Developer experience improvements
View All Tags
A common question from the community is: how do I use Atmos with Packer to build AMIs, and automate the whole build → approve → share process? We've published a new gist that shows exactly that — a reference recipe combining several Atmos features into one production-shaped workflow.
Atmos now includes 25+ interactive step types for both workflows and custom commands. Build interactive CLI wizards, collect user input, display rich output, and control execution flow—all directly in your atmos.yaml without external scripts.
GitHub Actions has a built-in "Re-run with debug logging" button: when a workflow fails, you click it and the next run launches with runner and step debug logging turned on. Atmos now auto-detects that signal — when you re-run with debug logging, Atmos switches its own log level to Debug for the run. No need to remember to also set ATMOS_LOGS_LEVEL=Debug in your workflow YAML.
Atmos hooks now have a kind system — same before-terraform-plan /
after-terraform-plan lifecycle you already know, but the dispatch is
pluggable and built-in kinds ship for common tools. Two lines in a stack
manifest gets you cost analysis from infracost, or SARIF scanning from
checkov, trivy, or kics, with tools auto-installed via the Atmos
toolchain.
components:
terraform:
vpc:
dependencies:
tools:
checkov: "3.2.529"
hooks:
security:
events: [after-terraform-plan]
kind: checkov
That's the whole config. No scanner binary on PATH, no custom command
wrapper, no GitHub Actions glue — atmos terraform plan vpc -s prod
auto-installs checkov via the toolchain, runs it against the component,
parses the SARIF, renders the findings as a markdown table in your
terminal, and (when Atmos Pro is connected) ships the same body to the
run page.
Claude Code, OpenAI Codex CLI, and Google Gemini CLI all speak MCP, but
each wants its own config format, its own credentials flow, and its own
idea of where binaries live. This post shows how to centralize all of it —
server configuration, AWS credentials, and toolchain version — in one
atmos.yaml that every AI coding assistant uses unchanged.
Atmos Auth is the only place
AWS credentials live; each MCP server is automatically wrapped with the
right identity for the question it'll answer (billing → payer account,
CloudTrail → audit, IAM → root, workload queries → dev/rpg/staging). One
atmos auth login covers them all — no API keys in CLI configs, no
AWS_PROFILE swapping between prompts. The server set spans the
Atmos MCP server for project stacks,
the AWS MCP server suite for live cloud
queries, and the Atmos Pro MCP server
for drift, deployment, and audit history. The
Atmos toolchain pins
binaries so every assistant runs the same binary. See the example:
examples/mcp-for-ai-coding-assistants/.
Every atmos list subcommand that processes stack manifests now accepts --skip <yaml-function> and the matching
ATMOS_SKIP env var, mirroring the surface already exposed by atmos describe affected, atmos describe component,
and atmos describe stacks. Use it to bypass a single YAML function while leaving the rest of YAML function
processing — including !template — fully enabled.
Every atmos list subcommand that processes stack manifests now accepts --process-templates and --process-functions
(with matching ATMOS_PROCESS_TEMPLATES / ATMOS_PROCESS_FUNCTIONS env vars), matching the flag surface of
atmos describe affected and atmos describe stacks. Defaults are true across the board.
When an --identity can't be resolved in the currently loaded Atmos config, Atmos now checks whether the identity is defined in another profile — and either prompts you to switch or hints at the exact command to re-run. The same release also adds profiles.default so you can pin a default profile in atmos.yaml.
The atmos describe affected command now auto-detects the base commit in CI environments, eliminating the need for verbose flag wiring in your workflows.
Add --ai to any Atmos command and get instant AI-powered analysis of the output. Successful plans get
summarized, errors get explained with step-by-step fixes — zero workflow changes required.
Atmos now supports a global templates.settings.ignore_missing_template_values option in atmos.yaml, eliminating the need to set ignore_missing_template_values: true on every individual catalog import.
We're excited to introduce Atmos AI, an intelligent assistant built directly into Atmos CLI that understands your infrastructure-as-code like no other AI assistant can.
