Anonymized, Secure, and Free Terraform Cost Estimation

There are some things you should know about infrastructure costs:

• How much does my infrastructure is going to cost before create?
• How much does my infrastructure cost after it is created (based on Terraform state)?
• What is the difference in the price comparing to the current infrastructure (based on Terraform plan)?
• Can I have cost estimation based on Terraform 0.7 state files? Yes, any version of Terraform state files is supported!

This is exactly why I started terraform-cost-estimation project while working on bigger modules.tf!

Anonymized, secure and free Terraform cost estimation based on Terraform plan (0.12+) or Terraform state (any version) – https://github.com/antonbabenko/terraform-cost-estimation

In a nutshell, infrastructure developer posts some input data to cost.modules.tf endpoint and receives a response containing costs summary:

$ terraform state pull | \
curl -s -X POST -H "Content-Type: application/json" -d @- https://cost.modules.tf/

{"hourly": "0.01", "monthly": "9.07"}

These are the supported input types:

• Terraform state file (as JSON)
• Terraform plan (as JSON)
• List of cost keys extracted from Terraform state or plan locally

I don't want to send my Terraform data, because I have secrets there!

I know you have them there, and there is a solution for this which I call client-side filtering using JQ.

It is the most secure way and it works like this – pass Terraform state or plan file through terraform.jq filter to extract so-called cost keys, and then submit them to get cost estimation without need to reveal any of your Terraform files.

$ curl -sLO https://raw.githubusercontent.com/antonbabenko/terraform-cost-estimation/master/terraform.jq

$ terraform state pull | jq -cf terraform.jq | \
curl -s -X POST -H "Content-Type: application/json" -d @- https://cost.modules.tf/

Cost keys do not contain any customer secrets or sensitive information (like AWS accounts, AWS keys, tags, names, AMI ID, IP addresses, etc). Cost keys are used only to get cost information.

In the following example cost keys for single EC2 instance, NAT Gateway and an Application Load Balancer in eu-west-1 region were extracted:

{"keys":["ec2#eu-west-1#t3.nano#shared#linux", "ec2#eu-west-1#nat", "ec2#eu-west-1#alb"]}

You can see complete examples and list of supported services here - https://github.com/antonbabenko/terraform-cost-estimation

Bonus: Run Terraform Cost Estimation from the browser

Terraform Cost Estimation

Anonymized, secure, and free Terraform cost estimation based on Terraform plan (0.12+) or Terraform state (any version)

Remember to star&watch this project on GitHub, and share this project with your connections!

antonbabenko/terraform-cost-estimation

Anonymized, secure and free Terraform cost estimation based on Terraform plan (0.12+) or Terraform state (any version) - antonbabenko/terraform-cost-estimation

GitHubantonbabenko