3 Lessons on CLI UX Design


December 22, 2014 | DevOps | Kevin O'Brien


Last week’s DevOps Weekly included a link to an interesting article on the metrics and merits of good user experience (UX) design for CLI applications. Primarily based on an interview with Randall Hansen, who formerly led the UX design team at (Conjur customer) Puppet Labs, the article raised a couple of particularly important points that we hold as truths when designing Conjur, as well:

CLI UX Design Lessons

  • CLI design should be elegant
  • Speed trumps splash
  • Good documentation is foundational

CLI design should be elegant.

One of the main points in the Medium article is that the CLI is used by what they call sysadmins, although we would argue that the target user could equally be a DevOps user. If one agrees that the goal of a user experience and interface should be to delight the user, then there is a distinction between those things which a typical end-user will be delighted by, and those which lead to a feeling of delight in an administrative user.

In an apocryphal case study, Hansen relates how a stock exchange application malfunctioned, causing tens of millions of dollars of loss for every second that it continued running. With a quick set of keystrokes, the admin using a CLI was able to quick identify and kill the process. If elegance is defined as “simple and powerful“, then this is a fantastic example of how to ensure that it’s in place for a command line application.

It’s also one of the primary ideals we hold when designing Conjur’s CLI. From tab-completion on Conjur’s commands to context-appropriate help, simplicity and appropriate context are woven into every command and interaction that our command-line users will experience.


Speed trumps splash.

A second point from Hansen is also explained by example: “When Gmail goes down for ten minutes, the entire internet freaks out; the difference between those ten minutes of inconvenience and some potentially catastrophic downtime might hinge on the user experience that a sysadmin encounters when solving the problem.”

Conjur, thankfully, doesn’t take down systems — even if an entire Conjur master server were to be hit with an rm -rf, our high-availability architecture will ensure that requests for authz events, secrets, and permissions will continue to function. However, being able to quickly and gracefully interact with sysadmins to prevent inadvertent mistakes is a core design intent; while we do see value in building a rich user experience for visualizing authz events and data, we have made an explicit decision to do so not at the expense of the CLI, but in conjunction with it.

Good documentation is foundational.

Finally, we agree wholeheartedly with Hansen on the point that good documentation is critical for a CLI user. More than simply a set of API references — although those are necessary, too — documentation for a command line experience needs to provide specific use cases and explain both what and why they matter.

For Conjur, that means having a great set of tutorials that walk users through the basic flows that they will encounter when using the system. From “Conjurizing” users to migrating secrets to the system to integrating with LDAP systems, we believe that time and effort spent on tutorials will translate directly to an improved (and hopefully even delightful) Conjur experience.

All of our tutorials are available on our Developer site.

And while we’re proud of what we have built, we’re just getting started. We want to hear from you, especially if you’re in the trenches of the DevOps movement, dealing with myriad CLI tools every day. What makes your life easier? What’s missing?

Of course, if you’re not yet using Conjur, we’d love to have you on board with us. We’re changing the future of authorization-as-a-service, and we’d be happy to get a copy of Conjur into your hands today. Just click the big blue “Get Started” button below, and we’ll set you up — and let us know what your user experience is like, and where it can be better!



Share This