- Azure FinOps Essentials
- Posts
- Azure FinOps Essentials
Azure FinOps Essentials
Shifting FinOps Left: Using Infracost to Prevent Unexpected Cloud Costs
Michiel van Oudheusden
March 10, 2025 β’ Estimated Reading Time: 13 minutes
In partnership with
Hi there, and welcome to this weekβs edition of Azure FinOps Essentials! π
This week, Iβm exploring how Infracost helps bring FinOps directly into the development process. By integrating cost estimates into your Infrastructure-as-Code workflows, Infracost enables a shift-left approach to cloud cost awareness. Instead of waiting for invoices to reveal unexpected expenses, developers can see cost implications before infrastructure changes are deployed.
Weβll look at how Infracost works, from real-time cost estimates in VS Code, to automated cost breakdowns in CI/CD pipelines, and even dashboarding to track avoided costs. While itβs built around Terraform, it fully supports Azure pricing, making it a valuable addition for teams looking to integrate FinOps early in the development cycle.
If youβre using Terraform and want to proactively manage cloud costs, this edition will show you how Infracost can help.
Cheers, Michiel
Optimize global IT operations with our World at Work Guide
Explore this ready-to-go guide to support your IT operations in 130+ countries. Discover how:
Standardizing global IT operations enhances efficiency and reduces overhead
Ensuring compliance with local IT legislation to safeguard your operations
Integrating Deel IT with EOR, global payroll, and contractor management optimizes your tech stack
Leverage Deel IT to manage your global operations with ease.
Shifting Left in FinOps with Infracost
Iβm a big fan of shift-left practicesβtackling problems as early as possible in the development process. The earlier an issue is caught, the easier and cheaper it is to fix. This is very obvious in security: a vulnerability found in production can be costly to remediate, while catching it during development or testing is far more manageable. Thatβs why DevOps teams integrate security measures like secret scanning, vulnerability detection, dependency management, and code analysis directly into their CI/CD pipelines. Some even take it a step further by using Roslyn Analyzer rules or pre-commit hooks in Git repositories to prevent issues before they reach production.
But what does shift-left mean in the context of FinOps?
Traditionally, FinOps is seen as a financial discipline focused on optimizing cloud costs after resources have already been deployed. But cost optimization should start much earlier in the process. Any cost that isnβt incurred is the best kind of cost saving. The last thing you want is to provision infrastructure and only realize weeks later that it is significantly more expensive than anticipated. While anomaly detection and real-time cost reports can help flag unexpected charges, what if developers could see potential cost implications before infrastructure changes are deployed?
This is where Infracost comes in.
I recently had the chance to see a demo from the creator of Infracost, and I was impressed by how it brings cost awareness directly into the development workflow. Instead of waiting for cloud bills to highlight inefficiencies, Infracost provides instant cost estimates for infrastructure changes right inside pull requests. This means developers can make informed decisions about costs before they deploy anything to the cloud.
Letβs explore how Infracost works and how it can help teams integrate cost considerations into their DevOps process.
How Infracost Brings Cost Awareness to Development
Infracost enables a shift-left approach for cloud cost management by providing real-time cost estimates for Terraform configurations before they are deployed. Instead of treating cost optimization as a post-deployment concern, it integrates cost visibility directly into the development process. In addition to cost estimates, Infracost can check for FinOps best practices based on cloud providersβ Well-Architected Frameworks and enforce company policies, such as required tag keys and values. This makes cost discussions part of the engineering workflow rather than an afterthought.
Infracost supports AWS, Azure, and Google Cloud, and offers several ways to integrate into your workflow:
1. Visual Studio Code Extension
For developers working in VS Code, Infracost provides direct cost insights within the IDE. After installing the extension and connecting it to an Infracost account (which offers a free tier), an Infracost sidebar will display the detected costs for the project.
β’ When opening a Terraform file, each resource will have a line above it showing the estimated monthly cost.
β’ If you modify parametersβsuch as changing an SKU or increasing the number of instancesβthe displayed cost updates dynamically.
