded against your real bill after you act
Verifiednot verified yetthe tile says so until your invoice moves
Verified means your bill moved — nothing else counts.
Illustrative product view — not customer data.
See it on your own bill.
Read-only role, first findings in the first meeting — on our estate it took sixteen seconds.
Twelve modules, one honest product
Seven flagship modules — the other five live on /product.
| Service | 30-day | Δ |
|---|---|---|
| EC2 — Compute | $8,120 | +4% |
| RDS — Databases | $3,480 | −2% |
| S3 — Storage | $1,940 | +1% |
| EKS — Kubernetes | $1,210 | +9% |
Drill spend by service, region, account, and cloud — billed, effective, and list.
The grain finance actually asks for.
- Billed, effective, and list views
- Slice by service, account, region, cloud
- Δ% chips on every row
Evidence: 14-day CPU p95 under 4% · matched to billing line items
Ranked #1: highest projected $ at lowest risk — 12 instances under 8% CPU for 30 days
Next: file a Jira ticket for the owning team — advisory only, nothing changes in your cloud.
One ranked, advisory queue across every engine.
One to-do list instead of eleven module tabs.
- One ranked queue across every engine
- Risk, confidence, reversibility, effort on every row
- Plain-English rationale per action
- 4Bill-backedCUR-backed
lights up with tagged nodes + CUR coverage
- 3OpenCost-importedimported — labeled
- 2Estimatedlist price ×24h
- 1Usage-onlycurrentno bill → no dollars
usage-only — and says so
Every cluster is labeled with the rung it's on — a usage-only cluster says so.
Kubernetes cost visibility with an explicit basis — every cluster states which kind of dollar it shows.
No silent estimate dressed up as a bill.
- An explicit cost basis per cluster
- Usage-only to bill-backed — labeled
- No estimate dressed up as a bill
Findings can be routed into Jira; sandbox outbound creation and status read-back are proven.
Work leaves the tool and lands where the team already lives.
- Findings become owned Jira tickets
- Status read-back proven
Our own estate today: $0 — and it says $0.
Idle, orphaned, and oversized resources, ranked with reversibility.
Honest dollars — no padded findings.
- Idle, orphaned, and oversized — ranked
- Reversibility called out per finding
- $0 findings stay $0
- configured9 services
- inferred4 services
- unknown2 services
Cloud spend ownership — every service gets an owner source, or is honestly unowned.
“Who owns this?” stops being spreadsheet archaeology.
- An owner source on every service
- Unowned spend tracked first-class
- Spend rolled up by team
Append-only, hash-chained activity log.
Tamper-evidence you can check, not a bullet point.
- Append-only, hash-chained activity log
- Tamper-evidence you can verify yourself
- Every mandate and run recorded
Illustrative product views — not customer data.
See all 12 modules on /product →What you'll actually see
Nine surfaces from the product — different questions, different shapes. Every one labels its source and its basis.
What you're looking at: fourteen days of daily spend, one flagged anomaly, and a shaded seven-day forecast band. Daily spend shows recent bill movement; the shaded band is forecast context, not a guarantee.
Why it matters: the Monday bill question gets answered from this chart, not from a CSV dig.
Next step: open the ranked action queue, or set an anomaly alert.
What you're looking at: a waterfall bridge from May's total to June's total — each floating bar starts where the previous one ended (amber up, green down, violet totals), connectors carrying the running total.
Why it matters: you see why the bill moved, not just that it moved. This shows which services moved the bill from May to June — not realized savings.
Next step: click into the driver and file a ticket for its owner.
What you're looking at: the five biggest services on the bill, each with its month-over-month Δ% chip.
Why it matters: the first question in any cost review — what drives spend — is one glance.
Next step: drill into the top mover in Cost Explorer.
What you're looking at: spend rolled up by owning team, with the owner source — configured, inferred, or unknown — behind every bar.
Why it matters: "who owns this?" gets an answer, and unowned spend can't hide.
Next step: assign the unowned slice an owner.
Our own estate today: $0 — and it says $0.
What you're looking at: waste grouped by category, with two queue rows ready to act on — each marked for reversibility.
Why it matters: honest dollars: when there is nothing to cut, it says $0.
Next step: queue the two cleanups — reversibility is already marked.
| # | Action | Risk | Confidence | $/mo PROJECTED |
|---|---|---|---|---|
| #1 | Rightsize 12 over-provisioned instances | Low | High | $1,480 |
| #2 | Delete 46 unattached volumes | Low | High | $310 |
| #3 | Dry-run a 1yr commitment plan | Med | High | $890 |
| #4 | Release 14 idle elastic IPs | Low | Med | $50 |
What you're looking at: the ranked action queue — every row scored for risk and confidence, with projected dollars.
