An open-source FinOps platform that automatically detects and remediates cost inefficiencies across your Google Cloud infrastructure.
Cloud costs are the fastest-growing line item for most engineering teams, yet optimization is often manual, reactive, and time-consuming. Teams discover waste during quarterly reviews instead of preventing it in real-time.
Cloud Guardian was created to close this gap. It continuously scans your GCP projects every 6 hours, evaluates resources against configurable policies, and either alerts you or automatically fixes the issue — all without requiring you to change your deployment workflow.
You can't optimize what you can't see. Cloud Guardian surfaces cost data, utilization metrics, and policy violations across all your GCP projects in a single dashboard.
Detection without action is just noise. Cloud Guardian auto-fixes violations via direct GCP API calls or GitHub PRs against your infrastructure-as-code.
Credentials are encrypted with AES-256-GCM using Cloud KMS-wrapped DEKs. Read-only scanning. Write permissions only where auto-remediation is explicitly enabled.
Integrates into your existing workflow. MCP server for Claude Code, GitHub App for PR-based fixes, API keys for CI/CD, and webhook notifications for your alerting stack.
Go, Connect-RPC (gRPC + HTTP/JSON), deployed on Cloud Run (australia-southeast2). Firestore for persistence, Cloud KMS for credential encryption.
Next.js 16, React 19, Tailwind CSS, shadcn/ui. Deployed on Vercel. Firebase Auth for authentication.
Parallel GCP API scanning across 9 resource types. CEL-based custom rules. Background ticker with per-project timeouts.
70+ tools for Claude Code integration. Server-mediated auth flow. Full platform control from your terminal.
Cloud Guardian is open source. Contributions, issues, and feature requests are welcome.