β’ Resources with usage-based pricing, like a storage account, may initially show zero cost since charges depend on actual usage rather than provisioning.
β’ Clicking on a cost estimate opens a detailed breakdown of the pricing components.
This integration provides instant feedback, helping developers understand how infrastructure decisions impact costs without leaving their coding environment.
2. CLI for Cost Comparisons
For those who prefer working in the command line, Infracost offers a CLI tool that allows you to track infrastructure cost changes over time.
β’ After installing the CLI and linking it to an Infracost account, you can generate a cost baseline for your Terraform setup.
β’ Running a diff operation compares the current configuration with a previous version, showing the cost differences between them.
Evaluating Terraform directory at .
β Downloading Terraform modules
β Evaluating Terraform directory
β Retrieving cloud prices to calculate costs
Project: XpiritBV/finops-demos/infracost/terraform
Name Monthly Qty Unit Monthly Cost
aws_cloudwatch_dashboard.example
ββ Dashboard 1 months $3.00
aws_db_instance.example
ββ Database instance (on-demand, Single-AZ, db.t2.micro) 730 hours $12.41
ββ Storage (general purpose SSD, gp2) 20 GB $2.30
aws_instance.example
ββ Instance usage (Linux/UNIX, on-demand, t2.micro) 730 hours $8.47
ββ root_block_device
ββ Storage (general purpose SSD, gp2) 8 GB $0.80
aws_s3_bucket.example1
ββ Standard
ββ Storage Monthly cost depends on usage: $0.023 per GB
ββ PUT, COPY, POST, LIST requests Monthly cost depends on usage: $0.005 per 1k requests
ββ GET, SELECT, and all other requests Monthly cost depends on usage: $0.0004 per 1k requests
ββ Select data scanned Monthly cost depends on usage: $0.002 per GB
ββ Select data returned Monthly cost depends on usage: $0.0007 per GB
aws_s3_bucket.example2
ββ Standard
ββ Storage Monthly cost depends on usage: $0.023 per GB
ββ PUT, COPY, POST, LIST requests Monthly cost depends on usage: $0.005 per 1k requests
ββ GET, SELECT, and all other requests Monthly cost depends on usage: $0.0004 per 1k requests
ββ Select data scanned Monthly cost depends on usage: $0.002 per GB
ββ Select data returned Monthly cost depends on usage: $0.0007 per GB
aws_secretsmanager_secret.example
ββ Secret 1 months $0.40
ββ API requests Monthly cost depends on usage: $0.05 per 10k requests
azurerm_app_service_plan.example
ββ Instance usage (B1) 730 hours $12.41
azurerm_application_insights.example
ββ Data ingested Monthly cost depends on usage: $2.30 per GB
azurerm_storage_account.example1
ββ Capacity Monthly cost depends on usage: $0.0208 per GB
ββ Write operations Monthly cost depends on usage: $0.05 per 10k operations
ββ List and create container operations Monthly cost depends on usage: $0.05 per 10k operations
ββ Read operations Monthly cost depends on usage: $0.004 per 10k operations
ββ All other operations Monthly cost depends on usage: $0.004 per 10k operations
ββ Blob index Monthly cost depends on usage: $0.03 per 10k tags
azurerm_storage_account.example2
ββ Capacity Monthly cost depends on usage: $0.0208 per GB
ββ Write operations Monthly cost depends on usage: $0.05 per 10k operations
ββ List and create container operations Monthly cost depends on usage: $0.05 per 10k operations
ββ Read operations Monthly cost depends on usage: $0.004 per 10k operations
ββ All other operations Monthly cost depends on usage: $0.004 per 10k operations
ββ Blob index Monthly cost depends on usage: $0.03 per 10k tags
OVERALL TOTAL $39.79
ββββββββββββββββββββββββββββββββββ
15 cloud resources were detected:
β 10 were estimated, 8 of which include usage-based costs, see https://infracost.io/usage-file
β 5 were free, rerun with --show-skipped to see details
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ³βββββββββββββββ
β Project β Monthly cost β
β£ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ«
β XpiritBV/finops-demos/infracost/terraform β $40 β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ»βββββββββββββββThis approach is useful for validating cost changes before committing infrastructure updates, helping teams avoid unexpected expenses.