Unlike general-purpose AI coding assistants, Atmos AI has deep, native understanding of Atmos stacks, components, inheritance patterns, and infrastructure workflows. It's not just an AI that knows about code—it's an AI that truly understands your infrastructure.
With support for 7 AI providers (including local/offline Ollama), persistent sessions with full conversation memory, tool execution with granular permissions and persistent permission cache, specialized skills for specific tasks, and seamless IDE integration via MCP—Atmos AI brings the productivity patterns of industry-leading AI systems to infrastructure management.
We're excited to introduce Atmos LSP, bringing IDE-quality features directly to your infrastructure configuration workflow—no context switching, no manual validation, no documentation hunting.
Atmos LSP provides comprehensive Language Server Protocol integration that transforms how you write and validate Atmos configurations. Get instant feedback on errors, autocomplete for Atmos keywords, hover documentation without leaving your editor, and seamless integration with external language servers for YAML and Terraform validation.
With support for 13+ editors (VS Code, Neovim, Zed, Cursor, Emacs, and more), multiple transport protocols, and deep AI integration—writing infrastructure configuration now feels like writing code in a modern IDE.
Atmos now ships 21 agent skills that give AI coding assistants deep knowledge of Atmos conventions, stack configuration, Terraform orchestration, authentication, validation, and more. Skills build on two open standards -- AGENTS.md and Agent Skills -- and work across Claude Code, OpenAI Codex, Gemini CLI, Cursor, Windsurf, GitHub Copilot, and other AI tools.
Test features from any Atmos pull request or commit SHA without compiling from source or manually downloading artifacts.
Atmos now includes a source list command to display components with source configuration. Both --stack and [component] arguments are optional, allowing flexible filtering across your infrastructure.
Atmos toolchain now has native GitHub Actions support with the new github format for atmos toolchain env.
Atmos now supports a dedicated github output format for atmos terraform output, making it easier than ever to pass Terraform outputs between GitHub Actions steps.
Atmos now supports directory-based Packer templates by default. Instead of requiring a single HCL template file, you can organize your Packer configurations across multiple files following HashiCorp's recommended patterns. Atmos automatically passes the component directory to Packer, which loads all *.pkr.hcl files.
File generation now features interactive component and stack selection, plus cross-provisioner support for helmfile and packer. Run atmos terraform generate files without arguments and get an intuitive selector.
Atmos now automatically provisions backends during terraform init, eliminating the need for a separate backend create command. When provision.backend.enabled: true is set, backends are created just-in-time during your first Terraform operation.
The source provisioner now provides better visual feedback with spinners during auto-provisioning, interactive confirmation prompts for delete operations, and interactive stack selection when --stack is omitted.
New query syntax for atmos list components and support for installing multiple tools at once with atmos toolchain install.
Atmos now provides granular control over experimental features with the new settings.experimental configuration option—giving teams the flexibility to explore new capabilities safely while maintaining stability in production environments.
Atmos now enforces a single canonical identity per stack and supports zero-config stack naming using filenames. These changes make Atmos easier for newcomers while providing explicit control for advanced users.
atmos auth login now automatically falls back to provider authentication when no identities are configured, enabling seamless first-time login with auto_provision_identities.
Atmos now automatically detects when your AWS IAM User credentials have been rotated or revoked and prompts you for new credentials inline. No more persistent authentication failures after credential rotation. Plus, improved guidance when credentials expire.
We're introducing file-scoped locals to Atmos stack configurations. Inspired by Terraform and Terragrunt, locals let you define temporary variables within a single file, reducing repetition and making your configurations more readable and maintainable.
Atmos now automatically caches Terraform providers across all components, dramatically reducing terraform init times and network bandwidth. This feature is enabled by default with zero configuration required.
You can now pin Terraform and provider versions directly in your stack configuration. Atmos generates terraform_override.tf.json files with required_version and required_providers blocks, giving you centralized control over infrastructure versioning.
