Hello Darling!
I like these “What’s In Your Bag” videos on YouTube. Seeing what other people carry around all-day in their bags has something cozy to me. I love it!
It’s no surprise that I like to know about tools fellow developers are using. I’m always on the hunt for a suggestion about useful tools which make my life as Cloud Engineer/Cloud Consultant easier. My lovely friend Sandra Parsick gathered lots of great tools for the terminal, and made a talk about it!
Let’s go and see what’s in my ✨tech tooling bag✨!
Tool #1: aws-vault
If a colleague wouldn’t have suggested this to me, I’d probably still be using only AWS CLI or copying temporary credentials back and forth! 🤭 There is nothing wrong with it in the first place. But having a closer look, aws-vault solves challenges you will face as you grow on your Cloud Engineer/Consultant/Developer journey.
With this neat tool you can manage and access AWS credentials securely. This means your AWS access and secret keys won’t be stored in plain text in you AWS CLI config file. Additionally, no need to copy and paste temporary credentials in your terminal.
Once installed, you can store your AWS credentials by using aws vault add YOUR-PROFILE-NAME.
You then can choose between three options to let these credentials work for you:
- Login directly to the AWS console with
aws-vault login YOUR-PROFILE-NAME - Execute a shell command with the given profile through
aws-vault exec YOUR-PROFILE-NAME -- SHELL COMMAND, e.g.
aws-vault exec wolkencode -- aws s3 ls - Open a subshell with temporary credentials through
aws-vault exec YOUR-PROFILE-NAME
Since I often work with my terminal, I love to use the subshell. 💜🐚
With aws-vault list you can get a comprehensive overview about all your added profiles. A good base to start if you forget the profile name!
aws-vault is available for all major OS platforms. Just install and configure aws-vault and you can have it all - in a more organised and secured way.
▶️ Find more details on aws-vault GitHub repository.
Want to learn more? Might read this article about aws-vault or the announcement from 99designs from 2015, which is still worth reading.
Tool #2: aws-sso-cli
When you work as a Cloud Consultant, you probably will come across AWS Organizations with IAM Identity Center (formerly AWS SSO) enabled. Which is good! To set up proper account management for our customers, is one part of my job as a Cloud Consultant.
On the other hand, using the console having multiple AWS Organizations to log into can come with other struggles like getting your temporary credentials, inspecting more than one AWS account at a time and so on. Luckily since January 2025, you can now have simultaneous sign-in for multiple AWS accounts in the AWS Console, but we want to focus on CLI-access.
With aws-sso-cli you can manage all your IAM Identity Center logins from your terminal! You don’t have to specify every role on its own separately (like with aws-vault) and are able to choose between all the different roles available for your user once set up and logged in. It is so convinient!
What really stands out to me here is that you can define different AWS Organizations
aws-sso-cli can detect your SSO profiles directly from your ~/.aws/config folder, but you can define multiple personalized profiles.
With aws-sso -S YOUR-ORGANIZATION-PROFILE-NAME you override the default and login into the respective organization.
Listing available accounts with the chosen profile…
And chose your profile you want to work with interactively. How cool is that!
Isn’t this a great way to organize and access multiple organizations from your terminal?
▶️ Find more details on aws-sso-cli GitHub repository.
Want to learn more? Read about this an in-depth comparison to aws-vault.
Tool #3: aws-nuke
Did you ever having troubles REALLY deleting all your infrastructure stuff in your AWS account? If not, lucky you! But sometimes you will come across the dark side of things like ClickOps mixed with Infrastructure as Code or even ONLY ClickOps… Or you were just in the mood of testing stuff quickly by clicking everything together. Been there, done that.
The result? Some teeny-tiny Lambda Execution Permission or Elastic Network Interface is still idling around for what ever reason, preventing your from eventually deleting your old infrastructure resources.
aws-nuke got you! With this tool you can delete all the resources in your AWS account. If you want to exclude certain resources, you can configure filter excluding by tags or naming patterns.
aws-nuke might not support all current AWS services, but the community is always looking for contributions to include new services.
▶️ Find more details on aws-nuke GitHub repository.
Bonus theme: spaceship-prompt
I’m always keep an eye on nice looking terminal themes: I love well-combined color palettes as eye-candy for my day-to-day work.
Through Sandra’s talk about tools for your terminal, I go introduced to spaceship. It’s not only a theme with a nice color scheme options, but a whole set of well-combined tools that make
my terminal experience more pleasant out of the box. Since I use the Oh-My-Zsh Shell, spaceship was easy to add on to it.
What made me stick to spaceship-prompt was the runtime environment feature, which adds an icon to your prompt line depending on which runtime you are using in the current directory.
Additionally, I can add my own custom icons. This came in super handy when I added aws-sso-cli. Since the aws-sso-cli wasn’t supported with the regular aws plugin, I made my own for it.(not public, yet).
That’s why your are seeing ☁️ playground-nora (sso) in my prompt line:
▶️ Find more details at the spaceship-prompt GitHub repository.
Let me know how you liked this post through email or my socials. I’m curious if you are already using one of the suggested tools or plan to use it now. 😊
Looking forward to the next one!
Have a great day 💜
Nora