Why Resourcely?

Resourcely is a configuration platform for deploying secure-by-default infrastructure. With Resourcely:

• Developers can have a paved road to production with blueprints

• Platform and security teams can customize and secure their configuration patterns at scale

Core concepts

Resourcely has two primary concepts: blueprints and guardrails.

Blueprints

Blueprints are customizable templates for configuring infrastructure securely, at scale.

Platform and security teams set up blueprints based on their organization's requirements, developers select configuration options, and Terraform code is automatically generated.

Guardrails

Guardrails are rules that keep your infrastructure secure.

Platform and security teams configure policies, and then Resourcely enforces those guardrails on every infrastructure configuration request submitted in Resourcely. Examples include requiring approval for any resource deletions, never allowing a database to be deployed with open access to the internet, or requiring proper networking configuration for serverless infrastructure.

Creating blueprints & guardrails

Blueprints can be created using an intuitive templating language, or via the Foundry.

Guardrails can be written using Resourcely's Really policy-as-code language, or created via the Foundry (coming soon).

First blueprint

Let's create your first blueprint! This is a customizable template that you or others will use to configure infrastructure, securely and at scale.

Navigate to the Foundry

The Resourcely Foundry is a simple UI for configuring blueprint templates. Find it on the left panel menu and navigate there.

Select a Blueprint starter

Choose the blueprint dropdown to select a starting point from Resourcely's blueprint library. We'll use a blob storage example, in this case with AWS S3. Search for s3 and select "Basic S3 bucket" from the dropdown. Click "Create Blueprint" and then "Clone Blueprint".

Review and make changes

The blueprint is automatically created with the template below. This is a basic implementation of an S3 bucket that will allow a developer to provide a bucket name, with a version configuration status.

You can try editing this template. For advanced formatting and syntax, check out Authoring Your Own Blueprints.

```tft
---
constants:
  __name: "{{ bucket }}_{{ __guid }}"
---

resource "aws_s3_bucket" "{{ __name }}" {
  bucket = "{{ bucket }}"
}

resource "aws_s3_bucket_public_access_block" "{{ __name }}" {
    bucket = aws_s3_bucket.{{ __name }}.id

    block_public_acls       = true
    block_public_policy     = true
    ignore_public_acls      = true
    restrict_public_buckets = true
}

resource "aws_s3_bucket_ownership_controls" "{{ __name }}" {
  bucket = aws_s3_bucket.{{ __name }}.id

  rule {
    object_ownership = "BucketOwnerEnforced"
  }
}

resource "aws_s3_bucket_versioning" "{{ __name }}" {
    bucket = aws_s3_bucket.{{ __name }}.id
    versioning_configuration {
        status = "{{ versioning_configuration_status }}"
    }
}

```

Developer Experience and Terraform

To preview what a developer would see with the above template, navigate to the Developer Experience tab.

To see what the generated Terraform would look like, click the Terraform tab.

Customizing guardrails

Guardrails are rules that the Resourcely engine enforces, acting as a policy enforcement engine.

In the Foundry UI, click Customize Guardrails. Here you can apply and inspect applicable guardrails that govern the pull requests that developers will make using this blueprint.

Finish

Optionally, you can define metadata and attach ontext - but as this is your first blueprint, just click Create Blueprint top publish it for your developers to use!

Submitting pull requests using Blueprints

Developers will interact with blueprints by submitting pull requests using them. Resourcely allows the developer to pick from a set of customizable options via blueprints, and then Terraform code is automatically generated with secure and customized configuration, and submitted.

Selecting from the shopping cart

Navigate to the "Pull requests" option on the left menu pane and, continuing our theme from above, search for "S3". Click the + button next to "Basic S3 bucket", and then hit continue.

Configuring your resource

From here, Resourcely will ask you to select your repository. If this has not already been set up, please refer to Source Code Management.

Below the repository configuration, fill out the blueprint fields to finish configuring your resource and then click Continue.

Previewing the pull request

After clicking Continue, the automatically generated Terraform code is previewed for you. This has been generated based on security best practices and your organization's custom changes to the blueprint you used. In this case, we're only using an example for illustration purposes.

Review and confirm

After clicking continue, you can name your PR, give it a description, and then submit it in order to progress through your CI/CD process, pass any approvals, be merged, and generate the infrastructure you created.

To learn more about blueprints, guardrails, and using them to securely scale your infrastructure configuration, read more in Tutorials and guides.