We're introducing ECR authentication integration - automatic Docker login for AWS Elastic Container Registry as part of your Atmos authentication workflow. Configure once, authenticate everywhere.
Terraform commands now feature interactive prompts for component and stack selection. Run atmos terraform plan without arguments and get an intuitive selector instead of an error message.
Quickly identify which components and stacks are affected by your changes with the new atmos list affected command.
Atmos now provides clear, actionable error messages when your Terraform components contain HCL syntax errors, instead of the misleading "component not found" message.
Custom commands and workflow steps can now specify a working_directory to control where they execute.
Custom commands now support boolean flags with configurable default values. You can define type: bool flags that default to true or false, making it easier to handle special behavior triggers.
We've reorganized the Atmos documentation to better serve both newcomers and experienced users. Here's what changed and why.
Atmos now supports version constraint validation, allowing you to specify required Atmos version ranges in your atmos.yaml configuration. When your configuration requires specific features or behaviors, you can ensure all team members and CI/CD pipelines use compatible Atmos versions.
Atmos now supports using filesystem paths instead of component names for all component commands. Use . for the current directory, relative paths like ./vpc or ../eks, or absolute paths. This might feel more natural for users accustomed to running commands on folders rather than remembering specific component names.
We're excited to introduce automatic backend provisioning in Atmos, a feature that solves the Terraform bootstrap problem. No more manual S3 bucket creation, no more chicken-and-egg workarounds—Atmos provisions your state backend automatically with secure defaults, making it fully compatible with Terraform-managed infrastructure.
Atmos now includes interactive prompts for missing required flags and positional arguments, making commands more discoverable and user-friendly. This feature is being gradually rolled out across commands.
The atmos workflow command now automatically discovers workflow files, eliminating the need to specify --file for uniquely named workflows. This developer experience improvement makes running workflows faster and more intuitive.
Atmos lets you model your cloud architecture, so why shouldn't you be able to easily explore that? This is especially a pain point for people new to a team who just want to see what exists without having to understand your complete cloud architecture. Atmos List makes that possible.
We've enhanced all column-supporting list commands (instances, components, stacks, workflows, vendor) to support customizable output columns via atmos.yaml configuration.
atmos auth logout now preserves keychain credentials by default for faster re-authentication. Only session data is cleared. Use --keychain to permanently delete credentials.
Atmos now searches parent directories for atmos.yaml and discovers .atmos.d/ at the git repository root, making it easier to run commands from anywhere in your project.
Atmos now automatically provisions AWS SSO permission sets as identities when you authenticate. Log in once, and all your available roles are instantly ready to use—no manual configuration required.
Atmos now automatically discovers your repository root and runs from there, just like Git. No more cd-ing back to the root directory.
We've completely rebuilt Atmos error handling from the ground up to provide helpful hints, rich context, and enterprise-grade error tracking. When something goes wrong, you now get actionable guidance instead of cryptic messages, and enterprises can track and analyze errors across their entire infrastructure stack.
Tab completion for the --stack flag is now context-aware, filtering suggestions based on the component you specify.
We've made several quality-of-life improvements to Atmos authentication commands, making identity management smoother and more intuitive.
Atmos auth, documentation, and workflow management commands now work independently of stack configurations, making it easier to use Atmos in CI/CD pipelines and alongside "native" Terraform workflows.
Atmos now features intelligent terminal output that adapts to any environment automatically. Developers can write code assuming a full-featured terminal, and Atmos handles the rest - capability detection, color adaptation, and secret masking happen transparently. No more capability checking, manual color detection, or masking code. Just write clean, simple output code and it works everywhere.
We're excited to announce a new global flag that makes working with Atmos across multiple repositories and directories significantly easier: --chdir (or -C for short).
We've significantly improved the AWS SSO authentication experience with styled verification code dialogs, animated status indicators, and proper Ctrl+C handling.
We've shipped a feature that developers working with complex infrastructure configurations have been asking for: provenance tracking. With the new --provenance flag in atmos describe component, you can now see exactly where every configuration value originated—down to the file, line number, and column.
