Amazon CodeGuru

A service that uses machine learning to automate code reviews and identify application performance bottlenecks

About 4 min read

Overview

Amazon CodeGuru is a service that leverages machine learning to improve code quality and optimize application performance. CodeGuru Reviewer automatically analyzes code during pull requests, detecting potential bugs, security vulnerabilities, and AWS SDK best practice violations. CodeGuru Profiler continuously measures runtime application performance, visualizing CPU-intensive code paths and latency bottlenecks. CodeGuru Security performs static analysis to detect vulnerabilities and even suggests fix code.

Code Quality Analysis with CodeGuru Reviewer

CodeGuru Reviewer integrates with GitHub, CodeCommit, and Bitbucket repositories, automatically analyzing diff code whenever a pull request is created. Machine learning models trained on millions of code reviews accumulated within Amazon detect logical issues that conventional linters cannot catch. For example, it identifies try-finally patterns with potential resource leaks, non-thread-safe collection operations, and inefficient AWS SDK call patterns (such as repeated DynamoDB GetItem calls inside loops). It supports Java and Python, and findings are posted directly as comments on the pull request, so developers can review and address them within their normal code review workflow. Full repository scans are also available for evaluating the quality of existing codebases. Each recommendation includes sample code and explanations, helping developers understand why the change is necessary.

Runtime Performance Analysis with CodeGuru Profiler

CodeGuru Profiler continuously profiles CPU usage and latency of applications running in production. Once the agent is embedded in your application, it collects stack trace samples at 5-minute intervals and visualizes them as flame graphs. Flame graphs make it immediately clear which methods consume the most CPU time, pinpointing the code paths that need optimization. For Lambda functions, no agent embedding is required - simply create a profiling group and associate the Lambda function to start measurement. Profiler's anomaly detection feature learns the normal performance profile as a baseline and automatically notifies you when CPU usage or latency increases abnormally. The recommendations engine generates specific improvement suggestions for detected bottlenecks. For instance, if log output formatting consumes 15% of CPU, it suggests switching to a lazy evaluation pattern.

Vulnerability Detection with CodeGuru Security

CodeGuru Security provides static application security testing (SAST), detecting security vulnerabilities in source code. It targets OWASP Top 10 issues including SQL injection, cross-site scripting (XSS), hardcoded credentials, and cryptographic weaknesses, supporting Java, Python, JavaScript, and TypeScript. Findings are tagged with CWE (Common Weakness Enumeration) numbers and severity levels, enabling systematic understanding of vulnerability types and impact scope. A notable feature is the auto-fix suggestion capability, which generates corrected code snippets for detected vulnerabilities. For example, when it detects a non-parameterized SQL query, it suggests fix code using prepared statements. For CI/CD pipeline integration, it can be embedded as a CodePipeline action, setting up a quality gate that halts the pipeline when vulnerabilities are detected. Findings also integrate with Security Hub, enabling management as part of the organization's overall security posture.

共有するXB!

Related Terms

AWS CodePipelineAWS CodeCommitAWS CodeBuildAWS Security HubAWS Lambda

Related Services

AWS CodePipelineAWS CodeBuildAWS CodeCommitAWS Security HubAWS Lambda

Related Articles

CI/CD Pipeline Automation - Continuous Delivery with AWS CodePipelineLearn about CI/CD pipeline automation using AWS CodePipeline and CodeBuild.Getting Started with AWS Cloud9 - Setting Up and Using a Browser-Based IDEA cloud IDE that lets you complete AWS development entirely in the browser. Learn about Lambda development with a pre-installed SAM CLI environment and pair programming through real-time collaborative editing.Automatically Improve Code Quality with Amazon CodeGuru - Using Reviewer and ProfilerML-based Reviewer automatically detects resource leaks and concurrency issues, while Profiler visualizes CPU bottlenecks with flame graphs. Learn about CI/CD integration patterns.Building CI/CD Pipelines with AWS CodePipeline - Automating from Source to DeploymentAutomate everything from source change detection to build, test, and deployment. Learn about V2 trigger filters, manual approval actions, and cross-account deployment design.Kiro Agent Hooks in Practice - Boosting Development Quality with Automated Processing on File SaveIntegrate linting, testing, and formatting into your AI agent workflow with hooks that auto-trigger on file save or command execution. This article explains hook definition structure and practical usage patterns.

Similar Terms and Articles

Amazon CodeGuruA service that uses machine learning to improve code quality and optimize application performanceCode Review and Profiling - Improving Quality and Optimizing Performance with Amazon CodeGuruThis article explains how to automate code reviews and profile applications using Amazon CodeGuru. It covers integrating quality gates into CI/CD pipelines with CodeBuild and optimizing performance in production environments.Automatically Improve Code Quality with Amazon CodeGuru - Using Reviewer and ProfilerML-based Reviewer automatically detects resource leaks and concurrency issues, while Profiler visualizes CPU bottlenecks with flame graphs. Learn about CI/CD integration patterns.Amazon CodeWhispererAn AI coding companion that generates real-time code suggestions within your IDEAccelerate Coding with Amazon CodeWhisperer - AI Code Suggestions and Security ScanningGenerate real-time code suggestions within your IDE, with OWASP Top 10 security scanning and open-source license reference detection. Learn tips for effective usage.