Infracost - How to get started

Written By

Florian Pialoux

Blog

Infracost is an open-source project released in June 2020 on their 0.1.0 version. It was created by cloud computer experts Hassan Khajeh-Hosseini, Ali Khajeh-Hosseini, and Alistair Scott. They have been working with cloud technologies since 2012, by providing solutions to tech giants such as Sony, Samsung, and Netflix.

Working with cloud providers and DevOps is all about speed, efficiency, and cost management. However, the cost of infrastructural changes can be challenging to gauge. A deployment that shifts allocated resources may lead to a displeasing bill at the end of the month.

Infracost aims to help companies estimate the cost of every IaC change made to their cloud infrastructure. One of the most difficult changes to determine is the cost associated with the deployment of new resources. Often they will require several structural adjustments. And this is where Infracost shines, providing a straight-to-the-point cost summary.

Infracost vs Terraform Cloud Cost Estimation

While Terraform Cloud offers a service similar to Infracost, there are some key differences between the two.

  • Infracost supports over 200 resources, while Terraform Cloud only supports 43 currently.
  • It supports usage-based resources and variable usage analysis.
  • It has its own CLI, which can be used standalone or integrated into your project's current workflow.
  • It can be used together with Terragrunt.
  • It generates easy-to-read HTML reports, or JSON, which can be integrated with other tools.

Their CLI tools are supported by the big three cloud providers, Amazon Web Services, Azure Cloud, and Google Cloud Platform. In addition, it can be integrated with many popular CI/CD tools, such as GitHub Action, GitLab CI, CircleCI, Bitbucket Pipelines, Atlantis, Jenkins, Azure DevOps, Terraform Cloud, and more.

Pricing Model

Infracost offers a free program with open-source code, cost breakdowns, diffs, CI/CD integration, and has a large community behind it to offer support.

They offer a negotiable Enterprise program supporting multiple teams, a dashboard to centralize analysis and cost management for larger projects. In addition, they also provide the ability to integrate Source Control Management (SCM) enterprise editions of GitHub, GitLab, and BitBucket. It also has a self-hosting option at this tier and dedicated support that can be reached to assist with any issues and use cases. If interested, this program can be contracted by contacting their support at [email protected].

How does it work

Infracost works by using its Cloud Pricing API backend service. Using the CLI tool, you can parse a Terraform plan in JSON file format. The API then cross-references the individual cost of each cloud resource in use and their related cost parameters based on the cloud provider. The costs returned will give you a monthly approximation of the changes found in your plan.

Infracost will not need any credentials or secret information to perform its functions. It will also not make any alterations to Terraform or to the cloud resources it analyses. Instead, the API uses the count of Terraform resource types, which ensures that new resources are always accounted for, ensuring freshly deployed resources are part of the generated report. If you still have questions about how Infracost works, you can find more information in their frequently updated FAQ.

Installing Infracost

This command will download and install the CLI tool for a Linux machine and place it inside /usr/local/bin

To download, execute:

  curl -fsSL https://raw.githubusercontent.com/infracost/infracost/master/scripts/install.sh | sh

After downloading the CLI, you can get a free API key to start using the tool by executing:

  infracost register

The .yml file with the key is saved at:

  ~/.config/infracost/credentials.yml

From here, no additional configuration is needed in most cases, and both complete breakdowns and differences (diff) between plans can be obtained by using the following commands:

  # Generates a complete breakdown of every modified resource by analyzing the plan file
infracost breakdown --path

# Shows the difference in costs between current and planned states
infracost diff --path

How we integrated Infracost to GitLabCI pipeline at Bluelight

We have been using Infracost internally. However, we ran into an issue using our internal Terraform repository while running it with GitLabCI. As a result, we expected to be able to use our tfstate directly. Unfortunately, Infracost doesn't work with a remote tfstate. And since our tfstate is hosted on a remote S3 bucket, it failed.

