Dependabot for Cloud Waste , Governance & Security
LeftSize runs inside your GitHub workflows to detect cloud inefficiencies and risks — without storing credentials or installing agents.
Shift FinOps, Governance, and Security left — right where developers work.
15 idle VMs detected — save $2,100/month
💰 cost azure
These VMs have been idle for 14+ days. Use @leftsize explain, @leftsize howtofix, or @leftsize scripts azure-cli to get guidance.
Free during beta • No credit card required
Comprehensive cloud optimization
More than just FinOps — detect cost, governance, and security issues across AWS and Azure in one place.
Cost Optimization
Detect idle VMs, unattached disks, orphaned resources, and missing savings plans. Identify waste before it becomes expensive.
- Idle VMs (14+ days low CPU)
- Unattached disks and public IPs
- Missing Azure Hybrid Benefit
- Oversized or underutilized databases
Governance & Compliance
Enforce tagging policies, track ownership, and catch configuration drift. Keep your cloud organized and accountable.
- Missing owner/cost-center tags
- Storage accounts without HTTPS
- Unencrypted managed disks
- Non-compliant AKS configurations
Security & Risk
Find open security groups, public blob access, and deprecated services before they become incidents.
- Overly permissive NSG rules
- Public blob container access
- Deprecated VM SKUs (NVv4)
- Functions runtime deprecations
65+ policies across AWS and Azure, expanding weekly — covering compute, storage, Kubernetes, networking, databases, and deprecations.
Cloud waste, governance, and security are broken for most teams
Existing tools fail because they're disconnected from where developers work
For Developers
- Out-of-band emails feel punitive and interrupt workflow
- Dashboards require context-switching
- Unsure what's safe to change
For Platform / FinOps Teams
- FinOps dashboards are ignored by developers
- Security and governance reviews happen too late
- Credential-based SaaS scanners create trust barriers
LeftSize fixes this by operating securely within your own pipelines — surfacing issues as GitHub Issues, not in yet another dashboard.
How it works
Three simple steps to start detecting cost, governance, and security issues
Install the GitHub App
Select which repositories to scan. No infrastructure installation required.
Add a workflow file
Runs LeftSize scan with your credentials (kept in GitHub Actions). Supports AWS and Azure.
Receive actionable GitHub Issues
Cost, governance, and security findings appear automatically in your repo with clear explanations.
Your credentials stay in your control
No credentials leave your GitHub Actions environment.
No agents or external cloud access required
Built on OIDC and short-lived tokens for AWS & Azure.
Secure by default
Your credentials stay under your control — LeftSize never stores or accesses them
GitHub Actions
Your Cloud
LeftSize
Metadata only
GitHub Actions
Your Cloud
LeftSize
Metadata only
Only findings metadata (IDs, cost data) sent to LeftSize — no credentials, no full resource data
Scans run inside your GitHub Actions
Using your own cloud credentials via OIDC or GitHub secrets.
No credential storage
LeftSize never receives, stores, or has access to your cloud credentials.
No external service installation
No agents, no external cloud access required. Just a GitHub workflow.
Built on OIDC and short-lived tokens
Supports AWS and Azure best practices for credential management.
Only lightweight metadata shared
Resource IDs, cost data, and configuration metadata — not full resource data.
Full audit visibility
You control what data leaves your environment via GitHub Actions logs.
Developer experience
See how LeftSize works in practice — with interactive commands and context-aware guidance
Idle Dev VMs
Issue: "15 VMs idle for 14+ days — potential savings identified"
Commands: @leftsize explain,
@leftsize howtofix
Result: Clear guidance for safe cleanup
Missing Tags
Issue: "200 resources without owner tags"
Commands: @leftsize scripts azure-cli
Result: Bulk tagging script with audit trail
Open Security Groups
Issue: "NSG allows 0.0.0.0/0 on SSH/RDP ports"
Commands: @leftsize explain,
@leftsize howtofix
Result: Step-by-step security remediation
Retiring VM SKUs
Issue: "NVv4 series VMs retiring Sept 2025"
Commands: @leftsize explain
Result: Migration path with timeline
Missing Hybrid Benefit
Issue: "SQL Server VMs without Hybrid Benefit"
Commands: @leftsize scripts azure-cli
Result: Script to enable benefit
AKS Without Autoscaling
Issue: "AKS clusters without node autoscaler"
Commands: @leftsize howtofix
Result: Autoscaler configuration guide
Simple workflow setup
name: LeftSize Scan
on:
schedule:
- cron: '0 9 * * *' # Daily at 9 AM
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: leftsize/scan-action@v1
with:
cloud: azure
# Credentials stay in GitHub Actions
Works entirely in GitHub — no new dashboard required
Why teams choose LeftSize
Shift cloud optimization left — where developers already work
Zero Credential Storage
Runs in your GitHub Actions — we never see or store your cloud credentials
Comprehensive Coverage
Cost, governance, security, and deprecation checks across AWS and Azure
GitHub Native
Issues created where you already work — no new dashboard to check
Quick Setup
Install the GitHub App, configure your workflow, and start scanning
Built for platform engineers who care about developer experience
Instead of drowning developers in FinOps dashboards, LeftSize brings
actionable recommendations to pull requests and issues — complete with
@leftsize explain
and @leftsize howtofix
commands for context-aware guidance.
Simple pricing, for everyone
Start free with essential cost optimization. Upgrade to Pro for comprehensive coverage across security, governance, and deprecation alerts.
Free
Perfect for trying out LeftSize on a small project.
$0
- Up to 3 repositories
- 12 cost optimization rules
- 6 AWS + 6 Azure policies
- GitHub Issue creation
- @leftsize commands
Pro
For teams serious about cloud optimization and security.
$29 /month
- Unlimited repositories
- 40+ rules across all categories
- Cost optimization (advanced)
- Security & compliance rules
- Governance & tagging policies
- Deprecation alerts
- Usage insights & KPIs dashboard
- Priority support
Compare plans
| Feature | Free | Pro |
|---|---|---|
| Repositories | 3 | Unlimited |
| Total rules | 12 | 40+ |
| Cost optimization | ||
| Security rules | ||
| Governance & tagging | ||
| Deprecation alerts | ||
| @leftsize commands | ||
| Usage insights & KPIs | ||
| Priority support |
Ready to optimize your cloud?
Start finding cloud waste, governance gaps, and security risks in minutes. Free during beta.
No credit card required • Works with your existing GitHub workflows