Oracle Red Bull Racing reduces wind tunnel recovery time by 97% with 1Password
About the company
Since its inception, Oracle Red Bull Racing has been a major force in the FIA Formula 1® World Championship, the globe's premier motorsport category. Founded in 2005 to expand parent company Red Bull's presence in professional motor racing and to disrupt the status quo within the sport through a bold mix of passion, playfulness, ambition and achievement, Oracle Red Bull Racing has grown to become one of F1®'s most successful teams. With multiple Constructors' and Drivers' world titles and more than 100 race wins to its credit, Oracle Red Bull Racing continues its pursuit of ultimate performance – as a race team, as a home of champions, and as an innovator operating at the cutting edge of technology.
Industry
Spectator sports
Recovery time reduced from 1 hour to 2 minutes
Single button redeploy during critical aerodynamics testing
Centralized credential control
Governed access across clusters, environments, and workloads into a single source of truth
Secure simulation workflow integrations
Improved upstream decision-making with secret references and CLI access for service credentials
Outcomes
Optimized aerodynamics testing time, which FIA regulations limit to an extremely small quantity per year, by cutting wind tunnel software crash recovery time during testing from 1 hour to 2 minutes.
Faster software release cycles with widespread adoption of credential management across environments.
Improved simulation workflow security by removing plaintext credentials from code, supporting safer automation and earlier API integrations.
At an organizational level, 1Password helped impose discipline and clarity on access management across a highly complex, high-velocity engineering environment.
Ian Brunton
Head of Software Engineering for Aerodynamics at Red Bull Racing and Technology
Challenges
Oracle Red Bull Racing, a multi-time Formula 1® world champion, employs over 1,800 team members across sites in Milton Keynes, United Kingdom, and at race circuits worldwide. With a $215 million cost cap and FIA Aerodynamic Testing Restrictions, every minute of simulator and wind tunnel testing time is precious. The team relies on 1Password to centralize secrets and access workflows, get the most results in the least amount of testing time, increase engineering productivity, and solve the challenges of:
No centralized credential access. Complex technical environments across clusters led to inconsistent credential distribution and access across multiple work sites and trackside staff.
Manual pipeline recovery. Downtime in critical factory, wind tunnel, and simulation pipelines required coordinated manual credential recovery, wasting valuable testing time.
No secure secrets sharing. Scattered secrets management embedded credentials into code, config files, or ad hoc sharing. This slowed delivery and limited automation opportunities in CFD workflows.
People think F1® has unlimited money. Cost caps mean that every license must be justified. We needed to see who was using what and make smarter decisions.
Nimesh Kotecha
Group Head of End User Services at Oracle Red Bull Racing
Secure, consistent developer secrets management
By moving secrets into 1Password, Oracle Red Bull Racing created a single, trusted control plane for credentials across Kubernetes clusters, environments, namespaces, and factory, wind tunnel, and simulation workloads. Developers use shared vaults with clear ownership and repeatable patterns, ensuring predictable access during redeployments and workflow changes.
Human and automation access are separated using dedicated vaults with limited user access for critical Kubernetes workloads, including Aero clusters and Kubernetes deployments.
Oracle Red Bull Racing uses the 1Password Kubernetes Operator, authenticated through 1Password Connect Server, to pull values from 1Password items and create Kubernetes Secrets for workloads. When an item changes, the operator updates the secret, and a rollout can be triggered so workloads pick up the updated values.
In Aerodynamics, five vaults hold 97 entries for cluster credentials, SQL passwords, client secrets, access tokens, and Windows VM logins. Vehicle Performance and Powertrains maintain about 160 entries, and new deployments default to 1Password. This reduces time spent coordinating access, limits ad hoc sharing, and makes it easier to confirm which credentials are current when developers modify or restore workloads.
We used to lose time just coordinating access. Now the people closest to the problem can act immediately, with guardrails, so we’re not trading speed for risky shortcuts.
