Users are increasingly performing tasks using remote computing resources, which may be offered through a shared-resource environment. This has many advantages, as users do not have to purchase and maintain dedicated hardware and software, and instead can pay for only those resources that are utilized at any given time, where those resources typically will be managed by a resource provider. Users can perform tasks such as storing data or executing applications using various types of resources offered by the resource provider. In some environments, a user's account in a resource provider environment may include a root user, having access to, and control over, the entire account. For some security-sensitive users, such a user profile which may be enabled to override most controls on the system can present a security risk. Additionally, rules may be utilized to determine if a particular action has resulted in an unwanted condition and generate an alert. However, such rules are reactive to the unwanted condition existing. This only allows for corrective effort after a potential security or customer compliance breach has occurred.