PHASE 03 // IMPLEMENT

recfo@implement:~/runbooks/s2-04
recfo@implement:~/runbooks/s2-04 $ cat README.md
S2-04 · Quantify Business Value · Planning & Estimating

Implement Shift-Left Cost Estimation

Why

Architecture decisions lock in costs for years. Feedback at the decision point changes behaviour — redesigning before merge is free, while post-deploy re-architecting is expensive. Without shift-left, engineers discover cost impact on the monthly invoice, 30 days too late.

What

Move cost estimation into the engineering workflow at three progressive levels: manual architecture review, automated CI/CD estimation (Infracost), and policy guardrails.

How

Level 1 — Architecture Review (Days 1–5, Manual)

Add a “Cost Impact” section to design docs / RFCs. Use cloud pricing calculators to estimate monthly cost. Document assumptions. FinOps reviews the estimate, challenges assumptions, and suggests alternatives (Graviton instances, spot for batch, serverless for variable load). Gate: cost estimate must be approved before implementation.

Level 2 — CI/CD Integration with Infracost (Days 5–12, Automated)

Infracost reads Terraform/OpenTofu plans and posts a cost diff directly on the pull request. No cloud credentials required.

# .github/workflows/infracost.yml
name: Infracost
on: [pull_request]
jobs:
  infracost:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup Infracost
        uses: infracost/actions/setup@v3
        with:
          api-key: ${{ secrets.INFRACOST_API_KEY }}
      - name: Generate Infracost diff
        run: |
          infracost diff \
            --path=. \
            --format=json \
            --out-file=/tmp/infracost.json
      - name: Post PR comment
        run: |
          infracost comment github \
            --path=/tmp/infracost.json \
            --repo=$GITHUB_REPOSITORY \
            --pull-request=${{ github.event.pull_request.number }} \
            --github-token=${{ secrets.GITHUB_TOKEN }} \
            --behavior=update

The PR comment shows: which resources changed, the monthly cost delta, and the total estimated cost. Engineers and reviewers see the impact before merge.

Level 3 — Policy Guardrails (Days 12–14, after trust is established)

Once teams trust the numbers (typically after a few months of Level 2), add cost thresholds:

ThresholdActionExample
<$500/month increaseAuto-approve. Comment for visibility.Adding a CloudWatch dashboard
$500–$5,000/monthRequire finops-reviewed labelNew RDS instance
>$5,000/monthBlock merge. FinOps + Finance sign-offNew EKS cluster or GPU workload

Don’t skip to Level 3 on day one. The progression is: awareness → automation → enforcement.

Deliverable Checklist

  • Cost Impact section added to design doc template
  • Infracost installed and configured in CI/CD pipeline
  • PR cost comments visible on Terraform pull requests
  • At least one team running Level 2 for 2+ weeks
  • Guardrail thresholds defined (Level 3, for later activation)