Cloud provider budget alerts configured

Severity: Critical

Runaway cloud costs are a real business risk. Every cloud provider should have budget alerts with defined amounts and multiple thresholds.

Check automatically:

# AWS - List all budgets and their configurations
aws budgets describe-budgets --account-id $(aws sts get-caller-identity --query Account --output text)

# GCP - List billing budgets (requires billing account ID)
gcloud billing budgets list --billing-account=BILLING_ACCOUNT_ID

# Azure - List consumption budgets
az consumption budget list

# Check infrastructure-as-code for budget definitions
grep -riE "budget|billing.*alert|cost.*alert" terraform/ pulumi/ cdk/ infra/ --include="*.tf" --include="*.ts" --include="*.yaml" --include="*.yml" 2>/dev/null

Ask user:

• "Which cloud providers are in use?"
• "Is there a defined budget for this project? Where documented?"
• "At what thresholds do you get alerted?" (expect 50%, 80%, 100% or similar)
• "Who receives alerts? Is that inbox monitored?"

Pass criteria:

• Every active cloud provider has budget alerts configured
• Budget amount defined (not just "alert on any spend")
• Multiple thresholds including early warning (≤50%) and approaching limit (80-90%)
• Alerts go to monitored recipients (not a dead inbox)

Fail criteria:

• Any cloud provider without budget alerts
• No defined budget amount ("we just watch the bill")
• Only alerts at 100% (too late to act)
• Alerts go to unmonitored inbox or former employee

Evidence to capture:

• Cloud providers in use
• Budget amounts per provider/project
• Threshold percentages configured
• Alert recipients

---