Using Shift Left paradigm to manage cloud cost

By [Denislav Tsonev] on May 31, 2024. Reading time: 6 minutes and 9 seconds.

Using Shift Left paradigm to manage cloud cost

Introduction

In the fast-evolving world of cloud computing, managing costs effectively has become a crucial aspect of maintaining a sustainable and profitable business. The “Shift left” paradigm, originally a concept in software development, emphasizes the importance of addressing potential issues early in the development process. When applied to AWS cost optimization and management, this approach ensures that cost considerations are integrated into the earliest stages of the development lifecycle.

By shifting cost management left, organizations can avoid unexpected expenses and optimize their cloud spending proactively. This blog post explores the application of the “Shift left” paradigm to AWS cost optimization, focusing on tools like Open Policy Agent (OPA) policies, Infracost, and Terracost. We will delve into how these tools can help estimate and control costs efficiently, ensuring that your AWS resources are both cost-effective and aligned with your financial goals.

What is “Shift Left” in Cloud Cost Management?

The “Shift left” paradigm is a strategic approach initially rooted in software development, aiming to identify and address potential issues early in the development lifecycle. When applied to cloud cost management, the “Shift left” approach ensures that cost considerations are integrated from the very beginning of the project, rather than being an afterthought. This proactive approach helps organizations avoid unexpected expenses before they occur, leading to more predictable and manageable cloud costs.

In the context of AWS cost management, shifting left means incorporating cost estimation, monitoring, and control mechanisms into the initial stages of infrastructure planning and deployment. By doing so, organizations can:

  • Identify Cost Drivers Early: Understand which components and resources are likely to contribute the most to overall cloud costs.
  • Enforce Cost Policies: Implement policies and controls to prevent the deployment of overly expensive resources or configurations.
  • Optimize Resource Usage: Ensure that resources are used efficiently, avoiding unnecessary expenditures.
  • Improve Budgeting and Forecasting: Provide accurate cost estimates that help in setting realistic budgets and financial forecasts.

Tools and practices that support the “Shift left” paradigm in cloud cost management include cost estimation tools, policy enforcement frameworks, and detailed cost monitoring solutions. In the following sections, we will explore how Open Policy Agent (OPA) policies, Infracost, and Terracost can facilitate this approach, helping organizations to manage AWS costs effectively from the outset.

Using OPA Policies for AWS Cost Management

Open Policy Agent (OPA) is an open-source, general-purpose policy engine that enables unified policy enforcement across different systems. In the context of AWS cost management, OPA policies can play a crucial role in enforcing cost-related rules and standards within your infrastructure, ensuring that resources are deployed in a cost-effective manner.

How OPA Policies Work

OPA allows you to write policies in a high-level declarative language called Rego. These policies can be used to define rules for various aspects of your infrastructure, including cost management. For example, you can create policies that:

  • Restrict Resource Types: Prevent the deployment of specific resource types that are known to be expensive unless explicitly approved.
  • Enforce Resource Limits: Ensure that certain resources do not exceed predefined cost or usage limits.
  • Tagging and Labeling: Require proper tagging and labeling of resources to enable better cost tracking and allocation.

Example OPA Policies for Cost Optimization

  1. Restricting Expensive Instance Types:
package cost_control

deny[msg] {
    input.kind == "Instance"
    input.spec.type == "m5.24xlarge"
    msg = sprintf("Instance type %s is not allowed due to high cost.", [input.spec.type])
}

This policy denies the deployment of m5.24xlarge instances, which are known to be costly.

  1. Enforcing Budget Limits:
package cost_control

deny[msg] {
    input.kind == "Deployment"
    sum(input.spec.resources.requests.memory) > 100 * 1024 * 1024 * 1024
    msg = "Total memory request exceeds the allowed limit of 100 GiB."
}

This policy ensures that the total memory requested by a deployment does not exceed 100 GiB.

  1. Mandatory Resource Tagging:
package cost_control

deny[msg] {
    input.kind == "Resource"
    not input.metadata.labels.cost_center
    msg = "All resources must have a 'cost_center' label for cost tracking."
}

This policy requires that all resources include a cost_center label, facilitating accurate cost tracking.

