# Amazon Q Developer in Action: Supercharging application development

Welcome to this interactive demo of [Amazon Q Developer](https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/what-is.html). In this walkthrough, we'll explore how to use Amazon Q Developer to enhance your application development process on AWS.

For the presentation slides and additional information, [see](https://d1vse5fs7nznkq.cloudfront.net/). 

**Table of Contents**

1. Introduction to Amazon Q Developer
2. Using Amazon Q Developer in the AWS console
3. Securing Your Code With Amazon Q Developer
4. AI-assisted coding with Amazon Q Developer
5. Using Amazon Q to generate comments and create a README
- Conclusion and next steps

**Pre-requisite**
Be we get started please ensure you have downloaded and installed the following:

- [Visual Studio Code](https://code.visualstudio.com/) 
- [Python](https://www.python.org/downloads/) 
- [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)

Once you have installed the pre-requisites you can then install the [Amazon Q extension](https://marketplace.visualstudio.com/items?itemName=AmazonWebServices.amazon-q-vscode) for VScode.

>NOTE: After installing Amazon Q you will need to setup a Amazon Builder ID if you do not already have one. For more detailed instructions go [here](https://catalog.us-east-1.prod.workshops.aws/workshops/fe2c944b-f014-44d6-a243-1fc2e30b5f73/en-US/getting-started#pre-requisite). 


## 1. Introduction to Amazon Q Developer

[Amazon Q Developer](https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/what-is.html) is a generative artificial intelligence (AI) powered conversational assistant
that can help you understand, build, extend, and operate AWS applications. You can ask questions
about AWS architecture, your AWS resources, best practices, documentation, support, and more.

Amazon Q is supported in the AWS Management Console, IDEs like VScode and JetBrains, AWS Documentation Site, Command Line, and even Microsoft Teams and Slack.

**Key features of Amazon Q Developer**

Amazon Q Developer includes the following capabilities:
- `Chat` – Amazon Q answers natural language questions in English about AWS, including questions about AWS service selection, AWS Command Line Interface (AWS CLI) usage, documentation, best practices, and your AWS resources. Amazon Q responds with information summaries or step-by-step instructions, and includes links to its information sources.
- `Conversation memory` – Amazon Q uses the context of your conversation to inform future responses for the duration of your conversation.
- `Code improvements and advice` – Within IDEs, Amazon Q can answer questions about software development, improve your code, and generate new code.
- `Code completion` – As you write code, Amazon Q automatically generates suggestions, in real time, based on your existing code and comments.
- `Troubleshoot and support` – Amazon Q can help you understand errors in the AWS Management Console and provides access to live AWS Support agents to address your AWS questions and issues.

For more information about these and other Amazon Q features, see Understanding Amazon Q Developer features.

## 2. Using Amazon Q Developer in the AWS console

Use Amazon Q Developer in the AWS Management Console, AWS Console Mobile Application, AWS Marketing website, AWS Documentation website, and chat channels integrated with AWS Chatbot to ask questions about AWS. You can ask Amazon Q about AWS architecture, best practices, support, and documentation. Amazon Q can also help with code that you're writing with the AWS SDKs and AWS Command Line Interface (AWS CLI).

In the AWS Management Console, you can ask Amazon Q about:
- AWS resources and costs
- contact AWS Support directly
- diagnose common console errors.




### Amazon Q in the console

Lets take moment to open the console and try out Q.

The following are example questions that demonstrate how Amazon Q can help you build on AWS:

```markdown
- What’s the maximum runtime for a Lambda function?
- How do I list my Amazon S3 buckets?
- Can you tell me how many VPCs I have in this region?
- What was my cost breakdown by service for the past three months?
- How much did we spend on SageMaker in June?
```

## 3. Securing Your Code With Amazon Q Developer

The focus on this section is to educate you on how to use the Security scanning feature of 'Amazon Q Developer' to detect security policy violations and vulnerabilities in your code to help you improve it's security quality. You can find the entire workshop [here](https://catalog.us-east-1.prod.workshops.aws/workshops/fe2c944b-f014-44d6-a243-1fc2e30b5f73/en-US/introduction). 

Amazon Q can scan your codebase for security vulnerabilities and code quality issues to improve the posture of your applications throughout the development cycle. You can initiate a scan of an entire codebase, analyzing all files in your local project or workspace, or enable auto scans that assess your code as you write it.



### Example-1: Inherited code (Unencrypted AWS credentials)

In this use case we have inherited some code and we are not fully aware of what it does. Unfortunately, this code contains a vulnerability, unencrypted AWS credentials can be logged which can expose those credentials to an attacker. Encrypt sensitive data, such as credentials, before they are logged to make the code more secure.

Lets use Amazon Q to scan it and determine how to fix it:

In [2]:
# Security issue ./scr/1-security-issue.py
def log_credentials_noncompliant():
    import boto3
    import logging
    session = boto3.Session()
    credentials = session.get_credentials()
    credentials = credentials.get_frozen_credentials()
    access_key = credentials.access_key
    secret_key = credentials.secret_key

    # Noncompliant: credentials are written to the logger.
    logging.info('Access key: ', access_key)
    logging.info('secret access key: ', secret_key)

In [5]:
# Paste the compliant code.


### Example-2: Inherited code (Open Redirect Vulnerability)

In this section we have an application that has a Open Redirect Vulnerability. This is an security weakness where an attacker could supply a malicious URL as an input, potentially leading users to phishing or malware sites. This is a common security flaw in web applications that can be exploited to conduct phishing attacks or distribute malware.

In this example we will ask Q examine the code and resolve the issue.

In [None]:
# Validation issue: ./src/validation_issue.py
from flask import Flask, request, redirect

app = Flask(__name__)

@app.route('/redirect')
def redirect_url_noncompliant():
    endpoint = request.args['url']
    return redirect(endpoint)


if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Paste the compliant code.

## 4. AI-assisted coding with Amazon Q Developer

In this section, we'll demonstrate how Amazon Q Developer can assist in writing Python scripts for common AWS tasks. We'll showcase its ability to generate code, explain concepts, and modify scripts based on additional requirements.

Create functions for the following tasks:
- list all AWS regions
- list VPCs in AWS region
- *list all S3 buckets*
- *list of all instances in a region*
- *Create an s3 bucket*


In [None]:
# List Amazon VPCs, S3 buckets, instances and creates an S3 bucket

>If there is time create an S3 bucket using CloudFormation. `./infra/bucket.yaml`

## 5. Using Amazon Q to generate comments and create a README

In this section, we'll use Amazon Q Developer to add comprehensive comments to our previously generated AWS Python scripts and create a detailed README file for the project.

Amazon Q Developer not only assists in code generation but also in creating clear, informative documentation, which is crucial for maintaining and scaling AWS projects.

In [8]:
# Paste code with comments

## 6. Closing

As AI-assisted development tools like Amazon Q continue to evolve, they will play an increasingly crucial role in cloud computing and AWS development. However, it's important to remember:

- Always review and understand AI-generated code before using it in production.
- Use Amazon Q as a powerful assistant, but combine it with your expertise and judgment.
- Stay updated with AWS best practices and security guidelines, using Amazon Q to reinforce and implement them.

**Final Thoughts**
Amazon Q Developer represents a significant step forward in AI-assisted AWS development. By leveraging its capabilities, developers can not only code more efficiently but also learn and implement AWS best practices more effectively. As we continue to explore and integrate these AI tools, we're not just changing how we write code – we're reshaping the landscape of cloud development itself.
Thank you for joining this exploration of Amazon Q Developer in action. Let's embrace these powerful tools to build more secure, efficient, and innovative solutions on AWS.
