{"id":206,"date":"2026-04-13T04:56:24","date_gmt":"2026-04-13T04:56:24","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/aws-amazon-q-developer-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-developer-tools\/"},"modified":"2026-04-13T04:56:24","modified_gmt":"2026-04-13T04:56:24","slug":"aws-amazon-q-developer-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-developer-tools","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/aws-amazon-q-developer-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-developer-tools\/","title":{"rendered":"AWS Amazon Q Developer Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Developer tools"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>Developer tools<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<p>Amazon Q Developer is AWS\u2019s AI-assisted developer experience for writing, understanding, and improving code inside your IDE and other developer workflows.<\/p>\n\n\n\n<p>In simple terms: it\u2019s a coding assistant that helps you draft code, explain unfamiliar code, generate tests, and speed up routine development tasks\u2014without leaving your editor.<\/p>\n\n\n\n<p>Technically, Amazon Q Developer integrates into supported IDEs (and related developer touchpoints) and uses AWS-hosted generative AI to provide inline code suggestions and conversational assistance (\u201cchat\u201d) based on your prompts and the code context you provide. In enterprise setups, it can be connected to your organization\u2019s identity and policy controls.<\/p>\n\n\n\n<p>The problem it solves is consistent across teams: developers spend significant time on boilerplate, translating requirements into code, debugging, writing tests, and learning new APIs. Amazon Q Developer reduces that time while adding guardrails that matter in professional environments (identity, admin controls, and privacy considerations).<\/p>\n\n\n\n<p><strong>Important naming note (history):<\/strong> Amazon CodeWhisperer was renamed and evolved into <strong>Amazon Q Developer<\/strong>. If you find older blog posts or docs mentioning CodeWhisperer, verify the current workflow and feature set in the latest Amazon Q Developer documentation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is Amazon Q Developer?<\/h2>\n\n\n\n<p>Amazon Q Developer is an AWS <strong>Developer tools<\/strong> service focused on <strong>AI-powered coding assistance<\/strong>. Its official purpose is to help developers build software faster and with better understanding by providing:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Inline code recommendations as you type<\/li>\n<li>A chat-based assistant for coding tasks (e.g., explain, refactor, generate tests)<\/li>\n<li>Additional developer productivity and code-quality capabilities depending on edition and supported integration points (verify exact availability per IDE and plan)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Core capabilities (what it\u2019s for)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Code generation and completion:<\/strong> Suggests code based on surrounding context and your comments.<\/li>\n<li><strong>Code understanding:<\/strong> Explains functions, classes, and logic in natural language.<\/li>\n<li><strong>Refactoring and iteration:<\/strong> Helps transform code (e.g., restructure, rename, simplify).<\/li>\n<li><strong>Test assistance:<\/strong> Helps create unit tests and edge-case coverage.<\/li>\n<li><strong>Developer guidance:<\/strong> Helps with common tasks (AWS SDK usage patterns, error interpretation, code snippets), with the usual caveat to validate outputs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Major components (how you interact with it)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IDE integration:<\/strong> Typically delivered via AWS tooling\/extensions for popular IDEs.<\/li>\n<li><strong>Authentication layer:<\/strong> Individual identity (for personal use) and organizational identity (for enterprise use) with administrative controls.<\/li>\n<li><strong>Backend service:<\/strong> AWS-hosted AI services that process prompts and context and return responses\/suggestions.<\/li>\n<li><strong>Administrative controls (enterprise):<\/strong> Centralized management of access and settings (availability depends on plan; verify in official docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Service type and scope<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Service type:<\/strong> Managed AWS service (SaaS-style developer assistant).<\/li>\n<li><strong>Scope:<\/strong> Primarily <strong>user-scoped<\/strong> (developers use it in their tooling). Enterprise features are <strong>organization\/account scoped<\/strong> depending on how access is provisioned.<\/li>\n<li><strong>Regionality:<\/strong> The developer experience is global, but the backend service uses AWS Regions. The exact region behavior and availability can differ by integration and plan\u2014<strong>verify current region support in official documentation<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How it fits into the AWS ecosystem<\/h3>\n\n\n\n<p>Amazon Q Developer complements (not replaces) core AWS developer and DevOps services:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AWS IAM \/ IAM Identity Center:<\/strong> Identity, access management, and enterprise provisioning.<\/li>\n<li><strong>AWS CloudFormation \/ AWS SAM \/ AWS CDK \/ Terraform:<\/strong> Infrastructure-as-code workflows where AI assistance can speed authoring and troubleshooting.<\/li>\n<li><strong>AWS CodeBuild \/ CodePipeline \/ CodeCommit \/ GitHub \/ GitLab:<\/strong> CI\/CD and source workflows where developers write and maintain the code that pipelines build and deploy.<\/li>\n<li><strong>Amazon CloudWatch \/ AWS X-Ray:<\/strong> Operational telemetry that developers often translate into fixes\u2014an area where AI assistance can help interpret errors and propose changes.<\/li>\n<\/ul>\n\n\n\n<p>Official docs to start verifying scope and setup:\n&#8211; https:\/\/docs.aws.amazon.com\/amazonq\/latest\/qdeveloper-ug\/what-is.html (verify the exact URL path if AWS updates it)<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use Amazon Q Developer?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Faster delivery:<\/strong> Reduce time spent on boilerplate and routine coding tasks.<\/li>\n<li><strong>Better onboarding:<\/strong> New engineers can ask contextual questions (\u201cwhat does this module do?\u201d) and ramp faster.<\/li>\n<li><strong>Consistency:<\/strong> Teams can use a common assistant integrated into their standard IDEs.<\/li>\n<li><strong>Lower rework:<\/strong> Improved understanding and test generation can reduce defects that surface late.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Context-aware suggestions:<\/strong> Helps complete code based on local context (files you open, code you highlight, your prompt).<\/li>\n<li><strong>Multi-language productivity:<\/strong> Useful across application code, scripts, and infrastructure code (exact language support depends on integration\u2014verify).<\/li>\n<li><strong>Accelerates API usage:<\/strong> Helpful when working with AWS SDKs and services where correct patterns matter.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Standardized tooling:<\/strong> Integrates into existing developer environments; fewer context switches.<\/li>\n<li><strong>Repeatable workflows:<\/strong> Teams can bake \u201cprompt patterns\u201d into their internal playbooks (e.g., \u201cgenerate tests for this handler\u201d).<\/li>\n<li><strong>Reduced toil:<\/strong> Helps with mundane updates like renaming, refactoring, and writing docstrings.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security and compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enterprise access controls:<\/strong> With organization-managed identity, you can control who can use it.<\/li>\n<li><strong>Data handling controls:<\/strong> AWS provides service-specific commitments and controls; you must validate how prompts and code context are used and stored for your plan\/edition.<\/li>\n<li><strong>Auditability (indirect):<\/strong> While AI prompts themselves may not be fully auditable in the same way as API calls, enterprise provisioning and access changes can be governed; verify what\u2019s logged and where.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Scales with team size:<\/strong> Add users rather than provisioning GPU infrastructure.<\/li>\n<li><strong>No model hosting operations:<\/strong> Avoid running and patching self-hosted LLMs for general coding assistance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose Amazon Q Developer<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You build on AWS and want an assistant aligned with AWS developer workflows.<\/li>\n<li>You need developer productivity improvements without operating ML infrastructure.<\/li>\n<li>You want enterprise-friendly identity provisioning and centralized management options (verify plan features).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should not choose it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Air-gapped or offline development:<\/strong> If your environment can\u2019t reach the service endpoints, you need an offline alternative.