|
| 1 | +--- |
| 2 | +title: "Create Golden Paths" |
| 3 | +--- |
| 4 | + |
| 5 | +# Create Golden Paths |
| 6 | + |
| 7 | +Golden paths are a foundational element of effective platform engineering They're your organization's standardized, opinionated way of doing things that developers actually want to use. Think of them as the "happy path" that guides developers toward best practices while eliminating decision fatigue and reducing cognitive load. |
| 8 | + |
| 9 | +## Why Golden Paths Matter |
| 10 | + |
| 11 | +As a platform engineer, you're constantly balancing standardization with developer productivity. Golden paths solve this by providing: |
| 12 | + |
| 13 | +- **Consistency at scale**: Every team follows the same patterns, making your platform predictable and maintainable |
| 14 | +- **Reduced cognitive load**: Developers don't waste time deciding between 47 different ways to create a service |
| 15 | +- **Built-in compliance**: Security, observability, and operational requirements are baked into the path |
| 16 | +- **Faster onboarding**: New developers can be productive immediately without learning tribal knowledge |
| 17 | +- **Reduced support burden**: Fewer "how do I..." questions and fewer production issues from misconfigurations |
| 18 | + |
| 19 | +## The Golden Path Philosophy |
| 20 | + |
| 21 | +Golden paths aren't designed to restrict choice, they're focused on making the right choice the easy choice. When you provide a clear, well-documented approach that follows your organization's standards, developers will naturally gravitate toward it because it's easier, faster and safer than figuring things out on their own. |
| 22 | + |
| 23 | +The best golden paths are: |
| 24 | +- **Opinionated but flexible**: Clear defaults with escape hatches for edge cases |
| 25 | +- **Self-service**: No tickets, no approvals, just instant gratification |
| 26 | +- **Well-documented**: Clear examples and troubleshooting guides |
| 27 | +- **Continuously improved**: Feedback loops that make the path better over time |
| 28 | + |
| 29 | +## From Chaos to Clarity |
| 30 | + |
| 31 | +Without golden paths, you get: |
| 32 | +- 47 different ways to create a service |
| 33 | +- Inconsistent security configurations |
| 34 | +- Missing observability instrumentation |
| 35 | +- Production issues from misconfigurations |
| 36 | +- Endless support requests |
| 37 | + |
| 38 | +With golden paths, you get: |
| 39 | +- A few approved patterns to do the majority of things correctly |
| 40 | +- Consistent, secure, observable services |
| 41 | +- Happy, productive developers |
| 42 | +- More time for platform innovation |
| 43 | + |
| 44 | +Golden paths transform your platform from a collection of tools into a cohesive developer experience that scales with your organization. |
| 45 | + |
| 46 | +## Our Opinions on Golden Paths |
| 47 | + |
| 48 | +### Scaffold New Respositories and Services |
| 49 | + |
| 50 | +There is no better opportunity to set up developers up for success, than a greenfield use case, where the developer is configuring a new repository or service. At this point, you as a platform engineer can give them all the best configuration out of the box, such that it's easier for them to ship their code with confidence from the outset. |
| 51 | + |
| 52 | +<iframe |
| 53 | + width="560" |
| 54 | + height="315" |
| 55 | + src="https://www.youtube.com/embed/sE6XI0XDtQI" |
| 56 | + title="Scaffolding with Port" |
| 57 | + frameborder="0" |
| 58 | + allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" |
| 59 | + allowfullscreen |
| 60 | +></iframe> |
| 61 | +
|
| 62 | +- [Scaffold a New Service](../../guides/all/scaffold-a-new-service) |
| 63 | +- [Scaffold Repo with Cookiecutter](../../guides/all/scaffold-repositories-using-cookiecutter/) |
| 64 | +- [Scaffold Bitbucket Repo with Cookiecutter](../../guides/all/scaffold-bitbucket-using-cookiecutter/) |
| 65 | +- [Deploy New Service and Infra](../../guides/all/create-eks-cluster-and-deploy-app/) |
| 66 | + |
| 67 | +### Cloud Resources |
| 68 | + |
| 69 | +#### Architectural Patterns |
| 70 | + |
| 71 | +Before diving into guides, it's important to pause and outline the two general patterns that exist for self-service actions (for Cloud Resources). With the adoption of Infrastructure as Code, many organizations maintain that the source-of-truth for their infrastructure configuration in their Git repositories, rather than in their cloud environments directly. |
| 72 | + |
| 73 | +It's important to build self-service that conforms with your organizational standards and best practices. Failing to match your ways of working will just lead to further resource sprawl and complexity for your Platform Engineering team. |
| 74 | + |
| 75 | +We'll explore 2 types of self-service below - RESTful Self-Service and Gitops-based Self-Service. |
| 76 | + |
| 77 | +##### RESTful Self-Service |
| 78 | + |
| 79 | +RESTful self-service actions directly create resources in your cloud provider or other upstream systems through their APIs. This approach is straightforward and immediate—when a developer requests a resource through Port's self-service interface, the action makes API calls to create the resource directly in the target system (like AWS, Azure, or GCP). This pattern works well for organizations that prefer direct resource creation or when you need immediate provisioning without the overhead of Git-based workflows. The trade-off is that you lose the audit trail and version control benefits that come with GitOps, but you gain simplicity and speed for teams that don't need the full GitOps workflow. |
| 80 | + |
| 81 | +- [Create an S3 Bucket via Webhook](../../guides/all/s3-using-webhook) |
| 82 | + |
| 83 | +##### GitOps-based Self-Service |
| 84 | + |
| 85 | +GitOps-based self-service actions create resources by leveraging your existing Infrastructure as Code (IaC) files and modules. Here, an existing GitOps pipeline (like ArgoCD, Flux, or Terraform Cloud) picks up the changes and provisions the resources in the target cloud environment. This approach maintains the benefits of version control, audit trails, and the ability to review changes through pull requests, while still providing developers with a streamlined self-service experience. The trade-off is that resource creation takes longer due to the GitOps pipeline cycle, but you gain better governance, compliance, and the ability to enforce organizational standards through code review processes. |
| 86 | + |
| 87 | +- [Create Cloud Resource Using IaC](../../guides/all/create-cloud-resource-using-iac) |
| 88 | +- [Deploy S3 Bucket CrossPlane](../../guides/all/deploy-s3-bucket-crossplane) |
| 89 | + |
| 90 | +### Create Secrets |
| 91 | + |
| 92 | +Secret leakage remains a huge issue in the industry. The fact that developers have to manually handle secrets is like a process in a nuclear plant requiring the manual handling of uranium. It's an error prone workflow, that often leads to a security incident and in worse cases, supply chain security issues and data loss. |
| 93 | + |
| 94 | +The best protection against secret leakage is the design of a secure workflow, in which secrets are securely handled and developers are unlikely to make an error. |
| 95 | + |
| 96 | +- [Create GitHub Secret](../../guides/all/create-github-secret/) |
| 97 | +<iframe |
| 98 | + width="560" |
| 99 | + height="315" |
| 100 | + src="https://www.youtube.com/embed/QO45jaeAA2o" |
| 101 | + title="Secure Secrets Management" |
| 102 | + frameborder="0" |
| 103 | + allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" |
| 104 | + allowfullscreen |
| 105 | +></iframe> |
0 commit comments