I see a lot of software engineers make a successful transition into cloud security because of their background, some devs have made security tools. My question is, I don’t come from a coding background coding stresses me out, do I have to know how to code on a software engineer level to have a successful career as a cloud security engineer? What languages other than Python, bash, JSON, and PowerShell should I be comfortable with? How can I develop security tools also?
It all depends on what you want to do, ultimately. I would say there are plenty of roles where no coding knowledge is really necessary at all. The thing is, in cloud security specifically, you are talking about a universe of resources that all can be instantiated, manipulated, and interrogated all via APIs and various markup languages. So, I would say your biggest bang for the buck is going to be learning the ones you mentioned, and some more like YAML. TF, Ansible/puppet/chef. Anything that enables you do do what you want to do in the most efficient way is a good thing to learn.
Designing a security tools is a completely different matter. Deciding which kind of coding to use is going to be a by-product of knowing what you want to accomplish first. Cloud-native tools should be designed in a cloud-native way, imho. The reality is you will use many different skills to take a security tool from idea to finished product.
Thank you