<\/li>\n<li><strong>Highly regulated \u201cno code leaves workstation\u201d policies:<\/strong> If policy prohibits sending code snippets to any managed service, use a self-hosted solution.<\/li>\n<li><strong>Niche languages or uncommon toolchains:<\/strong> If your stack isn\u2019t supported, value may be limited.<\/li>\n<li><strong>You require deterministic outputs:<\/strong> AI assistance is probabilistic; you still need reviews, tests, and security checks.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is Amazon Q Developer used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Software\/SaaS<\/li>\n<li>Financial services (with stronger governance requirements)<\/li>\n<li>Healthcare and life sciences (privacy and compliance considerations)<\/li>\n<li>Retail and e-commerce<\/li>\n<li>Media and gaming<\/li>\n<li>Manufacturing and IoT<\/li>\n<li>Public sector (subject to environment constraints and approvals)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Application development teams (backend, frontend, mobile)<\/li>\n<li>Platform engineering teams<\/li>\n<li>DevOps\/SRE teams (automation, tooling, runbooks)<\/li>\n<li>Security engineering (secure coding guidance and remediation drafts)<\/li>\n<li>Data engineering (ETL scripts, SDK usage, pipeline code)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads and architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Microservices and serverless APIs (Lambda + API Gateway)<\/li>\n<li>Event-driven architectures (EventBridge, SQS, SNS, Kinesis)<\/li>\n<li>Containerized services (ECS\/EKS)<\/li>\n<li>Monolith modernization and incremental refactoring<\/li>\n<li>Infrastructure-as-code repositories (CloudFormation\/SAM\/CDK\/Terraform)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Real-world deployment contexts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Local development on laptops<\/strong> using IDE plugins.<\/li>\n<li><strong>Enterprise-managed desktops<\/strong> with centralized identity and permissioning.<\/li>\n<li><strong>CI-driven codebases<\/strong> where developers generate changes locally and pipelines validate.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Production vs dev\/test usage<\/h3>\n\n\n\n<p>Amazon Q Developer is primarily used <strong>during development<\/strong> and code maintenance, not directly \u201cin production.\u201d Its outputs affect production indirectly through:\n&#8211; Code changes that ship to production\n&#8211; Tests and refactors that improve reliability\n&#8211; Faster incident remediation via quicker code comprehension<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic ways teams use Amazon Q Developer in AWS-centric development.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Inline code completion for boilerplate<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Engineers repeatedly write handlers, DTOs, config structures, and glue code.<\/li>\n<li><strong>Why this fits:<\/strong> Inline suggestions reduce repetitive typing and keep focus in the editor.<\/li>\n<li><strong>Scenario:<\/strong> A developer writes a comment like \u201cparse SQS message body as JSON and validate required fields,\u201d then accepts a suggested function skeleton.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Explain unfamiliar code during onboarding<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> New team members struggle to understand legacy modules.<\/li>\n<li><strong>Why this fits:<\/strong> Chat can summarize code behavior and call out key paths.<\/li>\n<li><strong>Scenario:<\/strong> A new engineer highlights a complex authorization function and asks, \u201cExplain what this does and what inputs affect the output.\u201d<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Generate unit tests for existing functions<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Teams underinvest in tests due to time pressure.<\/li>\n<li><strong>Why this fits:<\/strong> Generates a starting point for tests and edge cases.<\/li>\n<li><strong>Scenario:<\/strong> An engineer asks for pytest tests for a Lambda handler, then refines assertions and adds fixtures.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Refactor code safely with guidance<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Refactors are risky and time-consuming.<\/li>\n<li><strong>Why this fits:<\/strong> Provides refactor suggestions and can draft step-by-step changes.<\/li>\n<li><strong>Scenario:<\/strong> Convert a deeply nested function into smaller functions and add error handling, then run existing tests.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Draft AWS SDK usage patterns<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Correct AWS SDK usage requires reading extensive docs.<\/li>\n<li><strong>Why this fits:<\/strong> Produces code snippets for common patterns, which you then validate.<\/li>\n<li><strong>Scenario:<\/strong> \u201cShow an example of uploading a file to S3 with boto3 and enabling server-side encryption.\u201d<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Troubleshoot exceptions and logs<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Engineers lose time mapping stack traces to likely causes.<\/li>\n<li><strong>Why this fits:<\/strong> Helps interpret error messages and propose fixes.<\/li>\n<li><strong>Scenario:<\/strong> Developer pastes a sanitized error: \u201cAccessDenied on kms:Decrypt\u201d and asks what IAM\/KMS policy changes are needed.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Improve documentation and comments<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Documentation is often outdated or missing.<\/li>\n<li><strong>Why this fits:<\/strong> Can generate docstrings and README sections from code.<\/li>\n<li><strong>Scenario:<\/strong> \u201cWrite a README section explaining how to run this SAM app locally and deploy to a dev account.\u201d<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Code review assistance (drafting feedback and fixes)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Reviewers spend time writing repetitive review comments.<\/li>\n<li><strong>Why this fits:<\/strong> Helps draft review notes and suggests improvements.<\/li>\n<li><strong>Scenario:<\/strong> \u201cReview this function for error handling and suggest improvements,\u201d then reviewer edits and posts final feedback.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Create scripts for operational tasks<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> SRE\/DevOps scripts are frequently one-off and rushed.<\/li>\n<li><strong>Why this fits:<\/strong> Quickly drafts scripts with logging and argument parsing.<\/li>\n<li><strong>Scenario:<\/strong> Generate a script that enumerates S3 buckets, checks encryption, and outputs a CSV (validate before running broadly).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Modernize small modules incrementally<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Modernization projects stall because teams can\u2019t rewrite everything.<\/li>\n<li><strong>Why this fits:<\/strong> Helps produce incremental PRs: add tests, refactor one module, add type hints.<\/li>\n<li><strong>Scenario:<\/strong> Add type hints to a Python package and refactor a single module while keeping behavior stable.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">11) Assist with infrastructure-as-code authoring<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Writing correct IaC takes time; mistakes are common.<\/li>\n<li><strong>Why this fits:<\/strong> Suggests templates and explains properties.<\/li>\n<li><strong>Scenario:<\/strong> Draft a minimal SAM template for API Gateway + Lambda with least-privilege IAM policies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">12) Generate \u201cfirst pass\u201d security improvements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Developers need help implementing secure defaults.<\/li>\n<li><strong>Why this fits:<\/strong> Can propose secure coding patterns (input validation, safer config loading).<\/li>\n<li><strong>Scenario:<\/strong> \u201cReplace hardcoded credentials with environment variables and show how to load from AWS Secrets Manager (without embedding secrets).\u201d<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<p>Feature availability can vary by IDE integration, operating system, and subscription plan. Always confirm the latest feature list in the official Amazon Q Developer documentation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Inline code suggestions (autocomplete)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Suggests code as you type based on surrounding context.<\/li>\n<li><strong>Why it matters:<\/strong> Saves time on boilerplate and common patterns.<\/li>\n<li><strong>Practical benefit:<\/strong> Faster iteration; fewer context switches.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Suggestions can be incorrect or non-idiomatic; always run tests and linters.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Chat-based coding assistant in the IDE<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Lets you ask questions and request code transformations in natural language.<\/li>\n<li><strong>Why it matters:<\/strong> Improves comprehension and speeds multi-step tasks.<\/li>\n<li><strong>Practical benefit:<\/strong> \u201cExplain,\u201d \u201crefactor,\u201d \u201cgenerate tests,\u201d \u201csuggest improvements.