Why it matters: you can sort by "safe and easy," not just "big number."
Next step: approve #1 or send it to Jira with one click.
ranked deterministically — LLM writes explanations, never decides
- 4Bill-backedCUR-backed
lights up with tagged nodes + CUR coverage
- 3OpenCost-importedimported — labeled
- 2Estimatedlist price ×24h
- 1Usage-onlycurrentno bill → no dollars
usage-only — and says so
Every cluster is labeled with the rung it's on — a usage-only cluster says so.
What you're looking at: the four kinds of Kubernetes dollar, from usage-only to bill-backed — this cluster is on rung 1 and says so.
Why it matters: you always know which kind of dollar you're being shown.
Next step: connect billing to climb toward bill-backed.
Nothing executes until you arm it — purchases hard-blocked in this build.
What you're looking at: the six-step safety journey — finding, owner / Jira ticket, dry-run, mandate + caps, approval — and execution that stays blocked unless armed.
Why it matters: delegation has a written contract, not a checkbox.
Next step: write a mandate when — and only when — you are ready.
What you're looking at: cost landing on services with a unit denominator — and an honest dash where the denominator is missing.
Why it matters: "what does a request cost?" gets a number or an honest "—", never a guess.
Next step: push your own request denominators for real unit costs.
What you can do next: Request access and see these nine surfaces on your own estate — read-only, in the first meeting.
Illustrative product view — not customer data.
A pilot that ends either way with a report.
Read-only role → first findings in the first meeting → 14 days → the findings report is yours to keep.
Security posture, stated plainly
No badge wall — we name the actual controls. SOC 2 is on the roadmap, not claimed.
The role we ask for
The first scan uses a read-only IAM role. We publish the exact policy before you connect, you can delete the role any time, and no agents run on your workloads.
Execution is capable and ships off. Arming it takes a written mandate with caps and a named approver on every run — and live purchases are hard-blocked today.
Your data leaves in open formats — CSV, JSON, and FOCUS — and deletion is a button, not a support ticket. Every deletion is audited.
{
"Effect": "Allow",
"Action": [
"ce:Get*", "cur:Describe*",
"ec2:Describe*", "organizations:List*"
]
} // full policy published before you connect| Control | What it means | Status |
|---|---|---|
| Public homepage | Anyone can read this page; the product itself is gated. | Open |
| Platform access | Every account is manually reviewed and approved by the owner. | Owner-approved |
| Public signup | Every workspace was let in on purpose — no self-serve account creation. | None during beta |
| Provider permissions | First scan uses a read-only IAM role — we publish the exact policy; delete it any time. | Read-only |
| Execution | Ships off. Arming needs a written mandate with caps; live purchases are hard-blocked. | Off by default |
| Billing | No card on file and no live charges during the private beta. | No live billing |
| Savings verification | Projected until your bill moves — graded against the real bill after you act. | Bill-graded |
| Audit trail | Append-only activity log, hash-chained and verifiable. | Hash-chained |
| Data export | Take your data out any time — including the FinOps Foundation's open FOCUS format. | CSV · JSON · FOCUS |
| Compliance | SOC 2 is on the roadmap; today's posture is documented openly instead. | Roadmap — not claimed |
Why buyers choose CloudJaeger
- Cost changes are explained by architecture and services.
- Recommendations become owned actions, not forgotten dashboard rows.
- Service and unit economics give engineering and finance a shared language.
- Kubernetes cost is labeled by basis, so estimates are not mistaken for bills.
- Execution stays off until approved.
Private beta pricing
CloudJaeger pricing is scoped manually during beta based on tracked spend, connected accounts, usage, integrations, and support needs. Start with a read-only pilot; access and terms are owner-approved.
Read-only Pilot
A 14-day guided evaluation on your own bill — keep the findings report either way.
- 14-day guided evaluation
- One AWS account to start
- Read-only scan — we publish the exact policy
- Cost Explorer
- Action Center preview
- No execution · no credit card
Design Partner
For teams shaping the product — first, with the attention that implies.
- Founder-led onboarding
- Workflow review with your team
- Ownership, waste, Kubernetes, and Jira scope by need
- Pricing discussed after pilot scope
Growth / Scale
For larger estates and multi-account environments.
- Custom scope across accounts and clouds
- Security review
- Support and advisory cadence
- Usage- and spend-based commercial model
Private beta. Access and commercial terms are manually approved. No credit card. No live billing today.
What the pilot proves in 14 days.
Fourteen days, one read-only AWS role. These are deliverables you keep — not projected outcomes.
