Platform Engineering and Internal Developer Platforms: The DevOps Evolution
How platform engineering teams build Internal Developer Platforms (IDPs) to reduce cognitive load, standardize infrastructure, and let developers ship faster.
Platform Engineering and Internal Developer Platforms: The DevOps Evolution
For years, DevOps promised that developers would own their infrastructure — “you build it, you run it.” The reality for many teams: developers drowning in YAML, fighting Kubernetes configs, spending more time on infrastructure than features.
Platform engineering is the answer the industry landed on. Instead of throwing infrastructure complexity at every developer, a dedicated platform team builds Internal Developer Platforms (IDPs) — curated, opinionated layers that make the right thing the easy thing.
This isn’t a retreat from DevOps. It’s DevOps maturing.
What Is an Internal Developer Platform?
An IDP is an opinionated, self-service layer that sits between developers and underlying infrastructure. It bundles:
- Environment provisioning
- Deployment pipelines
- Service catalogs
- Secret management
- Monitoring and observability
- Access control
Developers interact with the IDP rather than directly with Kubernetes, AWS, or Terraform. The platform team owns the IDP. Developers own their applications.
The key word is self-service. An IDP isn’t a ticketing system where you request a database and wait 3 days. It’s a platform where you click “create PostgreSQL” and have a production-ready instance in minutes, with backups, monitoring, and networking pre-configured.
The Cognitive Load Problem
A typical microservices team in 2024 needs to understand:
- Kubernetes (deployments, services, ingress, RBAC, PVCs)
- Helm or Kustomize
- CI/CD pipeline configuration
- Container registries
- Secret management (Vault? AWS Secrets Manager? Sealed Secrets?)
- Observability (metrics, logs, traces — each with their own SDKs and configs)
- Cloud networking and IAM
This is too much. Each piece has nuance, failure modes, and best practices. Expecting every developer to master all of it results in inconsistency, outages, and burned-out engineers.
Platform engineering reduces cognitive load by abstracting the hard parts.
Golden Paths
The central concept in platform engineering is golden paths (sometimes called paved roads): pre-built, opinionated templates for common use cases.
A golden path for a new service might include:
- GitHub repo with standardized structure
- Pre-configured CI pipeline (lint, test, security scan, build, push)
- Kubernetes manifests with sensible resource limits and health checks
- Pre-wired logging (structured, to the right aggregator)
- Pre-wired metrics (prometheus scraping configured)
- Pre-wired distributed tracing
- Secret injection wired up
A developer follows the golden path and gets all of this without configuring any of it. They write code; the platform handles the rest.
Golden paths are not mandates. Teams can deviate when they have good reasons. But the default path should be so good that deviation rarely makes sense.
Backstage: The IDP Framework
Backstage, open-sourced by Spotify, has become the de facto platform for building IDPs. It provides:
Software Catalog
A registry of every service, library, pipeline, and resource your organization owns:
# catalog-info.yaml (lives in every repo)
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: payment-service
description: Handles payment processing
tags:
- payment
- critical
annotations:
github.com/project-slug: myorg/payment-service
prometheus.io/dashboard: payment-metrics
spec:
type: service
lifecycle: production
owner: payments-team
system: checkout
dependsOn:
- component:order-service
- resource:payment-postgresThis YAML in your repo registers the service in the catalog automatically. Every team’s services become discoverable with ownership, dependencies, and runbooks linked.
Software Templates (Scaffolder)
One-click service creation with full golden path setup:
apiVersion: scaffolder.backstage.io/v1beta3
kind: Template
metadata:
name: new-python-service
title: New Python Microservice
spec:
parameters:
- title: Service Info
properties:
serviceName:
type: string
title: Service Name
team:
type: string
title: Owning Team
steps:
- id: fetch-template
action: fetch:template
input:
url: ./skeleton
values:
serviceName: ${{ parameters.serviceName }}
- id: create-repo
action: github:repo:create
- id: create-pipeline
action: github:actions:dispatch
input:
workflowId: setup-new-service.ymlDevelopers fill in a form; Backstage creates the repo, sets up CI, registers the service in the catalog, and configures monitoring.
TechDocs
Documentation-as-code, rendered automatically from markdown in repos and surfaced in Backstage. No more “where’s the runbook?” — it’s in the catalog, next to the service.
Platform Engineering in Practice
Environment Management
Modern IDPs abstract environment provisioning. Instead of manually creating namespaces, setting up RBAC, and configuring network policies, developers request environments through the platform.
Crossplane is popular for this: Kubernetes-native infrastructure provisioning that lets you define cloud resources as CRDs.
# Developer requests a PostgreSQL database
apiVersion: database.platform.io/v1alpha1
kind: PostgreSQLInstance
metadata:
name: my-service-db
spec:
size: small
environment: production
team: paymentsThe platform team defines what “small” means, what “production” means, which cloud provider to use, backup policies, network configuration. The developer just says what they need.
Deployment Abstractions
Tools like Score (CNCF project) let developers define workloads once and have the platform translate to Kubernetes, Docker Compose, or whatever the underlying system is:
# score.yaml - developer writes this once
apiVersion: score.dev/v1b1
kind: Workload
metadata:
name: payment-service
spec:
containers:
payment:
image: myorg/payment-service:latest
resources:
limits:
cpu: 0.5
memory: 128Mi
resources:
db:
type: postgresPlatform team handles the translation to actual infrastructure.
Measuring Platform Success
Platforms succeed when developers are more productive. Measure it:
DORA Metrics (the standard):
- Deployment frequency
- Lead time for changes
- Change failure rate
- Time to restore service
Platform-specific metrics:
- Time to first deployment (new service → production)
- Self-service ratio (% of infra requests fulfilled without tickets)
- Golden path adoption rate
- Developer satisfaction score (quarterly survey)
A good IDP should visibly move deployment frequency up and lead time down within 6 months of adoption.
Common Mistakes
Over-engineering the platform before adoption: Build the minimum viable platform, validate with pilot teams, iterate. A beautiful platform nobody uses is a failure.
Building a new ticket system: If developers have to ask the platform team for every little thing, you haven’t built a platform — you’ve built a fancy help desk.
Ignoring developer experience: Platform engineers must talk to developers constantly. Shadow them. Watch where they get stuck. The best platforms come from empathy.
Platform as police: Golden paths should be attractive, not mandatory. If the platform’s security requirements make it faster to bypass than use, developers will bypass.
The Platform Team Model
A platform team is typically organized as an internal product team. They treat developers as customers, run sprints, have a product roadmap, and measure customer satisfaction.
The team usually includes:
- Platform engineers (infrastructure + software)
- A platform product manager
- Developer experience advocates
Size varies: a 50-person engineering org might have 3-5 platform engineers. A 500-person org might have 20-30.
The investment pays back. At Spotify, Backstage reportedly saved engineers over 360,000 hours per year. That’s a real return.
Platform engineering is where infrastructure engineering and product thinking converge. Done well, it’s invisible — developers just ship, without feeling the complexity underneath. That invisibility is the goal.