\u201d<\/li>\n<li><strong>Limitations\/caveats:<\/strong> You must avoid pasting secrets and validate output correctness.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Code explanation and summarization<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Produces readable explanations for functions\/classes\/modules.<\/li>\n<li><strong>Why it matters:<\/strong> Helps onboarding and maintenance.<\/li>\n<li><strong>Practical benefit:<\/strong> Faster code reviews and incident fixes.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Explanations may miss edge cases; validate against actual control flow.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Test generation assistance<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Drafts unit tests and test cases based on implementation or requirements.<\/li>\n<li><strong>Why it matters:<\/strong> Improves coverage and reduces regressions.<\/li>\n<li><strong>Practical benefit:<\/strong> Quick starting point, especially for legacy code.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Tests may assert the wrong behavior if the prompt is ambiguous\u2014review carefully.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Refactoring and transformation help<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Proposes structural code changes (extract method, rename, simplify).<\/li>\n<li><strong>Why it matters:<\/strong> Helps reduce technical debt.<\/li>\n<li><strong>Practical benefit:<\/strong> Smaller, safer refactor PRs.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Large refactors can exceed context limits; do it in increments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Integration with AWS developer workflows<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Works in AWS-aligned tooling (for example via AWS Toolkit) and assists with AWS-centric coding tasks.<\/li>\n<li><strong>Why it matters:<\/strong> Many teams need correct patterns for IAM, SDKs, retries, pagination, and error handling.<\/li>\n<li><strong>Practical benefit:<\/strong> Faster, more consistent AWS integration code.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Always validate against current AWS docs and SDK versions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Enterprise administration and access management (plan-dependent)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Enables centralized provisioning and policy control for teams.<\/li>\n<li><strong>Why it matters:<\/strong> Enterprises need control over who can use AI tooling.<\/li>\n<li><strong>Practical benefit:<\/strong> Scales adoption with governance.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Exact admin capabilities vary\u2014verify supported identity providers, provisioning model, and audit options.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Privacy and data controls (plan-dependent)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Provides settings and commitments about how prompts and code context are handled.<\/li>\n<li><strong>Why it matters:<\/strong> AI assistance must meet organizational data policies.<\/li>\n<li><strong>Practical benefit:<\/strong> Enables adoption in regulated environments when configured properly.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Carefully review AWS service terms and the product\u2019s data usage statements for your plan.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level architecture<\/h3>\n\n\n\n<p>At a high level, Amazon Q Developer works like this:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>A developer types in an IDE with the Amazon Q Developer integration enabled.<\/li>\n<li>The integration gathers <strong>local context<\/strong> (the text you\u2019re editing, files you\u2019ve opened, code you highlight, plus your prompt).<\/li>\n<li>The integration authenticates the user (individual identity or enterprise identity).<\/li>\n<li>The request is sent over HTTPS to the Amazon Q Developer service in AWS.<\/li>\n<li>The service returns a completion or chat response.<\/li>\n<li>The developer accepts, edits, or rejects the suggestion.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Request\/data\/control flow<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Control flow:<\/strong> Initiated by user actions (typing, invoking chat, selecting \u201cgenerate tests,\u201d etc.).<\/li>\n<li><strong>Data flow:<\/strong> Your prompt and relevant code context are sent to AWS for processing. What exactly is sent depends on the IDE integration and the action performed\u2014<strong>verify details in the official docs<\/strong>.<\/li>\n<li><strong>Response:<\/strong> The assistant returns code and\/or text. The user remains responsible for validation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related AWS services<\/h3>\n\n\n\n<p>Common integrations and touchpoints include:\n&#8211; <strong>AWS IAM \/ IAM Identity Center:<\/strong> User authentication and enterprise access.\n&#8211; <strong>AWS Toolkit (IDE extension):<\/strong> Often the delivery mechanism inside IDEs.\n&#8211; <strong>AWS CLI \/ SAM CLI \/ CDK:<\/strong> Used alongside Q Developer to build and deploy the code Q helps produce.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Internet connectivity to AWS endpoints<\/li>\n<li>IDE runtime environment (VS Code\/JetBrains\/others) and extension framework<\/li>\n<li>Organizational identity provider (optional), if using enterprise controls<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model (conceptual)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Individual:<\/strong> Sign-in using an individual identity supported by AWS tooling (often AWS Builder ID for personal use; verify current login options).<\/li>\n<li><strong>Enterprise:<\/strong> Organizational sign-in with IAM Identity Center and administrative assignment (verify exact setup steps and requirements).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Outbound HTTPS from developer workstation to AWS service endpoints.<\/li>\n<li>In enterprise networks, allowlisting and TLS inspection policies may affect connectivity.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Workstation logs:<\/strong> IDE extension logs can help troubleshoot connectivity and authentication.<\/li>\n<li><strong>Identity\/audit logs:<\/strong> Changes to user access and subscriptions may be logged in AWS (verify CloudTrail coverage for your specific actions and plan).<\/li>\n<li><strong>Governance:<\/strong> Define developer guidelines for acceptable use, prompt hygiene, and secret handling.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  Dev[Developer IDE\\n(Amazon Q Developer integration)] --&gt;|HTTPS + Auth| QSvc[Amazon Q Developer service (AWS)]\n  QSvc --&gt;|Suggestions + Chat responses| Dev\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  subgraph Org[Enterprise \/ Team Environment]\n    Dev1[Dev Workstation\\nVS Code \/ JetBrains]\n    Dev2[Dev Workstation\\nVS Code \/ JetBrains]\n    IdP[Corporate IdP]\n    IIC[IAM Identity Center]\n    Policies[Access policies\\n(groups\/assignments)]\n  end\n\n  subgraph AWS[AWS Account \/ AWS Cloud]\n    Q[Amazon Q Developer]\n    CloudTrail[CloudTrail (verify coverage)]\n    Repo[Git repo hosting\\n(GitHub\/GitLab\/CodeCommit)]\n    CICD[CI\/CD\\n(CodeBuild\/CodePipeline\/etc.)]\n    Deploy[Deployment targets\\n(Lambda\/ECS\/EKS\/etc.)]\n  end\n\n  Dev1 --&gt;|SSO\/Auth| IIC\n  Dev2 --&gt;|SSO\/Auth| IIC\n  IdP --&gt; IIC\n  Policies --&gt; IIC\n\n  Dev1 --&gt;|HTTPS requests| Q\n  Dev2 --&gt;|HTTPS requests| Q\n\n  Dev1 --&gt; Repo\n  Dev2 --&gt; Repo\n  Repo --&gt; CICD --&gt; Deploy\n\n  IIC -.audit\/admin events.-&gt; CloudTrail\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<p>Before you start using Amazon Q Developer, ensure you have the following.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Account\/subscription requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An AWS account for enterprise provisioning and billing (if using a paid plan).<\/li>\n<li>For personal use, you may be able to use an individual sign-in option supported by AWS tooling (often AWS Builder ID). <strong>Verify the current supported authentication methods in official docs.<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM roles<\/h3>\n\n\n\n<p>For the hands-on lab in this article (which deploys a small serverless app), you need permissions to:\n&#8211; Create and manage CloudFormation stacks\n&#8211; Create IAM roles used by Lambda\n&#8211; Create and update Lambda functions\n&#8211; (Optional) Create API Gateway resources if you choose that variant<\/p>\n\n\n\n<p>If you\u2019re in an organization, use least privilege and a dedicated dev account.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Amazon Q Developer may require a subscription for Pro\/enterprise features.<\/li>\n<li>The lab\u2019s AWS resources (Lambda, CloudWatch Logs, etc.) can incur small costs if you exceed free tier limits.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Tools needed (for the lab)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A supported IDE (example: Visual Studio Code)<\/li>\n<li>AWS Toolkit extension for your IDE (if that is the current integration path)<\/li>\n<li>Amazon Q Developer enabled within the toolkit\/extension<\/li>\n<li>AWS CLI (for deployment workflows)<\/li>\n<li>AWS SAM CLI (to build\/deploy the serverless app in the lab)<\/li>\n<li>Git (optional but recommended)<\/li>\n<li>Python 3.11+ (or your chosen runtime) for local testing<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Amazon Q Developer availability varies by Region and integration\u2014<strong>verify in official documentation<\/strong>.