What are Resources?

Resources are the foundation of your Tempest developer platform. A resource represents any infrastructure component, service, or account that you need to provision and manage programmatically. From cloud infrastructure to user accounts, if it can be controlled via API or code, it can be modeled as a resource. While commonly used for infrastructure objects like compute instances or storage buckets, resources are flexible enough to manage everything from service accounts to deployment namespaces. Resources serve three key purposes:
  1. Managing the complete provisioning lifecycle of objects and services
  2. Defining metadata and taxonomy for your software catalog
  3. Providing schemas and configuration options for self-service recipes
Resources bridge the gap between your raw infrastructure and your organized developer platform. Whether you’re using built-in Resources or creating custom ones, they ensure consistent management, visibility, and governance across your entire platform.
Resources are organized under Apps, which generally represent the provider of a resource. For example, the AWS app offers resources to manage EC2 and S3. Tempest comes equipped with built-in apps and resources for the most common infrastructure providers and tools across commercial and open source. If you need to manage a resource that isn’t supported by Tempest yet, you can create your own custom apps and resources or request a new one from the Tempest team.

Built-in Taxonomy

A consistent taxonomy is essential for organizing your software catalog effectively. Tempest resources include a comprehensive taxonomy system that works out of the box while remaining customizable for your specific needs.
Built-in apps come with pre-configured taxonomy settings. When creating Private Apps, you have full control over your resource taxonomy.

External ID

The unique identifier used by the external provider. For example:
  • AWS EC2: The instance ID
  • GitHub Repository: The repository URI (e.g., github.com/tempestdx/sdk-go)
Tempest uses this ID along with provider information and internal globally unique IDs to track and sync resource state.

Display Name

This is the name of the resource that will be displayed in the software catalog. It’s a human-readable name that you can customize to your needs. For instance, Amazon EC2 instance IDs are unique, but generally difficult to read. You can set the display name to the EC2 instance name, which is more readable and meaningful.

Properties

Properties define resource-specific metadata tracked in your software catalog. These are customizable fields that capture important characteristics of your resources. Examples include:
  • EC2 instance: Instance type, region, availability zone
  • Database: Engine version, storage capacity, backup retention
  • Repository: Programming language, team owner, compliance level

Types

Resource types provide high-level categorization of your resources. Tempest includes commonly used types such as:
  • compute: Processing resources like virtual machines or containers
  • storage: Data storage services like object stores or block volumes
  • database: Managed and self-hosted database instances
  • repository: Code and artifact repositories

Lifecycle Stage

Resource lifecycle stage is a way to categorize which part of the DevSecOps lifecycle your resource serves. For instance, our built-in GitHub repository resource is categorized in the Code stage. Here is are the lifecycle stages a resource can be categorized in:
  • code
  • test
  • build
  • deploy
  • operate
  • monitor
Links centralize important URIs related to your resource. Each resource can have multiple links of different types:
  • documentation: User guides, API docs, internal wikis
  • administration: Management consoles, control panels
  • support: Ticketing systems, SLA documentation
  • endpoint: API endpoints, service URLs
  • external: Monitoring dashboards, analytics tools