FinOps Hub — Autonomous FinOps Analyst
Ask your cloud-cost data a question in plain English. FinOps Hub turns it into validated SQL over a Databricks warehouse and returns a summary, charts, and the exact steps it ran.
Cloud and AI spend grows faster than anyone can track, and the people who own the budgets usually can't write SQL. Answering “what's driving our spend and what looks wrong” took an analyst hours, or it showed up as a surprise bill nobody caught in time.
A hybrid agent that turns plain-English questions into read-only SQL. It runs deterministic template SQL when a metadata route exists and generates SQL with an LLM when one doesn't. The LLM only handles understanding the question and writing the summary.
Non-technical stakeholders answer their own cost questions in seconds. Every answer ships with a summary, interactive charts, and a reasoning trace that shows the SQL it ran, and a live dashboard flags anomalies.
Hybrid SQL engine
The agent prefers free, deterministic SQL and only calls the LLM when it has to. A question runs through staged steps, and every step is observable and can be corrected on its own.
- Route the question: analytics or general chat, with an LLM fallback
- Plan: break it into one or more intents that run in parallel
- Generate: template SQL when a metadata route exists, otherwise LLM SQL
- Validate: apply read-only guards and a row limit before anything runs
- Execute: fresh connection, cached results, one auto-correcting retry
- Summarize: turn the rows into a short executive answer
Safety and determinism
SQL is read-only and guarded: no DML or DDL, no SELECT *, no multi-statements, no raw bronze or silver scans, and always a row limit. A full-response cache keyed on the question returns the same answer for the same question, instantly. Every answer shows the SQL and the steps behind it.
The product
A Next.js app with a streaming assistant that shows the engine plan, query, and summarize live over SSE. It keeps multi-chat history, an animated KPI dashboard (monthly trend, spend by environment and platform, top cost drivers, and anomalies you can click to open in the assistant), CSV upload preview, and JWT auth that can swap to Microsoft Entra ID SSO.
Data foundation
A Databricks bronze, silver, and gold warehouse sits underneath. Gold marts drive workload attribution, anomaly detection, trend analysis, and reporting. Metric formulas live in the warehouse, and all costs are in USD.
Where it's going
The architecture is decoupled, so each next step is a new endpoint and view rather than a rewrite: CSV and file Q&A, then RAG that grounds answers in FinOps policy and docs, then ML for forecasting and anomaly scoring, then multi-tenant SaaS.