<\/li>\n<li>For the deployment lab, pick a Region where AWS Lambda and CloudFormation are available (most Regions).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits<\/h3>\n\n\n\n<p>Possible limits to consider:\n&#8211; Request limits (chat\/completions)\n&#8211; Context window limits (how much code\/text can be considered at once)\n&#8211; IDE integration constraints (file size, project size)<\/p>\n\n\n\n<p>Exact limits can change\u2014<strong>verify current quotas in official docs<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services<\/h3>\n\n\n\n<p>For the deployment portion of the lab:\n&#8211; AWS CloudFormation\n&#8211; AWS Lambda\n&#8211; Amazon CloudWatch Logs\n&#8211; AWS IAM<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<p>Amazon Q Developer pricing changes over time and can be plan-based. Use official sources for exact numbers.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Current pricing model (high-level)<\/h3>\n\n\n\n<p>Common pricing dimensions include:\n&#8211; <strong>Per-user subscription<\/strong> (monthly\/annual) for a \u201cPro\u201d or enterprise tier\n&#8211; <strong>Free tier \/ free usage<\/strong> for limited features or individuals (availability and limits vary)<\/p>\n\n\n\n<p>Always confirm:\n&#8211; What features are included in Free vs Pro\n&#8211; Any per-request or usage limits\n&#8211; Whether enterprise features require an AWS Organization and IAM Identity Center<\/p>\n\n\n\n<p>Official pricing page (verify the exact URL if AWS changes it):\n&#8211; https:\/\/aws.amazon.com\/q\/developer\/pricing\/<\/p>\n\n\n\n<p>AWS Pricing Calculator (for broader architecture costs):\n&#8211; https:\/\/calculator.aws\/#\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cost drivers<\/h3>\n\n\n\n<p>Direct cost drivers:\n&#8211; Number of licensed users (for paid tiers)\n&#8211; Subscription duration (monthly\/annual)\n&#8211; Edition\/plan (Free vs Pro\/enterprise)<\/p>\n\n\n\n<p>Indirect costs (often bigger than the subscription):\n&#8211; Additional AWS resources you deploy because development becomes faster (CI minutes, test environments, more frequent deployments)\n&#8211; Developer workstation time saved (positive business case, but not an AWS bill line item)\n&#8211; Network egress for related workflows (e.g., pulling dependencies, container images)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Hidden or easy-to-miss costs<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Multi-account environments:<\/strong> You may license users centrally, but they deploy into many accounts\u2014governance matters.<\/li>\n<li><strong>Logging and retention:<\/strong> If you generate more deployments\/tests, CloudWatch log volume may increase.<\/li>\n<li><strong>Build pipelines:<\/strong> Faster iteration may increase CodeBuild usage; set budgets.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network\/data transfer implications<\/h3>\n\n\n\n<p>Amazon Q Developer itself is accessed over the public internet via HTTPS. Typical developer usage does not create large data transfer bills, but enterprise networks may route traffic through proxies or inspection appliances.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Start with a small pilot group and measure productivity impact.<\/li>\n<li>Use the Free tier where it meets needs (if available for your use case).<\/li>\n<li>Standardize prompt patterns and code templates to reduce wasted requests.<\/li>\n<li>Use AWS Budgets for dev accounts to prevent surprise bills from the environments you deploy to.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (no fabricated prices)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Amazon Q Developer:<\/strong> Use Free tier (if eligible\/available) for a single developer.<\/li>\n<li><strong>AWS deployment lab:<\/strong> Keep to free-tier eligible services and delete stacks after testing.<\/li>\n<\/ul>\n\n\n\n<p>If you use Pro:\n&#8211; <strong>Monthly cost formula:<\/strong> <code>number_of_users \u00d7 (price per user-month for your plan)<\/code><br\/>\nUse the pricing page to fill in the actual per-user price.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations<\/h3>\n\n\n\n<p>In production organizations, the subscription is typically not the main cost. Expect cost to be dominated by:\n&#8211; CI\/CD build minutes\n&#8211; Test\/staging environments (ECS\/EKS\/Lambda\/API Gateway usage)\n&#8211; Observability (CloudWatch logs\/metrics, tracing)\n&#8211; Security tooling (if you add scanners, SBOM generation, etc.)<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<p>This lab keeps AWS costs low by deploying a small serverless function and using Amazon Q Developer inside your IDE to generate and refine the code and tests. You will still run real AWS deployment commands, and you will clean up everything at the end.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<p>Use <strong>Amazon Q Developer<\/strong> in an IDE to:\n1. Generate a Python AWS Lambda handler for a simple API.\n2. Generate unit tests for the handler.\n3. Deploy the app to AWS with AWS SAM.\n4. Validate the deployment.\n5. Clean up all resources.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will create a minimal \u201cnotes\u201d API with one endpoint:\n&#8211; <code>POST \/notes<\/code> with JSON body <code>{\"text\":\"hello\"}<\/code><br\/>\nIt returns <code>{\"id\":\"&lt;uuid&gt;\",\"text\":\"hello\"}<\/code>.<\/p>\n\n\n\n<p>To keep the lab minimal:\n&#8211; The function stores notes in memory (no database). This is intentionally not production-ready; it\u2019s just a safe, low-cost way to practice.\n&#8211; You can extend it later to DynamoDB (recommended as a follow-up).<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> A working Lambda + API Gateway endpoint deployed via SAM, with a small test suite you can run locally.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Install and verify tooling<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">1.1 Install prerequisites<\/h4>\n\n\n\n<p>Install:\n&#8211; Visual Studio Code\n&#8211; Python 3.11+\n&#8211; AWS CLI v2: https:\/\/docs.aws.amazon.com\/cli\/latest\/userguide\/getting-started-install.html\n&#8211; AWS SAM CLI: https:\/\/docs.aws.amazon.com\/serverless-application-model\/latest\/developerguide\/install-sam-cli.html<\/p>\n\n\n\n<p>Verify installs:<\/p>\n\n\n\n<pre><code class=\"language-bash\">python --version\naws --version\nsam --version\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> All commands return versions without errors.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1.2 Configure AWS credentials for deployment<\/h4>\n\n\n\n<p>Configure a dev AWS profile (recommended). Use the least-privilege approach in real orgs.<\/p>\n\n\n\n<pre><code class=\"language-bash\">aws configure --profile qdev-lab\n<\/code><\/pre>\n\n\n\n<p>Set:\n&#8211; AWS Access Key ID\n&#8211; AWS Secret Access Key\n&#8211; Default region (e.g., <code>us-east-1<\/code> or your preferred Region)\n&#8211; Output format (<code>json<\/code>)<\/p>\n\n\n\n<p>Verify identity:<\/p>\n\n\n\n<pre><code class=\"language-bash\">aws sts get-caller-identity --profile qdev-lab\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> You see your AWS Account and IAM principal.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1.3 Install AWS Toolkit \/ Amazon Q Developer integration<\/h4>\n\n\n\n<p>In VS Code:\n1. Open <strong>Extensions<\/strong>\n2. Install <strong>AWS Toolkit<\/strong> (official AWS extension)\n3. Ensure the toolkit includes or enables <strong>Amazon Q Developer<\/strong> features (the naming\/UI can change\u2014<strong>verify in the extension\u2019s current documentation and release notes<\/strong>)<\/p>\n\n\n\n<p>AWS Toolkit for VS Code:\n&#8211; https:\/\/docs.aws.amazon.com\/toolkit-for-vscode\/latest\/userguide\/welcome.html<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> You see AWS Toolkit in VS Code and an Amazon Q Developer entry point (icon\/panel\/command palette item).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Sign in to Amazon Q Developer in the IDE<\/h3>\n\n\n\n<p>In VS Code:\n1. Open the AWS Toolkit panel\n2. Choose the sign-in option for Amazon Q Developer (often:\n   &#8211; Individual sign-in for personal use, such as AWS Builder ID, or\n   &#8211; Organization-managed sign-in via IAM Identity Center)\n3. Complete the browser-based authentication flow<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> The toolkit shows you as authenticated, and Amazon Q Developer chat\/suggestions are available.<\/p>\n\n\n\n<p><strong>Verification steps:<\/strong>\n&#8211; Open the command palette and search for Amazon Q Developer commands (names vary; verify).\n&#8211; Open the chat panel and submit a simple question like:<br\/>\n  \u201cExplain what an AWS Lambda function is in one paragraph.\u201d<\/p>\n\n\n\n<p>If it answers, you\u2019re connected.