Two-pass extraction
Pass 1 finds canonical AWS shapes (ARNs, instance IDs, IPs, Route53 hostnames) by regex. Pass 2 walks your actual inventory and finds resource names referenced by short alias. Catches what a single-pass scanner misses.
Stop discovering stale runbooks
at 2 a.m.
RunbookGuard scans your Confluence runbooks for IPs, hostnames, and AWS resource IDs, then cross-checks them against your live AWS inventory. Catch the references that point to instances you terminated last quarter — before your on-call does.
Features
Built for engineers who own the runbook AND the AWS account
Six things that matter, and nothing else. No AI hallucinations, no agents to install, no third-party data leaving your tenant.
Read-only by design
RunbookGuard never modifies Confluence pages, AWS resources, or Jira tickets — except the tickets you click to create. The IAM policy is Describe*, List*,Get* only. Zero blast radius if you're wrong about a finding.
Documentation coverage
Reverse view: every AWS resource that has zero references in your wiki, sorted by estimated monthly cost. Know what to document next without guessing.
Weekly digest, new findings only
One email a week, only what's NEW since the previous scan. No alert fatigue, no scrolling past the same 200 issues you saw last week. Per-team schedule + timezone.
One-click Jira tickets
Turn a finding into a fully-populated Jira issue in two clicks: page link, AWS resource, severity, recommended fix. Parent ticket + subtasks supported. Works with any project you already have access to.
Incremental scans
Re-indexes only the pages that changed since the last run. 50,000-page space scans in under 8 minutes. First scan of 1K pages: ~5 minutes.
How it works
From install to first finding in five minutes
No setup wizard maze, no AWS engineer required for onboarding. Three steps, then RunbookGuard runs weekly on its own.
01
Install from the Marketplace
One click in your Confluence Apps directory. No agent, no on-prem dependencies, no separate database. RunbookGuard runs on Atlassian's Forge platform inside your tenant.
02
Connect AWS — read-only
Paste an IAM Role ARN into the onboarding wizard. We use STS AssumeRole with a per-tenant External ID. The required policy is Describe / List / Get only — no write permissions, ever.
03
Run your first scan
Click Run Scan. 1,000 pages takes about 5 minutes. Findings appear as the scan completes; sort by severity, drill into evidence, dismiss false positives, or send to Jira with one click.
FAQ
The questions you'd ask on a sales call
No. The Confluence integration is read-only (we use Atlassian's read-content scope). The AWS role uses a custom least-privilege policy with 17 explicit read actions across 9 services — NOT the AWS-managed ReadOnlyAccess policy, which is too broad. The single write exception: if you click "Send to Jira" on a finding, RunbookGuard creates one Jira ticket using the scope you authorized. See /security for the full policy.
For most enterprises where Atlassian Cloud is on the approved-vendor list, RunbookGuard inherits that approval — there's no separate vendor-onboarding cycle. Billing flows through the Atlassian Marketplace, which most enterprise procurement teams treat as part of the existing Atlassian relationship rather than a new SaaS vendor. Median time from interest to install: 2-3 days.
Yes. RunbookGuard runs on Atlassian Forge, which inherits your Atlassian Cloud region setting. If your Confluence instance is configured for EU data residency, all RunbookGuard data stays on EU infrastructure. We don't run a separate region tier and don't move data outside your Atlassian region.
Pennies per scan, in practice. RunbookGuard makes read-only Describe / List API calls — no data transfer beyond inventory metadata. A typical 12-resource-type scan against a mid-size account is well under $0.01.
Inside your Atlassian Cloud tenant, in Forge SQL and Forge KVS — both isolated per-install by Atlassian. The only outbound calls are to your own AWS account and to Resend for digest email delivery. We do not operate a third-party database. See the Privacy Policy for full details.
Yes. RunbookGuard supports scanning multiple AWS accounts from a single Confluence install. Each account gets its own IAM role, its own External ID, and its own per-account inventory cache. Findings are tagged with the source account so dashboards can show stale references in prod vs staging independently. Disabling an account stops further scans against it without resolving its existing findings.
Yes. The extractor walks code blocks, CDATA, every Confluence macro variant, and structured tables. There is also a corpus test suite of known-stale fixtures that has zero false negatives on canonical AWS shapes.
Not supported. RunbookGuard is built on Atlassian Forge, which is Cloud-only. If your team is on Server or Data Center, this isn't the right tool yet.
AWS only in v1. The architecture is cloud-agnostic, but adding Azure/GCP requires writing the inventory fetchers — not on the v1 roadmap.
Every finding has a confidence score, a severity, and a Dismiss button (with optional reason). Dismissed findings stay dismissed across re-scans. False-positive rate is target <10% on clean environments and <20% on messy ones; you can tune by adjusting which Confluence spaces are in scope.
Find your stale runbooks before your on-call does
Five-minute install. First scan in under five. Read-only AWS access. Cancel any time by uninstalling — Atlassian deletes all your data within 30 days.