TurboFinOpsTurboFinOps
Docs/Approve a Savings Action

How to

How to approve and verify a savings action

Convert detected waste into an approved, auditable remediation and a receipt-ready verification trail.

Back to How To Guides

Roles and Guardrails

Allowed roles: Admin, FinOps, Security. Action requests go through conflict checks, and most actions default to manual approval mode.

Admin

Can approve or reject actions and override policy when explicitly allowed.

FinOps

Can request cost remediation and review projected savings.

Security

Can request exposure and control-gap remediation.

Execution Workflow

  1. 1. Open the action from `Today`, `Savings`, or the supporting finding view.
  2. 2. Confirm monthly savings, impacted resource, owner, confidence, and recommended action type.
  3. 3. Submit action request (or execute now if policy allows).
  4. 4. Approve request if pending approval chain.
  5. 5. Track status in `Actions` until `completed` or `failed`.
  6. 6. Re-scan the scope when the provider action changes cloud state, then watch the receipt checkpoints.

Conflict Checks

Before execution, TurboFinOps checks for IaC ownership tags, freeze windows, policy protection flags and ticket requirements. If a conflict is detected, the action is blocked or sent back for explicit Admin review depending on organization policy.

IaC ownership

Resources tagged as managed by Terraform, Pulumi or another IaC tool should usually be fixed in source control.

Freeze window

Production or audit freeze periods prevent accidental changes during sensitive windows.

Policy protection

Critical resources can be protected from automated mutation even when a finding exists.

Ticket requirement

Some actions may require a Jira or ServiceNow reference before approval.

Verification

  • Action execution contains provider response metadata.
  • Savings baseline is captured before or during the action workflow.
  • Receipt checkpoints verify 7/14/30-day observed cost deltas.
  • Audit logs include actor, correlation ID, and execution timestamps.
  • Receipt, evidence, or export records can be generated for finance and audit review.

Rollback Path

For compatible actions, rollback plans are attached to execution records. Use rollback controls from `Actions` page to restore previous state when needed.

Get started

Find recoverable spend before the next invoice lands.

Connect one AWS, Azure or GCP scope, approve the safest savings actions, and give finance a receipt when the savings verify.

Read-only scan first. Approval gates before remediation.
Connect a cloud scopeSee pricing