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Create a new SAM application<\/h3>\n\n\n\n<p>Create a working folder:<\/p>\n\n\n\n<pre><code class=\"language-bash\">mkdir amazon-q-developer-lab\ncd amazon-q-developer-lab\n<\/code><\/pre>\n\n\n\n<p>Initialize a SAM project:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sam init \\\n  --name qdev-notes-api \\\n  --runtime python3.11 \\\n  --app-template hello-world \\\n  --no-interactive\n<\/code><\/pre>\n\n\n\n<p>Enter the project:<\/p>\n\n\n\n<pre><code class=\"language-bash\">cd qdev-notes-api\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> A SAM project scaffold is created (template + function code).<\/p>\n\n\n\n<p><strong>Verification:<\/strong>\n&#8211; You should see files like <code>template.yaml<\/code> and a function directory (names vary by SAM template).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Use Amazon Q Developer to generate the Lambda handler logic<\/h3>\n\n\n\n<p>Open the project folder in VS Code.<\/p>\n\n\n\n<p>Locate the Lambda handler file (commonly something like <code>hello_world\/app.py<\/code> or similar depending on the template).<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4.1 Replace the handler with a \u201cnotes\u201d handler<\/h4>\n\n\n\n<p>Use Amazon Q Developer chat with a prompt like:<\/p>\n\n\n\n<blockquote>\n<p>\u201cUpdate this Lambda handler to implement a POST \/notes endpoint via API Gateway proxy integration.<br\/>\nRequirements:<br\/>\n&#8211; Only allow POST.<br\/>\n&#8211; Parse JSON body with key &#8216;text&#8217;.<br\/>\n&#8211; Validate: text must be a non-empty string and &lt;= 280 chars.<br\/>\n&#8211; Return 201 and JSON: {id: <uuid4>, text: <text>}.<br\/>\n&#8211; Return 400 for validation errors with JSON: {error: <message>}.<br\/>\n&#8211; Return 405 for non-POST.<br\/>\n&#8211; Add basic structured logging (no secrets).<br\/>\nUse standard Python libraries only.\u201d<\/message><\/text><\/uuid4><\/p>\n<\/blockquote>\n\n\n\n<p>Apply the changes Amazon Q Developer suggests, but <strong>review carefully<\/strong>:\n&#8211; Ensure you import <code>json<\/code>, <code>uuid<\/code>, and use safe parsing.\n&#8211; Ensure you handle the possibility of <code>event.get(\"body\")<\/code> being <code>None<\/code>.\n&#8211; Consider whether <code>isBase64Encoded<\/code> handling is needed (optional for this lab).<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> The handler returns correct status codes and JSON responses.<\/p>\n\n\n\n<p><strong>Verification (quick local check):<\/strong>\nRun a Python syntax check (adjust path to your handler file):<\/p>\n\n\n\n<pre><code class=\"language-bash\">python -m py_compile hello_world\/app.py\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> No output (success). If there\u2019s a syntax error, fix it.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Use Amazon Q Developer to generate unit tests<\/h3>\n\n\n\n<p>Create a test directory:<\/p>\n\n\n\n<pre><code class=\"language-bash\">mkdir -p tests\n<\/code><\/pre>\n\n\n\n<p>Install pytest in a virtual environment:<\/p>\n\n\n\n<pre><code class=\"language-bash\">python -m venv .venv\n# macOS\/Linux\nsource .venv\/bin\/activate\n# Windows PowerShell (example)\n# .\\.venv\\Scripts\\Activate.ps1\n\npip install -U pip pytest\n<\/code><\/pre>\n\n\n\n<p>Now ask Amazon Q Developer chat:<\/p>\n\n\n\n<blockquote>\n<p>\u201cWrite pytest unit tests for my Lambda handler in hello_world\/app.py.<br\/>\nCover:<br\/>\n&#8211; POST with valid body returns 201 and contains id and text<br\/>\n&#8211; POST with empty text returns 400<br\/>\n&#8211; POST with missing body returns 400<br\/>\n&#8211; GET returns 405<br\/>\nUse deterministic testing by patching uuid4 if needed.\u201d<\/p>\n<\/blockquote>\n\n\n\n<p>Create <code>tests\/test_handler.py<\/code> with the generated tests and adjust imports as needed for your project structure.<\/p>\n\n\n\n<p>Run tests:<\/p>\n\n\n\n<pre><code class=\"language-bash\">pytest -q\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> Tests pass.<\/p>\n\n\n\n<p><strong>If tests fail:<\/strong> Use Amazon Q Developer to help diagnose:<\/p>\n\n\n\n<blockquote>\n<p>\u201cThese pytest failures occur. Explain why and propose the minimal fix.\u201d<br\/>\nPaste only the relevant failure output and sanitized code excerpts (no credentials).<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Build and run locally with SAM<\/h3>\n\n\n\n<p>Build:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sam build\n<\/code><\/pre>\n\n\n\n<p>Invoke locally with a simulated API Gateway event. Create <code>events\/post-note.json<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-bash\">mkdir -p events\ncat &gt; events\/post-note.json &lt;&lt;'EOF'\n{\n  \"version\": \"2.0\",\n  \"routeKey\": \"POST \/notes\",\n  \"rawPath\": \"\/notes\",\n  \"headers\": {\n    \"content-type\": \"application\/json\"\n  },\n  \"requestContext\": {\n    \"http\": {\n      \"method\": \"POST\",\n      \"path\": \"\/notes\"\n    }\n  },\n  \"body\": \"{\\\"text\\\":\\\"hello\\\"}\",\n  \"isBase64Encoded\": false\n}\nEOF\n<\/code><\/pre>\n\n\n\n<p>Invoke:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sam local invoke --event events\/post-note.json\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> A JSON response containing statusCode <code>201<\/code> and a body with <code>id<\/code> and <code>text<\/code>.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7: Deploy to AWS<\/h3>\n\n\n\n<p>Deploy guided using your profile:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sam deploy --guided --profile qdev-lab\n<\/code><\/pre>\n\n\n\n<p>Suggested guided answers:\n&#8211; Stack Name: <code>qdev-notes-api<\/code>\n&#8211; AWS Region: your chosen region\n&#8211; Confirm changes before deploy: <code>Y<\/code> (recommended)\n&#8211; Allow SAM to create IAM roles: <code>Y<\/code>\n&#8211; Save arguments to configuration file: <code>Y<\/code><\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> CloudFormation stack completes successfully and outputs an API endpoint URL (depending on template).<\/p>\n\n\n\n<p><strong>Verification:<\/strong>\nAfter deploy completes, SAM typically prints outputs. If you get an API URL, test it:<\/p>\n\n\n\n<pre><code class=\"language-bash\">curl -i -X POST \\\n  -H \"content-type: application\/json\" \\\n  -d '{\"text\":\"hello from aws\"}' \\\n  \"&lt;YOUR_API_URL&gt;\/notes\"\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> HTTP 201 with JSON body containing an id and your text.<\/p>\n\n\n\n<p>If your initial SAM template doesn\u2019t include an API Gateway resource, you have two options:\n&#8211; Update <code>template.yaml<\/code> to add an API event, or\n&#8211; Validate by invoking Lambda directly (less realistic but simpler)<\/p>\n\n\n\n<p>Ask Amazon Q Developer:<\/p>\n\n\n\n<blockquote>\n<p>\u201cUpdate my SAM template.yaml to expose POST \/notes via API Gateway HTTP API (or REST API) to my function.\u201d<\/p>\n<\/blockquote>\n\n\n\n<p>Then redeploy.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>You have successfully completed the lab if:\n&#8211; Amazon Q Developer is authenticated and responding in IDE chat\n&#8211; The Lambda handler code passes <code>python -m py_compile<\/code>\n&#8211; <code>pytest<\/code> passes locally\n&#8211; <code>sam local invoke<\/code> returns a <code>201<\/code> response for valid input\n&#8211; <code>sam deploy<\/code> succeeds and you can call the endpoint with <code>curl<\/code><\/p>\n\n\n\n<p>Recommended extra validation:\n&#8211; Check CloudWatch Logs for the Lambda function log group and confirm you see your structured logs (without sensitive data).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: Amazon Q Developer chat\/suggestions do not appear<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Confirm AWS Toolkit is installed and enabled.<\/li>\n<li>Confirm you completed sign-in for Amazon Q Developer (not just AWS credentials).<\/li>\n<li>Check the extension output logs in VS Code (View \u2192 Output \u2192 select AWS Toolkit).<\/li>\n<li>Corporate proxy\/TLS inspection can break authentication flows; try a different network or adjust proxy settings.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: \u201cAccessDenied\u201d during SAM deploy<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Your IAM user\/role lacks permissions (CloudFormation\/IAM\/Lambda).<\/li>\n<li>Use a dedicated dev role with appropriate permissions.<\/li>\n<li>Verify you used the correct AWS profile: <code>--profile qdev-lab<\/code>.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: SAM local invoke fails<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ensure Docker is installed and running (SAM local often requires Docker).<\/li>\n<li>Confirm the event JSON matches the handler expectation.<\/li>\n<li>Ask Amazon Q Developer:<br\/>\n  \u201cGiven this Lambda event payload, update my handler to parse it correctly.\u201d<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: Tests fail due to import paths<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Adjust <code>PYTHONPATH<\/code> or import logic for your project structure.<\/li>\n<li>Keep tests simple: import the handler function directly if possible.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>Delete the deployed stack to avoid ongoing charges:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sam delete --stack-name qdev-notes-api --profile qdev-lab\n<\/code><\/pre>\n\n\n\n<p>Also consider:\n&#8211; Removing local <code>.venv<\/code> directory if desired\n&#8211; Deleting the local project folder<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> CloudFormation stack is deleted and resources are removed.