3. CI/CD Pipeline Integration
One of the most powerful features of Infracost is its integration with CI/CD pipelines. By adding Infracost to GitHub, GitLab, or Azure DevOps, teams can automatically scan Terraform changes within pull requests and display cost differences alongside the proposed infrastructure updates.
β’ Whenever a pull request is created, Infracost analyzes the Terraform configuration and compares it to the current infrastructure.
β’ It then posts a cost diff report directly in the PR, highlighting the expected increase or decrease in cloud spend.
Pull Request comment due to change in parameters
This makes it easy for reviewers and developers to make informed decisions about infrastructure changes before they are merged and deployed.
4. Dashboard & Policy Enforcement
Beyond cost estimation, Infracost provides an online dashboard for monitoring cost-saving actions and enforcing FinOps policies.
β’ The dashboard tracks cost savings by showing how much potential spend was avoided due to developers acting on cost insights before deploying changes.
β’ Companies can set up policy enforcement rules, such as:
β’ Enforcing tagging policies to ensure proper cost allocation.
β’ Flagging expensive or outdated instance types.
β’ Preventing deployments in restricted regions.
β’ Ensuring non-production environments donβt use unnecessarily high-cost resources.
By integrating Infracost into different stages of developmentβfrom coding and CI/CD to monitoringβteams gain full visibility into cloud costs before they become a financial burden. Whether through the IDE, CLI, or automated pull request checks, Infracost brings cost awareness directly to the engineers making infrastructure decisions.
Bringing FinOps to Developers with Infracost
Iβm really impressed by both the features and the mindset behind Infracost. The idea of cost avoidanceβmaking developers aware of infrastructure costs before changes are deployedβis a great application of shift-left FinOps. Instead of reacting to unexpected bills, teams can proactively make cost-conscious decisions as part of their workflow.
With budgets, policies, dashboards, and deep integration into CI/CD, Infracost provides a complete system for embedding cost awareness into the development lifecycle. The flexibility of configuration, alongside its real-time cost insights, makes it a powerful tool for organizations looking to integrate FinOps directly into their DevOps practices.
Now, since this is an Azure FinOps Essentials newsletter, you might be wondering: does Infracost support ARM/Bicep? The short answer is noβInfracost is built specifically for the Terraform ecosystem. The team has invested heavily in parsing HCL configurations, modules, conditions, and dependencies to provide accurate cost estimates, and supporting multiple Infrastructure-as-Code (IaC) languages at that depth is no small feat.
That said, Terraform offers advantages over ARM/Bicep, including the ability to manage both the control plane and data plane in Azure, along with a rich ecosystem of tools and integrations. Infracost fully supports Azure pricing, and its cost estimation engine fetches real-time prices directly from the Azure price list.
Infracost integrates seamlessly with GitHub, GitLab, and Azure DevOps, as well as other platforms where some manual setup may be required.
So, if youβre already using Terraform, have your CI/CD workflows in place, and want to shift FinOps left, Infracost is worth exploring. Give it a try and see how much value it can bring to your teamβand no, they didnβt ask or pay me to write this!
Learn AI in 5 minutes a day
Whatβs the secret to staying ahead of the curve in the world of AI? Information. Luckily, you can join 1,000,000+ early adopters reading The Rundown AI β the free newsletter that makes you smarter on AI with just a 5-minute read per day.
Please help me by visiting my sponsor. And interested in sponsoring yourself, then visit the sponsor page.
Thanks for reading this weekβs edition. Share with your colleagues and make sure to subscribe to receive more weekly tips. See you next time!
P.S. I have another newsletter about GitHub, Azure, and .NET news. Subscribe as well to keep informed:
Reply