- first scan from a read-only AWS role
- a bill-backed cost view of your estate
- what changed and why
- your top advisory actions, ranked
- ownership gaps — including honestly unowned spend
- a waste finding, or an honest $0
- Kubernetes cost basis, if you connect a cluster
- Jira workflow, if you configure it
- architecture review findings on your design
- a findings report that is yours to keep
- no execution, no credit card, no public signup
Access is owner-approved — request it and a founder reads it.
Request access
You'd be the design partner — first, with the attention that implies. A founder reads every request. Approved requests start as a read-only pilot: first findings in the first meeting, fourteen days, and the findings report is yours to keep either way.
Submitting a request does not create an account.
- 1Submit request
Tell us about your estate and what you want to evaluate — no account is created.
- 2Founder review
A founder reads every request and approves access manually.
- 3Invite
Approved requests get a personal invite — access stays owner-approved.
- 4Read-only pilot
A read-only first scan — we publish the exact policy; delete the role any time.
Frequently asked questions
What is CloudJaeger?
CloudJaeger is a private-beta FinOps and architecture operating loop. It connects cloud bills, services, ownership, architecture signals, Kubernetes cost basis, and advisory actions so teams can understand what changed, who owns it, and what to do next — read-only first and approval-gated by design. Detailed proof levels for every module are shown on /product and /security.
Is the homepage public?
Yes — this page is open to anyone. The product behind it is a private beta: every workspace is manually reviewed and approved by the owner before any account exists.
Can anyone sign up?
No — access is owner-approved. You request access, the founder reviews it, and an approved request starts as a read-only pilot. Submitting a request does not create an account.
Do you need write access?
No. The first scan uses a read-only IAM role — we publish the exact policy before you connect, and you can delete it any time. No agents run on your workloads.
Does it execute changes automatically?
No. Execution ships off by default and arms only under a written mandate with caps — and live purchases are hard-blocked today. Until you approve something, CloudJaeger only reads.
How are savings verified?
Against your bill, not our dashboard. Savings stay projected until your invoice actually moves — the tile says 'not verified yet' until then, and every action is graded against the real bill after you act.
How does CloudJaeger connect cloud cost and architecture?
CloudJaeger maps cost, resources, ownership, and advisory architecture signals into one operating loop. It does not replace human architecture review; it gives teams bill-backed context, service ownership, and evidence-backed recommendations before they act.
How does CloudJaeger help microservice and platform teams?
Services running on shared infrastructure get an owner source — configured, inferred, or honestly unknown — attributed costs with the overlap labeled, unit economics where teams push a denominator, and a Kubernetes cost basis that says which kind of dollar it is. Platform teams can hand product teams numbers they will actually accept.
How is CloudJaeger different from cloud cost dashboards?
Dashboards end at visibility. CloudJaeger is the operating loop after it — every number carries source, freshness, and confidence, and every recommendation carries evidence, risk, reversibility, effort, and a next step that can leave as an owned ticket.
How is CloudJaeger different from observability add-ons?
Cost modules that ride an observability platform are strongest inside that platform. CloudJaeger is cost-native and read-only-first — bill reconciliation, ownership, waste, Kubernetes cost basis, and an approval-gated workflow are the core product, not an add-on.
How is CloudJaeger different from Kubernetes-only cost tools?
Single-purpose Kubernetes allocators go deep on cluster allocation. CloudJaeger treats Kubernetes as one honest lens of whole-estate cost, with the basis labeled on every surface — usage-only, estimated, imported, or bill-backed — so a cluster number is never mistaken for a bill number.
How is CloudJaeger different from architecture review spreadsheets or consulting?
Point-in-time reviews and spreadsheets drift the day they are finished, and they rarely carry bill context. CloudJaeger's architecture advisor is deterministic and advisory — validated against 13 golden scenarios every release — and it reviews patterns and cost posture continuously against your synced estate, with the bill attached. It briefs human judgment rather than replacing it.
What makes CloudJaeger different from traditional FinOps tools?
Three defaults: provenance on every number, execution shipped off — arming requires a written mandate with caps and a named approver, and live purchases are hard-blocked today — and savings that stay projected until your bill proves them.
What does the pilot include?
One AWS payer account with a read-only role — we publish the exact policy before you connect, and you can delete it any time. You run Growth-level modules for the duration, fourteen days, and the findings report is yours to keep either way. On our own estate, first findings landed in sixteen seconds. No execution, no card, no agents.
What data do you need?
Read-only cost and usage data: your billing exports plus what the read-only role can describe. Data is EU-hosted and encrypted in transit and at rest, and you can export it — CSV, JSON, and FOCUS, the FinOps Foundation's open format — or delete your workspace at any time.
Is billing live?
No — pricing is scoped manually during the beta based on pilot scope and usage, and access and commercial terms are manually approved. No credit card. No live billing today.