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Keep AI-generated changes small:<\/strong> Prefer small PRs with clear intent; avoid huge unreviewable diffs.<\/li>\n<li><strong>Use tests as the contract:<\/strong> Always pair AI-generated code with unit tests and integration tests.<\/li>\n<li><strong>Prefer proven AWS patterns:<\/strong> For AWS services, validate against official AWS docs and SDK examples.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Never paste secrets into prompts:<\/strong> Treat prompts as sensitive inputs.<\/li>\n<li><strong>Use least privilege for deployments:<\/strong> Separate \u201cdeveloper assistant usage\u201d from \u201cdeployment permissions.\u201d<\/li>\n<li><strong>Use IAM Identity Center for enterprises:<\/strong> Centralize access and reduce unmanaged credentials.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Pilot with a few developers; measure impact before scaling licenses.<\/li>\n<li>Use AWS Budgets for dev\/test accounts to control increased iteration\/deployment velocity.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Provide focused context: highlight a function or a file rather than asking for broad repo-wide changes.<\/li>\n<li>Ask for incremental refactors: \u201cRefactor this function in two steps\u201d reduces mistakes.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Require CI to pass before merging AI-assisted changes.<\/li>\n<li>Add regression tests when Q Developer suggests code changes in critical paths.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Standardize \u201cprompt recipes\u201d for recurring tasks (tests, handler patterns, logging format).<\/li>\n<li>Capture troubleshooting patterns in runbooks (\u201cIf AccessDenied: check role policy + KMS key policy\u201d).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>For deployed lab\/prototypes, use consistent stack naming (<code>team-app-env<\/code>) and tag resources:<\/li>\n<li><code>Owner<\/code>, <code>Team<\/code>, <code>Environment<\/code>, <code>CostCenter<\/code><\/li>\n<li>Establish guidelines for acceptable use and data handling.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<p>Amazon Q Developer changes how code is written, which changes your threat model. Secure adoption needs both technical controls and process controls.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Individual use:<\/strong> Users authenticate via supported personal identity flow.<\/li>\n<li><strong>Enterprise use:<\/strong> Prefer IAM Identity Center to manage access and offboarding.<\/li>\n<li><strong>Key principle:<\/strong> Access to Q Developer should be treated like access to a senior engineer\u2019s suggestions\u2014helpful but not authoritative.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>In transit: Requests are sent over TLS (HTTPS).<\/li>\n<li>At rest: AWS manages service-side storage and encryption as defined by the service\u2019s security documentation. <strong>Verify specifics for data retention, if any.<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Requires outbound connectivity to AWS endpoints.<\/li>\n<li>Enterprises may need:<\/li>\n<li>Proxy configuration<\/li>\n<li>Allowlisting<\/li>\n<li>Egress monitoring<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<p>Common mistakes:\n&#8211; Pasting API keys, database passwords, private keys, session tokens\n&#8211; Pasting entire <code>.env<\/code> files or CI secrets\n&#8211; Including customer PII in prompts<\/p>\n\n\n\n<p>Recommendations:\n&#8211; Sanitize inputs (remove secrets\/PII).\n&#8211; Use placeholders: <code>DB_PASSWORD=&lt;redacted&gt;<\/code>.\n&#8211; Prefer pointing the assistant to interfaces rather than real credentials.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Track enterprise provisioning and permission changes through AWS governance tools (verify CloudTrail events for your administrative actions).<\/li>\n<li>Use source control and CI logs as the authoritative record of what changed and why.<\/li>\n<li>Keep PR templates requiring:<\/li>\n<li>\u201cAI-assisted?\u201d checkbox<\/li>\n<li>Tests added\/updated<\/li>\n<li>Security considerations noted<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Review AWS service terms and data usage statements for Amazon Q Developer.<\/li>\n<li>Align with internal policies (SOC 2, ISO 27001, HIPAA, PCI, etc.) as applicable.<\/li>\n<li>If your policy requires strict data residency, verify Regional processing and any data movement.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use Q Developer to draft code, but enforce:<\/li>\n<li>Static analysis (linters, SAST)<\/li>\n<li>Dependency scanning<\/li>\n<li>Code review by humans<\/li>\n<li>CI policy gates<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<p>Because Amazon Q Developer is an AI assistant integrated into developer workflows, limitations often show up as workflow friction rather than classic \u201cservice limits.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Known limitation patterns<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Non-deterministic output:<\/strong> The same prompt can yield different results.<\/li>\n<li><strong>Context limits:<\/strong> Large repos or long files can exceed what the assistant considers at one time.<\/li>\n<li><strong>Hallucinated APIs or parameters:<\/strong> It can invent function names or AWS SDK parameters\u2014verify against docs.<\/li>\n<li><strong>License\/compliance concerns:<\/strong> If it produces code similar to known snippets, your organization may require review. (Follow AWS guidance and your legal process.)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas and rate limiting<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Chat or completion requests can be rate-limited.<\/li>\n<li>Free tier may have lower limits than paid tiers.<\/li>\n<li>Verify current quotas in official docs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Regional constraints<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Availability can vary. Some integrations may default to certain Regions.<\/li>\n<li>Verify Region behavior, especially for regulated workloads.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing surprises<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The subscription cost is predictable; the surprise is often <strong>increased usage of dev\/test AWS resources<\/strong> due to faster iteration.<\/li>\n<li>Guardrails: budgets, quotas, scheduled teardown for ephemeral environments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compatibility issues<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IDE version mismatches can break plugins.<\/li>\n<li>Corporate endpoint protection or proxy settings can interfere with sign-in.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational gotchas<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Developers may over-trust suggestions. Require tests and review.<\/li>\n<li>Teams may paste sensitive log lines or config files into chat. Train for prompt hygiene.<\/li>\n<li>If you use multiple AWS accounts, ensure developers don\u2019t accidentally deploy to production.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Migration challenges (from CodeWhisperer)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Older docs, UI labels, and workflows may reference CodeWhisperer.<\/li>\n<li>Some features may have moved tiers or changed names. Validate with current docs before standardizing a process.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<p>Amazon Q Developer lives in the \u201cAI coding assistant\u201d space. Your choice depends on governance, ecosystem fit, IDE support, and cost model.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Comparison table<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Amazon Q Developer (AWS)<\/strong><\/td>\n<td>AWS-centric teams wanting managed AI assistance in developer tooling<\/td>\n<td>AWS ecosystem alignment, enterprise identity options, IDE integration via AWS tooling<\/td>\n<td>Feature availability varies by plan\/IDE; requires connectivity and governance<\/td>\n<td>You build heavily on AWS and want centralized management<\/td>\n<\/tr>\n<tr>\n<td>GitHub Copilot<\/td>\n<td>GitHub-centric development and broad IDE adoption<\/td>\n<td>Strong IDE support, widely adopted, good general coding assistance<\/td>\n<td>Enterprise governance depends on plan; ecosystem not AWS-specific<\/td>\n<td>You want a widely-used assistant across many stacks<\/td>\n<\/tr>\n<tr>\n<td>Google Gemini Code Assist (Google Cloud)<\/td>\n<td>Google Cloud-centric orgs<\/td>\n<td>Tight GCP alignment; enterprise options<\/td>\n<td>Not AWS-aligned; toolchain differences<\/td>\n<td>You are standardized on GCP<\/td>\n<\/tr>\n<tr>\n<td>Microsoft IntelliCode \/ Visual Studio AI features<\/td>\n<td>.NET-heavy teams in Microsoft ecosystem<\/td>\n<td>Great for Visual Studio workflows<\/td>\n<td>Less cross-language breadth than dedicated assistants<\/td>\n<td>You\u2019re primarily .NET\/Visual Studio and want built-in tooling<\/td>\n<\/tr>\n<tr>\n<td>Self-hosted LLM (Code Llama, StarCoder, etc.)