Nimesh Kotecha
Group Head of End User Services at Oracle Red Bull Racing
Faster, repeatable recovery for critical pipelines
Wind-tunnel sessions help teams test airflow, cooling, balance, and component changes before upgrades reach the car. Because the Aerodynamics team is limited to a regulated number of wind tunnel runs and “wind-on” hours in each eight-week period, every interruption matters.
When pipelines failed, the wind tunnel tests stopped before successful completion, wasting valuable testing time and slowing car development. The bottleneck was coordination: who to contact, which credentials were needed, and how to start recovery, especially after hours. Manual redeployments required an expert who knew the correct restart order and the Kubernetes and Kafka setup. A full re-deployment consists of around 20 services and multiple Kafka topics.
Before 1Password, recovery could take up to 1 hour. With the 1Password recovery playbook, service restoration is fully automated using Ansible and RunDeck. A tunnel technician can now trigger a complete redeploy with a single button in about 2 minutes. The playbook authenticates with a dedicated, rotatable access token to retrieve the secrets it needs at runtime.
Once we standardized where secrets and access live, recovery became repeatable. The team can kick off a known, self-service process instead of scrambling for credentials during an incident.
Nimesh Kotecha
Group Head of End User Services at Oracle Red Bull Racing
Secure API integrations in simulation workflows
Simulation brings the most value early, when change is affordable, and results shape future decisions. Integrating new APIs can lead to secrets sprawl and increased risk, so Oracle Red Bull Racing needed a consistent method for managing credentials and secrets.
In simulation workflows, teams use the 1Password CLI to retrieve SQL connection strings and Microsoft Entra ID credentials needed to access services.
With secrets centralized in 1Password, developers replace plaintext credentials with secret references from a shared, governed source, rather than embedding secrets in code or configuration files. Because applications rely on secret references, teams can securely rotate credentials, supporting safer automation and earlier API adoption to improve fidelity and capability earlier in development.
With 1Password, we eliminated plaintext passwords in code. Developers now use secure references, which has been revolutionary for them.
Nimesh Kotecha
Group Head of End User Services at Oracle Red Bull Racing
Extending secrets management to race‑day infrastructure
Oracle Red Bull Racing runs advanced race simulations using real-time Monte Carlo models to evaluate scenarios and support strategic decisions during race weekends.
With secrets and access now standardized across engineering, the team is evaluating how to extend these patterns to OCI-based trackside systems, including credential and certificate management, to ensure consistent automation under race-day time pressure.
For us, resilience is a performance advantage. When access and secrets are dependable, engineers spend their time shipping improvements, not waiting on permissions or cleaning up incidents.
Ian Brunton
Head of Software Engineering for Aerodynamics at Red Bull Racing and Technology
How it works
Centralize secrets and credentials in 1Password to create a single source of truth with clear ownership and access.
Scope access through dedicated vaults for workloads and teams.
Authenticate non-human access through 1Password Connect Server for automation and Kubernetes workloads.
Use the 1Password Kubernetes Operator to pull secrets into Kubernetes workloads at runtime.
Replace hard-coded credentials with secret references so secrets stay out of code, and rotation doesn’t require application changes.
Use the 1Password CLI in CFD workflows to retrieve integration credentials, including SQL connection strings and Microsoft Entra ID credentials.
Automate controlled self-service recovery workflows so technicians can quickly redeploy critical services with centrally secured access.
Maintain centralized visibility and auditability across environments, enabling teams to move quickly without sacrificing accountability.
Oracle Red Bull Racing engineered a faster multi-time race winning car by centralizing secrets, controlling access, and building trust in the system. Once that foundation is in place, teams build operational workflows on top of it. Oracle Red Bull Racing is streamlining iteration across simulation, wind tunnel operations, and evolving digital environments by reducing friction and enabling repeatable recovery and automation. In a sport measured in milliseconds, that translates into more development time spent chasing performance.
Click the link below to learn how 1Password helps teams centralize credentials and reduce recovery time in complex engineering environments.
Ready to get started?
Request a demo to see how 1Password combines workforce identity, application insights, device trust, and enterprise password management in one place.