The CNCF Platforms Whitepaper

The Cloud Native Computing Foundation's TAG App Delivery working group published a whitepaper that every engineering leader should read: Platforms.

It's the most comprehensive, vendor-neutral articulation of what a platform is, why organisations need one, and how to build one that actually works.

This isn't theoretical. It's a consensus document from practitioners across the industry, and it validates what many of us have been building toward.

What the Whitepaper Defines

At its core, the paper defines a platform as:

"An integrated collection of capabilities defined and presented according to the needs of the platform's users", serving as a cross-cutting layer that ensures consistent experiences for acquiring and managing services.

The critical insight is that platforms should be the thinnest reasonable layer that provides consistency across your organisation. You don't need to build everything yourself, you curate, integrate, and present capabilities from multiple providers through a unified interface.

Platform Definition Model, how products, platforms, and capability providers relate

Why Platforms Matter Now

The whitepaper identifies five forces driving platform adoption:

  • Cognitive load reduction, Development teams are drowning in operational complexity. Platforms abstract it away.

  • Improved reliability, Dedicated platform expertise means better infrastructure for everyone.

  • Accelerated delivery, Shared tooling and golden paths eliminate reinvention.

  • Stronger security and compliance, Governance baked into the platform, not bolted on after.

  • Efficient cloud utilisation, Centralised management of cloud resources reduces waste and sprawl.

These aren't aspirational goals. They're measurable outcomes that the paper ties directly to frameworks like DORA metrics and the SPACE framework.

The Seven Attributes of Successful Platforms

The whitepaper defines seven characteristics that distinguish effective platforms from "just another internal tool":

| Attribute | What It Means | |-----------|---------------| | Product mindset | Treat the platform as a product with real users, not a project with a deadline | | User experience | Multiple interfaces, portals, APIs, CLIs, documentation | | Documentation & onboarding | Golden path templates that get teams to production fast | | Self-service | Developers provision what they need without tickets or approvals | | Cognitive load reduction | Hide complexity, but allow opt-out when needed | | Optional composition | Users can supplement platform offerings independently | | Security by default | Compliance and governance built in, not bolted on |

This maps directly to the philosophy we follow at Scaletific: governance by default, complexity by choice.

The 13 Core Capabilities

Perhaps the most actionable section of the whitepaper is the capabilities model, thirteen areas that a mature platform should consider:

  1. Web portals for provisioning and observing
  2. APIs and CLIs for automation
  3. Golden path templates and documentation
  4. Build and test automation
  5. Delivery and verification automation
  6. Development environments
  7. Application observability
  8. Infrastructure services
  9. Data services
  10. Messaging and event services
  11. Identity and secret management
  12. Security services
  13. Artifact storage

The paper maps each capability to relevant CNCF projects: Backstage for portals, Argo and Tekton for delivery, OpenTelemetry for observability, Kubernetes as the underlying orchestrator.

Platform Maturity

The paper outlines a maturity progression that we think is exactly right:

  • Level 1, On-demand provisioning of individual capabilities (compute, storage, databases)

  • Level 2, Service space provisioning (CI/CD pipelines, artifact storage)

  • Level 3, Managed third-party dependencies

  • Level 4, Template-based environment provisioning for specialised scenarios

  • Level 5, Automated observability with cost tracking across all services

You don't need to start at level 5. Start at level 1, prove value, and iterate.

This is precisely how GoldenPath IDP was designed, incremental adoption with governance guardrails at every level.

Measuring Success

The whitepaper recommends three categories of metrics:

User satisfaction, Active users, retention, NPS, developer productivity via the SPACE framework.

Organisational efficiency, Request-to-fulfilment latency, time-to-production for new services, onboarding speed.

Delivery impact, DORA metrics: deployment frequency, lead time, mean time to recovery, change failure rate.

If you can't measure it, you can't improve it. And if your platform isn't moving these numbers, it isn't working.

Why This Matters for Scaletific

At Scaletific, we didn't build GoldenPath IDP in isolation. We built it by absorbing the same principles this whitepaper codifies:

  • 183+ Architecture Decision Records, the "why" behind every choice

  • 89 certified scripts, golden path automation validated by CI

  • 30+ governance policies, automated, not aspirational

  • Backstage service catalog, the portal layer the CNCF recommends

The whitepaper is validation that platform engineering isn't a trend, it's infrastructure. The CNCF has since raised the bar further with the Cloud Native Platform Engineer (CNPE) certification, codifying the distinction between platform engineering and traditional DevOps. The organisations that invest in it now will outpace those that don't.

Read the full whitepaper: CNCF Platforms Whitepaper

Want help building your platform? Talk to us, we've done the hard part already.