<\/td>\n<td>Air-gapped, strict data control environments<\/td>\n<td>Full control over data and hosting<\/td>\n<td>High ops cost; model quality varies; infra\/GPU management<\/td>\n<td>You cannot send code to managed services<\/td>\n<\/tr>\n<tr>\n<td>AWS CodeGuru Reviewer (AWS)<\/td>\n<td>Automated code reviews (not an interactive assistant)<\/td>\n<td>Static recommendations and analysis style guidance<\/td>\n<td>Not a conversational coding assistant; different purpose<\/td>\n<td>You want automated review insights in CI rather than IDE chat<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<p><strong>Note:<\/strong> Amazon Q Developer is distinct from <strong>Amazon Q Business<\/strong>, which focuses on business Q&amp;A and enterprise knowledge. Keep scope clear when evaluating.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example: Financial services platform team<\/h3>\n\n\n\n<p><strong>Problem<\/strong>\nA bank\u2019s platform team supports 200+ engineers building microservices on AWS. Developers struggle with:\n&#8211; Consistent error handling and logging\n&#8211; Correct IAM usage patterns\n&#8211; Slow onboarding to internal frameworks\n&#8211; Rising operational incidents due to inconsistent coding practices<\/p>\n\n\n\n<p><strong>Proposed architecture<\/strong>\n&#8211; Amazon Q Developer enabled for developer IDEs via enterprise identity (IAM Identity Center)\n&#8211; Standard prompt playbooks for:\n  &#8211; \u201cGenerate handler with structured logs + correlation IDs\u201d\n  &#8211; \u201cAdd retries\/backoff for AWS SDK calls\u201d\n  &#8211; \u201cWrite unit tests + contract tests\u201d\n&#8211; CI gates:\n  &#8211; Linting, tests, SAST, dependency scanning\n&#8211; Multi-account AWS environment:\n  &#8211; Dedicated sandbox accounts for experimentation\n  &#8211; Strict separation from production<\/p>\n\n\n\n<p><strong>Why Amazon Q Developer was chosen<\/strong>\n&#8211; Strong alignment with AWS developer workflows\n&#8211; Central access management and scalable onboarding\n&#8211; Reduces repetitive coding and documentation burden<\/p>\n\n\n\n<p><strong>Expected outcomes<\/strong>\n&#8211; Faster onboarding (measured by time-to-first-PR)\n&#8211; Improved baseline test coverage\n&#8211; Fewer incidents caused by common coding mistakes\n&#8211; Better consistency across services (logging, error handling patterns)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example: 6-person SaaS building on serverless<\/h3>\n\n\n\n<p><strong>Problem<\/strong>\nA small team builds a serverless API and ships quickly, but:\n&#8211; Tests lag behind features\n&#8211; Refactoring is delayed\n&#8211; Developers context-switch between docs and code constantly<\/p>\n\n\n\n<p><strong>Proposed architecture<\/strong>\n&#8211; Amazon Q Developer in VS Code for all developers\n&#8211; Use the assistant primarily for:\n  &#8211; Unit test generation\n  &#8211; README updates\n  &#8211; AWS SDK snippet drafting\n&#8211; Simple governance:\n  &#8211; No secrets in prompts\n  &#8211; Mandatory PR review + CI tests<\/p>\n\n\n\n<p><strong>Why Amazon Q Developer was chosen<\/strong>\n&#8211; Quick setup with minimal operational overhead\n&#8211; Low friction compared to hosting a self-managed model\n&#8211; Useful for increasing test coverage without hiring immediately<\/p>\n\n\n\n<p><strong>Expected outcomes<\/strong>\n&#8211; Faster feature delivery with fewer regressions\n&#8211; Higher test coverage over time\n&#8211; Reduced time spent reading SDK docs for common tasks<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<p>1) <strong>Is Amazon Q Developer the same as Amazon CodeWhisperer?<\/strong><br\/>\nAmazon CodeWhisperer was renamed\/evolved into Amazon Q Developer. If you used CodeWhisperer before, verify what changed in features, tiers, and setup in current docs.<\/p>\n\n\n\n<p>2) <strong>Is Amazon Q Developer the same as Amazon Q Business?<\/strong><br\/>\nNo. Amazon Q Developer focuses on developer tasks (coding in IDEs and developer workflows). Amazon Q Business focuses on business Q&amp;A over enterprise knowledge sources.<\/p>\n\n\n\n<p>3) <strong>Do I need an AWS account to use Amazon Q Developer?<\/strong><br\/>\nFor paid\/enterprise usage, yes (for billing and admin). For individual usage, there may be sign-in options supported by AWS developer tooling. Verify current authentication methods in official docs.<\/p>\n\n\n\n<p>4) <strong>Which IDEs are supported?<\/strong><br\/>\nSupport changes over time. Common targets include VS Code and JetBrains IDEs, possibly others. Check the official Amazon Q Developer documentation and the AWS Toolkit docs for the current list.<\/p>\n\n\n\n<p>5) <strong>Which programming languages are supported?<\/strong><br\/>\nIt supports many popular languages, but exact support depends on the integration and feature (completion vs chat vs scans). Verify the language list in the docs.<\/p>\n\n\n\n<p>6) <strong>Will Amazon Q Developer write production-ready code?<\/strong><br\/>\nIt can draft helpful code, but you must treat output as a starting point. You still need code review, tests, security checks, and validation against requirements.<\/p>\n\n\n\n<p>7) <strong>Can I use Amazon Q Developer for infrastructure-as-code?<\/strong><br\/>\nYes, it can help draft or explain IaC, but you must validate generated templates against service documentation and organizational standards.<\/p>\n\n\n\n<p>8) <strong>Does it understand my whole repository?<\/strong><br\/>\nUsually it works from the context you provide (open files, selected code, prompt). There are limits to context size\u2014expect to work in focused chunks.<\/p>\n\n\n\n<p>9) <strong>Can I restrict who in my company can use it?<\/strong><br\/>\nIn enterprise setups, you typically can manage access through centralized identity and assignments. Verify the admin model in the official docs for your plan.<\/p>\n\n\n\n<p>10) <strong>Is my code used to train models?<\/strong><br\/>\nAWS provides service-specific statements and controls that may differ by plan\/edition. Review the Amazon Q Developer documentation and terms for the most accurate and current answer.<\/p>\n\n\n\n<p>11) <strong>Does it log my prompts for auditing?<\/strong><br\/>\nAuditability varies. You can always audit the final code changes in source control. For prompt-level logging, verify what the product provides and what your organization requires.<\/p>\n\n\n\n<p>12) <strong>Can I use it in an air-gapped environment?<\/strong><br\/>\nGenerally no; it requires network connectivity to AWS service endpoints. If you must be offline, consider a self-hosted model.<\/p>\n\n\n\n<p>13) <strong>How do I prevent developers from pasting secrets into chat?<\/strong><br\/>\nUse policy and training, plus technical measures (secret scanners in pre-commit\/CI, IDE security tooling, and strong incident response). Assume humans will make mistakes and add layered controls.<\/p>\n\n\n\n<p>14) <strong>Does Amazon Q Developer replace code review?<\/strong><br\/>\nNo. It can accelerate coding, but human review remains critical for correctness, security, and maintainability.<\/p>\n\n\n\n<p>15) <strong>What\u2019s the best way to measure ROI?<\/strong><br\/>\nTrack:\n&#8211; Lead time to change\n&#8211; PR cycle time\n&#8211; Defect rate \/ escaped defects\n&#8211; Onboarding time\n&#8211; Test coverage improvements<br\/>\nRun a pilot, set baselines, then compare.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn Amazon Q Developer<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official documentation<\/td>\n<td>Amazon Q Developer User Guide: https:\/\/docs.aws.amazon.com\/amazonq\/latest\/qdeveloper-ug\/<\/td>\n<td>Primary source for setup, features, limitations, and security notes<\/td>\n<\/tr>\n<tr>\n<td>Official product page<\/td>\n<td>Amazon Q Developer overview: https:\/\/aws.amazon.com\/q\/developer\/<\/td>\n<td>High-level feature and positioning summary<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>Amazon Q Developer pricing: https:\/\/aws.amazon.com\/q\/developer\/pricing\/<\/td>\n<td>Authoritative pricing tiers and billing model<\/td>\n<\/tr>\n<tr>\n<td>AWS Toolkit docs<\/td>\n<td>AWS Toolkit for VS Code: https:\/\/docs.aws.amazon.com\/toolkit-for-vscode\/latest\/userguide\/welcome.html<\/td>\n<td>Practical steps to install, sign in, and troubleshoot IDE integration<\/td>\n<\/tr>\n<tr>\n<td>Getting started (official)<\/td>\n<td>\u201cGetting started\u201d section in the Q Developer docs (navigate from the User Guide)<\/td>\n<td>Current onboarding flow and prerequisites<\/td>\n<\/tr>\n<tr>\n<td>AWS SAM docs<\/td>\n<td>AWS SAM Developer Guide: https:\/\/docs.aws.amazon.com\/serverless-application-model\/latest\/developerguide\/what-is-sam.html<\/td>\n<td>Helps you deploy the lab safely and correctly<\/td>\n<\/tr>\n<tr>\n<td>AWS CLI docs<\/td>\n<td>AWS CLI User Guide: https:\/\/docs.aws.amazon.com\/cli\/latest\/userguide\/<\/td>\n<td>Essential for identity verification and automation<\/td>\n<\/tr>\n<tr>\n<td>AWS Architecture Center<\/td>\n<td>https:\/\/aws.amazon.com\/architecture\/<\/td>\n<td>Patterns and reference architectures you can apply to code generated with assistance<\/td>\n<\/tr>\n<tr>\n<td>AWS YouTube<\/td>\n<td>AWS YouTube channel: https:\/\/www.youtube.com\/@amazonwebservices<\/td>\n<td>Talks, demos, and launch videos (search for \u201cAmazon Q Developer\u201d)<\/td>\n<\/tr>\n<tr>\n<td>Trusted samples<\/td>\n<td>AWS Samples GitHub: https:\/\/github.com\/aws-samples<\/td>\n<td>Reference projects to compare against AI-generated patterns<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Institute<\/th>\n<th>Suitable