AWS is too big to watch by hand. Agents map the account, investigate anomalies, and open the fix as a pull request.
Two hundred services, four consoles deep. Polylane turns your account into something agents can reason about, investigate, and fix with your review.
Join the waitlistEvery supported resource.
The AWS resource types that show up in your graph.
Proactive observability for AWS.
Self-operating software at AWS scale: proactive agents watch the account, investigate anomalies, and open the fixes.
From VPCs to Lambdas, one graph
Lambda, ECS, RDS, DynamoDB, SQS, SNS, EventBridge, Step Functions, VPCs and everything wired to them, EKS clusters included: 74 resource types land in one living graph with their edges, config, and history.
Read-only, by construction
Connecting is one CloudFormation stack that creates an IAM role with the AWS-managed ReadOnlyAccess policy. No write, delete, or modify permissions, cross-account assumption only, and the template is open for review before you create it.
Alarms that investigate themselves
Optionally point your CloudWatch Alarms at Polylane, and when one fires, an agent picks it up and starts investigating immediately, so the alarm arrives with an explanation instead of a dashboard link.
CloudWatch, actually read
Agents comb your CloudWatch metrics and logs and X-Ray traces on a cadence, and judge what they see against how each resource normally behaves. No thresholds to tune, no alert rules to babysit.
Who changed what, answered
Each sync writes down exactly what appeared, changed, or disappeared across the account. When something breaks minutes after an infrastructure change, the investigation starts from that change, not from scratch.
Investigations that end in a PR
When the root cause is a line of code, the investigation ends as a pull request on the repo behind the service, with a regression test and the evidence trail attached.
Questions.
How does Polylane connect to my AWS account?
Through a CloudFormation stack. You enter your account ID and region, review the pre-loaded template, and create the stack. It provisions an IAM role that Polylane assumes cross-account, and your resources start syncing within minutes.
Is it really read-only?
Yes. The IAM role carries the AWS-managed ReadOnlyAccess policy and nothing else: no write, delete, or modify permissions, and it can only be assumed cross-account from Polylane's AWS account. The CloudFormation template is open, so you can review exactly what's granted before creating the stack. Changes to your code only ever land as pull requests.
What AWS resources does Polylane sync?
74 resource types: Lambda, EC2, VPC networking, S3, DynamoDB, RDS and Aurora, ECS, EKS (clusters, node groups, Fargate profiles, addons), SQS, SNS, EventBridge, Step Functions, Kinesis, ElastiCache, CloudFront, API Gateway, Cognito, Glue, Redshift, load balancers, and more. The full list is on this page.
What happens when a CloudWatch alarm fires?
If you opt in when connecting, Polylane subscribes to the CloudWatch Alarms in the account. When one fires, an agent picks it up and investigates it automatically, correlating it with recent changes and the surrounding resources in the graph.
Does it work with my observability provider?
Yes. Datadog, Sentry, Honeycomb, and Axiom join the graph as first-class sources, and their alerts get triaged by an agent the moment they fire.
What does it cost?
Early access is rolling out through the waitlist. Join it and we'll get you in as capacity opens up.