Amazon CodeWhisperer のアイコン

Amazon CodeWhisperer Deprecated2022年〜

An AI coding companion that generates real-time code suggestions within your IDE

About 3 min read

What It Does

Amazon CodeWhisperer is a service that generates real-time code completions and full function suggestions while developers write code in their IDE (Integrated Development Environment). It reads the intent from comments and existing code to suggest appropriate code snippets. It also includes a security scanning feature that detects vulnerabilities in your code and suggests fixes.

Use Cases

CodeWhisperer is used in everyday coding tasks: auto-generating boilerplate code, completing AWS SDK API call code, and auto-generating unit tests. It is also useful when working with unfamiliar programming languages or frameworks, where you can simply write a comment describing your intent and receive implementation code suggestions.

Everyday Analogy

Think of it like having an experienced pair programming partner. When you say "I want to fetch a file from S3 here" (write a comment), your partner suggests "Here's how you can write that" with actual code. You decide whether to accept the suggestion and modify it as needed.

What Is CodeWhisperer?

Amazon CodeWhisperer is a service that assists with the task of writing code. Install it as a plugin in development environments such as VS Code, JetBrains IDEs, or AWS Cloud9, and it suggests completion candidates in real time as you type. It supports over 15 programming languages including Python, JavaScript, TypeScript, Java, and C#.

How Code Suggestions Work

CodeWhisperer analyzes the context around the cursor position - surrounding code, comments, import statements, and more - to predict what code should come next. It generates suggestions at various levels of granularity, from single-line completions to entire function or class implementations. It is particularly strong at suggesting code that uses AWS SDKs, accurately proposing integration code for tasks like uploading files to S3 or querying DynamoDB.

Security Scanning

CodeWhisperer includes a built-in security scanning feature. It detects security vulnerabilities in your code (hardcoded credentials, SQL injection, cross-site scripting, etc.) and suggests fixes. Detection rules based on the OWASP Top 10 and CWE (Common Weakness Enumeration) are applied. Since security checks run in real time as you write code, it helps catch vulnerabilities early. For case studies and practical tips on security scanning, tech books on Amazon can also be a useful reference.

Getting Started

To get started with CodeWhisperer, install the AWS Toolkit from the VS Code extension marketplace. Sign in with a Builder ID (free) or IAM Identity Center to enable CodeWhisperer. As you type code, suggestions appear automatically and can be accepted with the Tab key. The Individual plan (free) provides access to basic code suggestion and security scanning features.

Things to Watch Out For

  • CodeWhisperer suggestions are just candidates - verifying their accuracy is the developer's responsibility. Always review suggested code before accepting it
  • The reference tracker feature displays license information when suggested code is similar to open source code. Check the license terms before adopting it
  • There are Individual (free) and Professional (paid) plans. The Professional plan offers organization-wide policy management and SSO integration
共有するXB!

Related Services

Amazon CodeCatalyst iconAmazon CodeCatalystA service that unifies project management, CI/CD, and cloud development environments for development teamsAWS Cloud9 iconAWS Cloud9A cloud IDE service that lets you write, run, and debug code entirely from your browserAmazon CodeGuru iconAmazon CodeGuruA service that uses machine learning to improve code quality and optimize application performanceAmazon Bedrock iconAmazon BedrockA fully managed generative AI service providing access to leading foundation models via API

Related Articles

Accelerate Coding with Amazon CodeWhisperer - AI Code Suggestions and Security ScanningGenerate real-time code suggestions within your IDE, with OWASP Top 10 security scanning and open-source license reference detection. Learn tips for effective usage.

More in This Category

AWS Application Composer iconAWS Application Composer NewA service for visually designing serverless application architectures and auto-generating IaC templatesAWS CDK iconAWS CDK PopularAn IaC framework that lets you define AWS infrastructure using programming languages like TypeScript and PythonAWS Cloud9 iconAWS Cloud9 DeprecatedA cloud IDE service that lets you write, run, and debug code entirely from your browserAWS CloudShell iconAWS CloudShell SpecializedA free managed shell environment that lets you run AWS CLI instantly from your browserAWS CodeArtifact iconAWS CodeArtifact SpecializedA fully managed artifact repository for securely storing and sharing software packagesAWS CodeBuild iconAWS CodeBuild PopularA fully managed build service that automates source code compilation and testingAmazon CodeCatalyst iconAmazon CodeCatalyst SpecializedA service that unifies project management, CI/CD, and cloud development environments for development teamsAWS CodeCommit iconAWS CodeCommit DeprecatedA secure, private Git repository hosting service provided by AWS

Similar Articles and Services

Accelerate Coding with Amazon CodeWhisperer - AI Code Suggestions and Security ScanningGenerate real-time code suggestions within your IDE, with OWASP Top 10 security scanning and open-source license reference detection. Learn tips for effective usage.Amazon Q DeveloperAn AI assistant for developers that helps with code generation, debugging, and optimizationAccelerating AWS Development with Amazon Q Developer - AI Code Generation and TroubleshootingLearn how to use Amazon Q Developer for in-IDE code generation, AWS console troubleshooting, and code transformation.Amazon CodeGuruA service that uses machine learning to automate code reviews and identify application performance bottlenecksAutomated Vulnerability Scanning with Amazon Inspector - Continuous Security Assessment for EC2, Lambda, and ECRAutomatically scan EC2 instances, ECR container images, and Lambda functions for vulnerabilities and prioritize them with CVE-based risk scores. Learn how to achieve agentless scanning through Systems Manager integration.