Implementing OPA in Your Workflow

Integrating OPA into your AWS environment can be done through various tools and platforms that support policy enforcement, such as Kubernetes, Terraform, and CI/CD pipelines. By incorporating OPA policies early in the deployment process, you ensure that cost considerations are an integral part of your infrastructure management, preventing unexpected expenses and promoting cost efficiency.

Infracost for Cost Estimation in Terraform

Infracost is a powerful tool designed to help teams estimate cloud costs before they launch resources. By integrating with Terraform, Infracost provides real-time cost estimates based on your infrastructure code, allowing you to make informed decisions about resource provisioning and management.

How Infracost Works

Infracost analyzes your Terraform configuration files and retrieves current pricing information from cloud providers like AWS. It then generates detailed cost estimates, helping you understand the financial implications of your infrastructure decisions. Key features of Infracost include:

  • Real-Time Cost Estimates: Get accurate cost estimates as you write and modify your Terraform configurations.
  • Detailed Breakdown: View a detailed breakdown of costs by resource, making it easier to identify expensive components.
  • Integration with CI/CD: Incorporate cost estimates into your CI/CD pipeline to ensure cost efficiency throughout the development lifecycle.

Benefits of Using Infracost

  • Proactive Cost Management: By estimating costs early in the development process, you can avoid surprises and optimize your budget.
  • Transparency: Provides clear visibility into the cost impact of infrastructure changes, fostering better communication and decision-making within teams.
  • Efficiency: Helps prioritize cost-effective solutions, improving the overall efficiency of your cloud spending.

Recent Changes in Infracost Offerings

Recently, Infracost moved the feature for maintaining an on-prem cost database into their enterprise license. This shift means that customers who require on-premises solutions for storing AWS prices need to consider the enterprise plan. While this change may affect some users, it also highlights the need for alternative tools for those who prefer to keep everything under their control.

Introducing Terracost: An Alternative for On-Prem Cost Management

As organizations increasingly prioritize control over their data and infrastructure, the need for on-premises solutions for cost management has grown. Terracost, a Go library for AWS cost estimation, offers an effective alternative to tools like Infracost, especially for clients who prefer to maintain their cost databases on-premises.

What is Terracost?

Terracost is an open-source tool designed to estimate the cost of AWS resources by leveraging a locally managed MySQL database for storing pricing information. This setup provides organizations with full control over their cost data, ensuring that sensitive information remains within their own infrastructure.

Key Features of Terracost

  • On-Prem Cost Database: Terracost allows you to maintain your AWS pricing data on-premises, providing greater control and security over your cost information.
  • Integration with Terraform: Similar to Infracost, Terracost integrates seamlessly with Terraform, enabling real-time cost estimates based on your infrastructure code.
  • Customizable and Extensible: Being an open-source Go library, Terracost offers flexibility and customization options, allowing you to tailor it to your specific needs.

Benefits of Using Terracost

  • Data Control: By maintaining cost data on-premises, organizations can ensure that sensitive pricing information is kept secure and compliant with internal policies.
  • Cost Savings: Avoid the need for enterprise licensing fees associated with other cost estimation tools, potentially reducing overall expenses.
  • Flexibility: The open-source nature of Terracost allows for customization and integration with existing workflows and tools.

How to Integrate Terracost with an On-Prem MySQL Database

  1. Setup MySQL Database:

Install MySQL on your on-premises server. Create a database and import the AWS pricing data. This data can be obtained from AWS pricing APIs or other sources. Install Terracost:

  1. Download and install Terracost from the official repository. Configure Terracost to connect to your MySQL database by updating the configuration file with your database credentials.

  2. Integrate with Terraform:

Add Terracost to your Terraform workflow to start estimating costs. You can use Terracost’s CLI commands to generate cost reports based on your Terraform configuration files. Automate Cost Estimation:

Integrate Terracost into your CI/CD pipeline to automate cost estimation and ensure that every infrastructure change is evaluated for cost impact before deployment. By leveraging Terracost, organizations can implement a robust on-prem cost management solution that aligns with their data security and compliance requirements while maintaining the flexibility and control needed for effective cost optimization.