To deal with this issue, we needed to add an extra step to our Terraform plan job to produce a plan file in JSON format, which Infracost can read and analyze.

To generate the file, we used the command:

  terraform show -json aws-buckets.tfplan > plan.json

This issue has to do with the current limitation of the tool, where it's unable to scan any remote tfstate. It might be by design, but it adds a problematic extra step to the workflow. Unfortunately, we weren't the first to face this issue. You can read more about it here.

Here’s what our .gitlab-ci.yml looked like and how we fixed this issue:

  stages:
- plan
- infracost

.base-terraform:
  image:
    name: hashicorp/terraform:0.15.4
    entrypoint:
      - /usr/bin/env
      - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
  before_script:
    - 'AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}'
    - 'AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}'
    - 'AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION}'
    - rm -rf .terraform
    - terraform --version

.base-infracost:
  image:
    name: infracost/infracost:latest
    entrypoint:
      - /usr/bin/env
  before_script:
    - 'AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}'
    - 'AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}'
    - 'AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION}'
  script: "/scripts/ci/diff.sh"
  variables:
    path: "."
    post_condition: '{"has_diff": true}'
#  - `'{"has_diff": true}'`: only post a comment if there is a diff. This is the default behavior.
#  - `'{"always": true}'`: always post a comment.

plan/aws:
  stage: plan
  extends: .base-terraform
  script:
    - cd aws; terraform init -backend-config us-west-2.backend.config; terraform plan -var-file=us-west-2.tfvars -out=aws.tfplan; terraform show -json aws.tfplan > plan.json
  dependencies:
    - validate/aws
  artifacts:
    expire_in: 1 day
    paths:
      - aws/aws.tfplan
      - aws/plan.json
  rules:
    - if: $CI_COMMIT_BRANCH
      changes:
        - aws/*

infracost-job:
  stage: infracost
  extends: .base-infracost
  variables:
    path: aws/plan.json
    terraform_plan_flags: -var-file=us-west-2.tfvars
  dependencies:
    - plan/aws
  rules:
    - if: $CI_COMMIT_BRANCH
      changes:
        - aws/*

When our pipeline runs a new change to our TF code, this is what our Pull Requests / Merge Requests is going to output as a comment:

Pull Requests-Merge Requests Output Comment

These variables needed to be define in our CI settings:

  GITLAB_TOKEN
INFRACOST_API_KEY
# AWS credentials, since we used a s3 bucket for the tfstate
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION

The Future of Infracost

Infracost ongoing development has a lot in store, such as supporting more resources for AWS, GCP, and Azure Cloud. In addition, while Infracost is currently limited to Terraform, there are already plans to support Pulumi and CloudFormation.

If you wish to learn more about what Infracost has to offer for the future, which resources it will support next, new features planned, bugs fixed, and more, be sure to check their roadmap for the latest updates.

Conclusion

Infracost proved to be an incredible tool to use together with Terraform. It is essential to any DevOps Engineer looking to optimize and understand the costs of changes in infrastructure, deployment of services, and more. However, the tool still has plenty of space to improve. Supporting other cloud providers such as Digital Ocean will be a great addition. Integration with Slack and support for remote tfstate are on our wish list.

You may also be interested in:

How to Integrate Infracost with Terraform Cloud

DevOps Engineer Salary: GCP Guide for 2021

How to Choose a Container Registry: The Top 9 Picks

Bluelight Consulting is a nearshore DevOps & Software Outsourcing company that helps startups, SaaS, and enterprises with cutting-edge solutions.

More cost-effective than hiring in-house, with Nearshore Boost, our nearshore software development service, you can ensure your business stays competitive with an expanded team and a bigger global presence, you can be flexible as you respond to your customers’ needs.

Learn more about our services by booking a free consultation with us today!

Let us solve your business’ biggest challenges

Book a free Consultation
Save 50+ hours of project time per developer on interviewing.
Tell us the skills you need and we'll find the best developer for your needs in days, not weeks.

Discuss your project with us today!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.