Delve into the depths of Amazon CodeWhisperer

Bhuvaneswari Subramani - Mar 1 - - Dev Community

In continuation to the blog AI-led development - Balancing risk with innovation, here you go with the deep dive of AI-powered code companion, Amazon CodeWhisperer. It offers an in-depth exploration of CodeWhisperer's features and capabilities, aiming to provide developers with a thorough understanding of how it can elevate their coding experience and productivity.

Table of Contents

Customer Challenges

Building reliable and secure code quickly presents challenges due to various factors, including:

  • Limited availability of developers
  • Ensuring data privacy
  • Time spent on repetitive, non-unique code
  • Proper utilisation of open-source software
  • Time invested in learning new technologies, APIs, and best practices
  • Writing code that is secure
  • Writing Test case improvement

Amazon CodeWhisperer

Go build applications faster and more securely with your AI coding companions

  • Generate code suggestions in real time
  • Scan code for hard-to-find vulnerabilities
  • Flag code that resembles open-source training data or filter by default

Amazon ran a productivity challenge, and participants who used CodeWhisperer were 27% more likely to complete the tasks successfully and did so an average of 57% faster than those who did not use CodeWhisperer.

Note: CodeWhisperer comes built in with AWS Cloud9, the AWS Lambda console, Amazon SageMaker Studio, Amazon Glue Studio and is also available as extensions to popular IDEs including Visual Studio Code, IntelliJ, PyCharm etc.
Use code generation with the following tools to build applications faster and more securely with your AI coding companion

Image description

Key Pointers

Here are key points about Amazon CodeWhisperer:

  • Real-time Code Suggestions: Provides developers with context-aware code suggestions and best practices in real-time.
  • Developer Ownership: Developers own the code they write, including suggestions provided by CodeWhisperer.
  • Enhanced Security: CodeWhisperer provides code suggestions based on the pre-trained data which are analyzed for security vulnerabilities but that does mean that it is totally free from vulnerabilities. It is recommended to scan Python, Java, and JavaScript projects with CodeWhisperer's built-in code scanning feature.
  • Integration with Major IDEs: Works seamlessly with popular IDEs like JetBrains, Visual Studio Code, and AWS Cloud9.
  • Improves Developer Productivity: Helps developers write code faster and more efficiently, reducing time spent on troubleshooting.
  • Support for Multiple Languages: Supports languages like Python, Java, and JavaScript, making it versatile for various development projects.
  • Native Integration with AWS Lambda Console: Available as a native code suggestion feature in the AWS Lambda console.
  • Results from Productivity Challenge: Participants using CodeWhisperer were 27% more likely to complete tasks successfully and did so 57% faster than those who did not use it.
  • Focus on Quality and Security: By addressing code quality and security issues early, developers can improve overall application quality and security while increasing development speed.

Privacy with CodeWhisperer Generated Content

  • CodeWhisperer Individual uses your content, such as code snippets, comments, cursor location, and contents from files open in the IDE as inputs to provide code suggestions. You can opt out of allowing AWS to store and use your content for service improvement by adjusting the "Share CodeWhisperer Content with AWS" setting in the AWS Toolkit in the IDE
  • Individual tier users can opt out to include suggestions with code references with checkbox from IDE (Visual Studio, Visual Studio Code, and JetBrains)
  • Content processed by Amazon CodeWhisperer Professional, such as code snippets, comments, and contents from files open in the IDE, is not stored or used to train the model
  • Professional Tier users can control this setting via IAM Identity Center. For multi-accounts, once enabled / disabled centrally, cannot be changed by the individual developers.
  • CodeWhisperer captures telemetry data to understand the number of active users, number of recommendations accepted / rejected, number of authorised users etc.

Security scan overview

  • Security scans in CodeWhisperer identify security vulnerabilities and suggest how to improve your code.
  • CodeWhisperer security scan feature works with the following programming languages
    • Java, Javascript, Python, C#, TypeScript, Ruby and Go
    • Infrastructure as Code (IaC) - AWS CloudFormation, Terraform, AWS CDK for TypeScript and Python
  • CodeWhisperer will only provide code remediation suggestions for code written in Java Python, or JavaScript.

Measure ongoing impact

Continuous monitoring is crucial for evaluating the impact and value add of adopting a new tool. Establish a baseline with whatever tools that you have in place today. Then enable a change / new service / tool and review the resulting data.
Amazon CodeWhisperer provides usage and activity metrics through the Dashboard in the console that can form part of the story. Changes across the organisation will take time to flow in but however you will start seeing the indications of change in a 30 or 60 day period while you explore the tool. That's a good sign.
Customers obviously are looking for efficiency gains to offset the cost of the tools and the efficiency is a little subjective which depends on the internal culture too. However, customers who have implemented DevOps can consider using DORA (https://dorametrics.org) for their reference. DORA metrics, which stand for Deliverability, Operations and Research Administration, are a set of standards used to measure the performance and efficiency of various engineering systems and processes.
Security scans are often seen as someone else's responsibility, introduced late in the development cycle. It's advisable for developers to conduct security scans of their code within the IDE and address any identified quality and security issues. This proactive approach not only enhances the overall quality and security of the code but also improves the speed of development.

AWS Toolkit Installation & Configuration

You should be able to use Amazon CodeWhisperer within your favourite IDE – be it Visual Studio Code or JetBrain following the guide for Installing the AWS Toolkit for Visual Studio Code or Installing the AWS Toolkit for JetBrains.
Setup Amazon Q in Visual Studio Code

  • For this blog, let's proceed with Visual Studio Code and you may follow the above instructions to install AWS Toolkit for Visual Studio Code followed by VS Code Extension from AWS Marketplace
  • Create BuilderID using instructions provided Here you go with the flow of steps Image description

Launch Visual Studio Code, and create folder name CodeWhisperer (if you are a mac user, please acknowledge the below prompt and proceed)

Image description

Go ahead and authenticate with your BuilderID as per the below instructions to connect to the Builder ID

Image description

Amazon CodeWhisperer usage instructions

  • To activate CodeWhisperer, simply place your cursor after a comment or line of code and press Enter.
  • Use the left/right arrow keys to browse through multiple suggestions.
  • Accept a suggestion by pressing Tab or discard it by pressing Esc or typing a character.
  • After accepting or writing new code, press Enter again for the next line of suggested code.
  • If the suggestion is not appearing, you can manually trigger Amazon CodeWhisperer by clicking Option + C on MacOS or Alt + C on Windows.

Getting started with python coding

  • Install Python Extensions for Visual Studio Code and start coding.
  • Follow the video to explore lists and operations in python, generate Fibonacci series with the specified number of terms as input.

AWS re:Invent 2024

The following enhancements were announced in AWS re:Invent 2023 which is available in preview for Visual Studio

  • Support for CloudFormation (YAML, JSON)
  • AWS CDK (TypeScript, Python)
  • Hashicorp Terraform (HCL)

Pricing

Amazon CodeWhisperer is free for individuals and billed via Amazon Q at $19/user/month for professionals under professional tier. The professional tier offers access to Amazon Q Code Transformation, which speeds up language upgrades to Java 17, as well as Amazon Q feature development, assisting you in devising a strategy for incorporating a new feature.
Refer CodeWishperer pricing for more details.

Resources

Conclusion

Go ahead and discover how Amazon CodeWhisperer revolutionises application development with its AI-powered coding assistance. Apply your learnings into practice to see how CodeWhisperer provides real-time code suggestions, enhances security by scanning for vulnerabilities, and improves efficiency by identifying code resembling open-source training data.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .