James Lane
·
October 7, 2025
·
Terraform

Stop Guessing at Cloud Costs With Overmind's Infracost Integration

Stop Guessing at Cloud Costs With Overmind's Infracost Integration

Infrastructure changes come with two kinds of risk: technical and financial. You've probably got the technical side covered with blast radius analysis, security scanning, and policy checks. But what about the cost impact?

That's where our new Infracost integration comes in. It doesn't just tell you how much a change will cost - it turns cost analysis into quantitative signals that sit alongside your other risk assessments, giving you one complete picture before you hit deploy.

The Problem with Cost Analysis Today

Most teams handle cost analysis separately from their other change review processes. You might run Infracost in your pipeline to see cost estimates, but that data lives in isolation. When you're reviewing a pull request, you're mentally juggling:

  • "This change affects 47 resources" (blast radius)
  • "We've got 2 policy violations" (governance)
  • "Monthly cost increases by $850" (financial impact)
  • "This resource type has caused issues before" (risk signals)

Each piece of information comes from a different place, and you're left trying to weight them against each other in your head. Is an $850 increase a big deal? Depends on whether it's a 5% bump or a 200% spike. And how does that stack up against the blast radius?

How It Actually Works

The integration converts cost changes into severity signals that combine with everything else Overmind's already tracking.

Here's the flow when you open a PR:

  1. Your GitHub Action runs the terraform plan like normal
  2. While Overmind's analyzing blast radius and risks, the Infracost action calculates cost changes in parallel
  3. Cost changes get converted into severity scores (-4 to +3) based on percentage increase
  4. Everything combines into one unified view

Here's the key bit: the scoring is completely configurable for your company. One organization might consider 15% a minor bump. Another might freak out at anything over 2%. It depends entirely on your scale and budget constraints.

With the default settings, a 15% increase gets a -1 (minor concern) and a 150% spike gets -4 (critical). But you can tune those thresholds to whatever makes sense for your setup. We'll get into that below.

Cost reductions generate positive signals too, so you can actually track when optimization work pays off.

The Severity Scale

Here's how cost changes get scored, out of the box with no additional configuration:

Your Change Severity What It Means
Costs more than double -4 Critical - investigate this
50-100% increase -3 High increase - needs review
20-50% increase -2 Moderate increase - worth discussing
5-20% increase -1 Minor increase - probably fine
Less than 5% change No signal Normal variation
5-20% decrease +1 Minor savings
20-50% decrease +2 Moderate savings
More than 50% decrease +3 Significant optimization

Changes under 5% don't generate signals - this keeps you focused on meaningful shifts instead of noise.

Setting It Up

Takes about 5 minutes. You're just adding one job to your GitHub Actions workflow.

What You'll Need

  • An Overmind account (free to sign up)
  • An Infracost API key (also free at infracost.io)
  • A GitHub repository with Terraform code
  • About 5 minutes

Basic Installation

Add this to your .github/workflows/terraform.yml:

name: Terraform with Cost Analysis
on:
 pull_request:
   types: [opened, synchronize, reopened]

jobs:
 # Your existing Overmind analysis
 terraform:
   runs-on: ubuntu-latest
   steps:
     - uses: actions/checkout@v4
     - uses: overmindtech/actions/install-cli@main
     - uses: overmindtech/actions/submit-plan@main
       with:
         ovm-api-key: ${{ secrets.OVM_API_KEY }}
         plan-json: ./tfplan.json

 # New cost analysis job
 cost-analysis:
   runs-on: ubuntu-latest
   steps:
     - uses: actions/checkout@v4
     
     - name: Setup Terraform
       uses: hashicorp/setup-terraform@v3
     
     - name: Generate Terraform Plan
       run: |
         terraform init
         terraform plan -out=tfplan
         terraform show -json tfplan > tfplan.json
     
     - uses: overmindtech/cost-signals-action@v1
       with:
         overmind-api-key: ${{ secrets.OVM_API_KEY }}
         infracost-api-key: ${{ secrets.INFRACOST_API_KEY }}
         terraform-plan-json: ./tfplan.json

Don't forget to add both API keys to your GitHub repository secrets.

The two jobs run in parallel, so cost analysis doesn't slow down your existing workflow.

Configuring Your Thresholds

The default settings work for most teams, but you might want to tune them based on your organization's needs.

Understanding the Default Thresholds

Out of the box, the integration uses:

  • 20% change threshold - Needs to increase or decrease by at least 20% to generate a signal
  • $500 absolute threshold - OR needs to change by at least $500/month
  • Both increase and decrease tracking - Positive signals for cost reductions, negative for increases

These defaults strike a balance between catching significant changes and avoiding alert fatigue.

When to Adjust Thresholds

Lower the percentage threshold if you're working with:

  • Tighter budget constraints
  • Early-stage infrastructure where small changes matter
  • Production environments where you want strict cost control

- uses: overmindtech/cost-signals-action@v1
 with:
   overmind-api-key: ${{ secrets.OVM_API_KEY }}
   infracost-api-key: ${{ secrets.INFRACOST_API_KEY }}
   threshold-percentage: 10  # More sensitive

Raise the percentage threshold if you have:

  • Large-scale infrastructure where 20% changes are routine
  • Development environments where cost fluctuations are expected
  • Lots of dynamic scaling that creates noise

- uses: overmindtech/cost-signals-action@v1
 with:
   overmind-api-key: ${{ secrets.OVM_API_KEY }}
   infracost-api-key: ${{ secrets.INFRACOST_API_KEY }}
   threshold-percentage: 50  # Less sensitive

Adjust the absolute threshold based on your monthly cloud spend:

  • Small infrastructure (< $10k/month): Lower to $100-200
  • Medium infrastructure ($10k-100k/month): Keep at $500
  • Large infrastructure (> $100k/month): Raise to $1000+

Different Rules for Different Environments

You'll want stricter thresholds in production than in dev:

# Production - strict
- uses: overmindtech/cost-signals-action@v1
 if: github.base_ref == 'main'
 with:
   overmind-api-key: ${{ secrets.OVM_API_KEY }}
   infracost-api-key: ${{ secrets.INFRACOST_API_KEY }}
   threshold-percentage: 10
   threshold-absolute: 200
   fail-on-threshold: true  # Actually block the PR

# Dev - relaxed
- uses: overmindtech/cost-signals-action@v1
 if: github.base_ref == 'develop'
 with:
   overmind-api-key: ${{ secrets.OVM_API_KEY }}
   infracost-api-key: ${{ secrets.INFRACOST_API_KEY }}
   threshold-percentage: 30
   threshold-absolute: 1000
   fail-on-threshold: false  # Just warn

Additional options

Only track increases (skip the decreases):

submit-on-decreases: false

Good if you only care about preventing overruns, not celebrating wins.

Switch the currency:

currency: EUR  # or GBP, USD, whatever

Block PRs that breach limits:

fail-on-threshold: true

Be careful with this - it's enforcement, not just information. Fine for prod, probably too strict for dev.

What It Looks Like

Once it's running, cost context shows up right in your PRs next to your other Overmind data.

Here's a typical comment:

Get Started

Ready to add cost signals to your infrastructure changes?

  1. Grab the GitHub Action: github.com/overmindtech/cost-signals-action
  2. Sign up for Infracost: infracost.io
  3. Full documentation: docs.overmind.tech

The integration takes about 5 minutes to set up, and you'll immediately start seeing cost context alongside your other change analysis.

Stop guessing at the financial impact of your infrastructure changes. See the complete picture before you deploy.