Skip to main content

Golden paths & the paved road

Lesson 7.1 named the disease: every team re-solving the same plumbing, slowly and inconsistently. This lesson gives you the cure's central design concept — the golden path (also called the paved road). It is the single idea that makes a platform usable, and getting its shape right is most of the craft of platform engineering.

What a golden path is

A golden path is an opinionated, well-supported, secure-by-default way to do a common task — the recommended route, fully paved, with guardrails. "Deploy a web service." "Create a database." "Spin up a new microservice." For each, the platform offers one blessed workflow that already encodes the right choices, so the developer doesn't have to make (or even know about) the fifty decisions underneath.

The defining test of a golden path is one sentence:

It makes the right thing the easy thing.

The right way to do something — secure, observable, cost-aware, consistent — should also be the path of least resistance. If doing it correctly is harder than doing it wrong, developers will do it wrong, and you can't blame them. A golden path inverts that: the correct, safe choice is also the fastest, lowest-effort one.

Developer:\n'I needa new serviceScaffoldfrom\ntemplatePipeline +\nGitOpswiredLogs,metrics,\ndashboardsby defaultSecurity &\npolicybaked inGP

The developer makes one request and travels a paved road; the platform supplies the load-bearing structure beneath it.

The "paved road" metaphor, taken seriously

The metaphor (popularized at Netflix) is worth unpacking because each part maps to a design rule:

  • It's paved — smooth, fast, maintained. Travelling it is the path of least resistance.
  • It's a road, not a wall — it guides, it doesn't imprison. You're free to go off-road.
  • Off-road is allowed, but unsupported. This is the crucial nuance. A team with a genuinely unusual need can leave the paved road — but then they own the maintenance, the on-call, and the risk themselves. The platform doesn't forbid divergence; it just makes the supported path so much easier that ~90% of teams happily stay on it, and the 10% who leave do so deliberately, with eyes open.

That escape hatch is what separates a paved road from a mandate. A platform that forces one way breeds resentment and shadow workarounds; a platform that makes one way delightful earns adoption. (This connects directly to the non-adoption failure mode from 7.1: you win by being the best option, not the only one.)

:::tip Opinionated is a feature, not a bug New platform builders often try to support every option to please everyone, and produce a configurable mess that helps no one. The opposite is correct: a golden path is valuable because it's opinionated — it has already made the hard choices (this database, this deploy pattern, these defaults). Constraint is the gift. "You can have any setup you want" is not a paved road; it's the original swamp with extra steps. :::

Secure- and observable-by-default

The phrase "secure by default" means the safe configuration is what you get when you do nothing special — you have to go out of your way to be insecure, not out of your way to be secure. A golden path bakes this in: a service scaffolded from the path already has least-privilege IAM, encryption on, no public database, and sane network policy — not because the developer remembered, but because the path did.

The same applies to observability (Chapter 6): travel the golden path and you get structured logs, metrics, and a starter dashboard for free, because the path wired them in. The developer who would never have set up monitoring on their own now has it automatically.

This is the strategic payoff platform teams sell to leadership: a golden path is how you make good practices scale without a human gatekeeper. Security and reliability stop being a review someone must remember to perform and become a property of the road itself. We return to this in Chapter 8 — golden paths are the mechanism for scaling security.

A worked contrast

Make it concrete. A developer needs a new service with a database.

Without a golden path (raw tools exposed):

  1. Copy another team's Dockerfile; hope its base image isn't stale or vulnerable.
  2. Hand-write five Kubernetes manifests; guess at resource limits and probes.
  3. Write Terraform for a database; accidentally leave it on a public subnet.
  4. Forget network policy and dashboards entirely.
  5. Two days later, ship something inconsistent and quietly insecure.

With a golden path:

  1. Open the portal, choose "New service (Java + Postgres)", type a name.
  2. The scaffolder generates the repo, manifests, pipeline, and a Terraform module call for a private database — all to the org's reviewed standard.
  3. Logs, metrics, and a dashboard are wired in by default; IAM is least-privilege.
  4. Fifteen minutes later, a secure, observable service is running — and it looks like every other service, so any engineer can navigate it.

Same developer, same goal. The difference isn't talent; it's whether the platform paved the road. (The "choose a template, type a name" step is exactly what a software template / scaffolder does — the subject of 7.4.)

Common pitfalls

  • No golden paths at all. Exposing raw Kubernetes and Terraform to product developers is the anti-pattern — it maximizes cognitive load and guarantees inconsistency. A "platform" that's just direct access to the underlying tools isn't a platform.
  • A wall instead of a road. Mandating one path with no escape hatch breeds resentment and shadow IT. Win by being easiest, not by forbidding alternatives.
  • Too many paths. If there are fifteen "blessed" ways to deploy, there's effectively none. A golden path is golden because it's singular and opinionated.
  • Paving the wrong road. A beautiful path for a workflow nobody runs is wasted effort. Pave the common journeys first — find them by researching what developers actually do (the product mindset from 7.1).
  • Set-and-forget. Roads need maintenance. A golden path that rots (stale base images, deprecated APIs) silently pushes teams off-road. Owning it continuously is the product commitment from 7.1.

Why it matters

A golden path (paved road) is an opinionated, self-service, secure-by-default workflow for a common task that makes the right thing the easy thing — the safe, observable, consistent choice is also the path of least resistance. Its power comes from being opinionated: it has already made the hard decisions so developers don't carry them. Crucially it's a road, not a wall — off-road is permitted but unsupported, so you win adoption by being the best option rather than the only one. Golden paths are also how security and observability scale without a gatekeeper, because they become properties of the road itself. Next: who gets to walk these roads whenever they want — the shift to true self-service and the team model that sustains it.

Next: 7.3 Self-service & the platform team operating model →