Audience<\/th>\n<th>Likely Learning Focus<\/th>\n<th>Mode<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>Developers, DevOps engineers, SREs, platform teams<\/td>\n<td>AWS DevOps, automation, cloud-native practices, toolchains that may include developer-assistant workflows<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>ScmGalaxy.com<\/td>\n<td>Beginners to intermediate engineers<\/td>\n<td>SCM, CI\/CD, DevOps fundamentals, practical labs<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n<tr>\n<td>CLoudOpsNow.in<\/td>\n<td>Cloud operations and platform roles<\/td>\n<td>Cloud operations, monitoring, reliability, operational readiness<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.cloudopsnow.in\/<\/td>\n<\/tr>\n<tr>\n<td>SreSchool.com<\/td>\n<td>SREs, operations, platform engineers<\/td>\n<td>Reliability engineering, incident response, observability, automation<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.sreschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>AiOpsSchool.com<\/td>\n<td>Ops teams adopting AI for operations<\/td>\n<td>AIOps concepts, automation, event correlation, operational tooling<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Platform\/Site<\/th>\n<th>Likely Specialization<\/th>\n<th>Suitable Audience<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>RajeshKumar.xyz<\/td>\n<td>DevOps \/ cloud training content (verify current offerings)<\/td>\n<td>Engineers seeking practical DevOps\/cloud guidance<\/td>\n<td>https:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n<tr>\n<td>devopstrainer.in<\/td>\n<td>DevOps training resources (verify scope)<\/td>\n<td>Beginners to intermediate DevOps learners<\/td>\n<td>https:\/\/www.devopstrainer.in\/<\/td>\n<\/tr>\n<tr>\n<td>devopsfreelancer.com<\/td>\n<td>Freelance DevOps services\/training platform (verify current services)<\/td>\n<td>Teams or individuals looking for external DevOps expertise<\/td>\n<td>https:\/\/www.devopsfreelancer.com\/<\/td>\n<\/tr>\n<tr>\n<td>devopssupport.in<\/td>\n<td>DevOps support and learning resources (verify scope)<\/td>\n<td>Teams needing ops support and practical troubleshooting help<\/td>\n<td>https:\/\/www.devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Company Name<\/th>\n<th>Likely Service Area<\/th>\n<th>Where They May Help<\/th>\n<th>Consulting Use Case Examples<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>cotocus.com<\/td>\n<td>Cloud\/DevOps consulting (verify exact portfolio)<\/td>\n<td>Cloud adoption, DevOps pipelines, operational maturity<\/td>\n<td>Standing up CI\/CD, improving deployment reliability, governance for dev tooling<\/td>\n<td>https:\/\/cotocus.com\/<\/td>\n<\/tr>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps consulting and training (verify exact offerings)<\/td>\n<td>DevOps transformation, skills enablement, tooling<\/td>\n<td>Implementing CI\/CD, platform engineering practices, developer productivity initiatives<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>DEVOPSCONSULTING.IN<\/td>\n<td>DevOps consulting (verify exact portfolio)<\/td>\n<td>DevOps processes, automation, operational readiness<\/td>\n<td>Pipeline standardization, IaC adoption, monitoring\/logging setup<\/td>\n<td>https:\/\/www.devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before Amazon Q Developer<\/h3>\n\n\n\n<p>To get real value, you should already know:\n&#8211; One programming language well (Python\/Java\/TypeScript, etc.)\n&#8211; Git fundamentals (branching, PRs, code reviews)\n&#8211; Unit testing basics (pytest\/JUnit\/Jest)\n&#8211; AWS fundamentals:\n  &#8211; IAM (users\/roles\/policies)\n  &#8211; VPC basics (even for serverless teams)\n  &#8211; CloudWatch Logs\n  &#8211; Core compute (Lambda, containers, or EC2)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after Amazon Q Developer<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Secure software supply chain:<\/li>\n<li>Dependency scanning, SBOM concepts, SAST\/DAST<\/li>\n<li>Advanced AWS architecture:<\/li>\n<li>Event-driven design, retries, idempotency<\/li>\n<li>Observability (metrics, logs, tracing)<\/li>\n<li>Platform engineering:<\/li>\n<li>Golden paths, internal developer platforms<\/li>\n<li>Governance for AI tooling:<\/li>\n<li>Prompt hygiene standards<\/li>\n<li>Data classification and handling procedures<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Software Engineer (backend\/frontend\/full-stack)<\/li>\n<li>DevOps Engineer<\/li>\n<li>SRE \/ Reliability Engineer<\/li>\n<li>Cloud Engineer \/ Platform Engineer<\/li>\n<li>Security Engineer (secure coding enablement)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (AWS)<\/h3>\n\n\n\n<p>Amazon Q Developer is a developer tool, not a certification by itself. Practical adjacent AWS certifications include:\n&#8211; AWS Certified Developer \u2013 Associate\n&#8211; AWS Certified SysOps Administrator \u2013 Associate\n&#8211; AWS Certified Solutions Architect \u2013 Associate\/Professional\n&#8211; AWS Certified DevOps Engineer \u2013 Professional<\/p>\n\n\n\n<p>Verify current certification names\/versions here:\n&#8211; https:\/\/aws.amazon.com\/certification\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Extend the lab to use <strong>DynamoDB<\/strong> for persistence (add IAM least privilege).<\/li>\n<li>Add a second endpoint: <code>GET \/notes\/{id}<\/code> and write contract tests.<\/li>\n<li>Add CI (GitHub Actions or AWS CodeBuild) to run tests and linting on PRs.<\/li>\n<li>Add structured logging + correlation IDs and a CloudWatch dashboard.<\/li>\n<li>Add rate limiting and validation at API Gateway and application layers.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Amazon Q Developer:<\/strong> AWS developer assistant that provides AI-powered code suggestions and chat-based help in developer workflows.<\/li>\n<li><strong>AWS Toolkit:<\/strong> IDE extension (for example in VS Code) that integrates AWS services and can provide access to Amazon Q Developer features.<\/li>\n<li><strong>AWS SAM (Serverless Application Model):<\/strong> Framework for building serverless applications with CloudFormation templates and CLI tooling.<\/li>\n<li><strong>AWS CLI:<\/strong> Command line tool for interacting with AWS services.<\/li>\n<li><strong>IAM (Identity and Access Management):<\/strong> AWS service for permissions management.<\/li>\n<li><strong>IAM Identity Center:<\/strong> AWS service for workforce identity federation and centralized access management (formerly AWS SSO).<\/li>\n<li><strong>Least privilege:<\/strong> Security principle of granting only the minimum permissions required.<\/li>\n<li><strong>API Gateway proxy integration:<\/strong> Pattern where API Gateway forwards request details to Lambda in an event payload.<\/li>\n<li><strong>Context window:<\/strong> The amount of text\/code the assistant can consider at once for generating an answer.<\/li>\n<li><strong>Prompt hygiene:<\/strong> Practices to avoid including secrets, PII, or unnecessary sensitive data in AI prompts.<\/li>\n<li><strong>CI\/CD:<\/strong> Continuous integration and delivery\/deployment; automated build\/test\/release pipelines.<\/li>\n<li><strong>CloudFormation stack:<\/strong> A set of AWS resources managed together as a unit by AWS CloudFormation.<\/li>\n<li><strong>CloudWatch Logs:<\/strong> AWS logging service commonly used for Lambda and application logs.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p>Amazon Q Developer is an AWS <strong>Developer tools<\/strong> service that brings AI-assisted coding into your IDE to help you write, understand, refactor, and test code faster.<\/p>\n\n\n\n<p>It matters because it reduces day-to-day developer toil (boilerplate, debugging, documentation, test scaffolding) while offering an adoption path that can align with enterprise identity and governance.<\/p>\n\n\n\n<p>Architecturally, it sits in the developer workflow: IDE integration \u2192 authenticated requests \u2192 AWS-managed AI service \u2192 suggestions and chat responses. It doesn\u2019t replace CI, code review, or security controls; it accelerates the work that feeds those controls.<\/p>\n\n\n\n<p>Cost is typically plan-based (Free vs Pro\/enterprise), with the biggest indirect cost driver being the extra dev\/test infrastructure teams may spin up as they iterate faster. Security-wise, the main risks are prompt data exposure and over-trusting outputs\u2014mitigate with least privilege, training, and CI gates.<\/p>\n\n\n\n<p>Use Amazon Q Developer when you want AWS-aligned AI assistance with minimal operational overhead. Next step: complete the hands-on lab, then extend it with DynamoDB persistence and CI validation to practice production-grade patterns.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Developer tools<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,18],"tags":[],"class_list":["post-206","post","type-post","status-publish","format-standard","hentry","category-aws","category-developer-tools"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/206","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=206"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/206\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=206"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=206"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=206"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}