Amazon CodeWhisperer: Your FAQs answered

I have mentioned in some recent posts before about the way I feel about Amazon CodeWhisperer and the productivity boost it offers me while coding. As somebody who started coding on Notepad, auto-complete engines like Intellisense were a miracle. But you still had to know syntax or refer documentation. Over the years, with the complexities of programming and the millions of APIs you may end up working with, reference always meant time-consuming Google searches, reading documentation and looking at code samples.

With Amazon CodeWhisperer, you specify your intent - either as a comment or sometimes as you're declaring your function signatures, and you watch the magic of Generative AI offering suggestions to complete your code.

Recently, we had a few customers try out CodeWhisperer and sent my colleague Suchir Bhatnagar some queries. While many of these are addressed in our documentation or on the official website, we felt reiterating these could help others who might have similar questions.

Note that the service is continuously evolving and some of these answers may change over time as the product evolves.

So here are some of the frequently asked questions:

What is the difference between the Professional and Individual versions of Amazon CodeWhisperer?

Amazon CodeWhisperer is offered in two tiers. Let's start with the first major difference. The Individual Tier is free to use and requires a simple sign-up to create an AWS Builder ID. The Professional Tier offers all the capabilities of the Individual Tier and also allows organizations to centrally manage licensing and service policies for their developers. This is charged on a flat per-month, per-user fee with no long-term commitments.

You can also setup single sign-on (SSO) for your organization with Amazon CodeWhisperer.

What is the actual purpose of open-source code references?

CodeWhisperer is powered by a Large Language Model (LLM) trained on billions of lines of code, including Amazon and open-source code. While all the code suggestions are generative, and based on the context, the output may, on rare occasions, end up being similar to open-source code in some repository. The reference tracker, which is a unique feature of Amazon CodeWhisperer, highlights this to the developer, allowing them to view the code, the repository URL and the project's license information. There is also an option available to developers to filter such suggestions and not offer them. To ensure that the developer's coding flow is not disturbed, all references are logged for them to review later.

Can these be turned off? Yes, developers on Individual Tier can turn these off in settings (see screenshot above) and organizations using the Professional tier can manage this centrally.

The suggestions take some time. Is it purely a function of network bandwidth or is there something which I can do?

Yes, I have experienced some lag at times, if my network is slow. Since the generative code works by looking at the context, usually a few lines of code or the comments, it can take some time for suggestions. Note that, at the time of writing this, the service, while being AWS Region agnostic and available to developers worldwide, is hosted in the US East (North Virginia) region (us-east-1). So depending on which part of the world you are accessing the service from, there could be some network lag.

In my experience, I have generally found the suggestions come in quickly and timely as you continue writing, since there are those natural pauses for thinking. Also, pressing Option+C (Mac users) and Alt+C (Windows users) can trigger a suggestion manually. This helps if you want CodeWhisperer to offer suggestions, but have entered very little text and so an automatic call hasn't yet happened.

When running security scans, is this analysis done locally or are any code files shipped to AWS servers?

CodeWhisperer comes with a built-in code scanning feature that detects security vulnerabilities within your Python, Java, and JavaScript projects, including code suggestions from CodeWhisperer and code written by the developer.

To perform the security scans, Amazon CodeWhisperer uses Amazon CodeGuru. From the documentation: "CodeGuru does multiple layers of filtering before scanning code to ensure that you can focus on the most critical issues. As part of that, CodeGuru filters unsupported languages, and also tests code, including open source code, before scanning for security issues."

The scan runs on the currently active file and its dependencies. What things can be scanned is listed here.

Suggestions are based on the current file being edited and import statements/dependencies in it. If I want Amazon CodeWhisperer to understand the entire context of my project and some of the other dependencies from other repos, is it possible for developers to make the service aware of it?

Amazon CodeWhisperer only looks at the context of the active file and dependencies, analyzing the English language comments and surrounding code to infer what code is needed to complete the task at hand. Currently, by design, there is no way for Amazon CodeWhisperer to know or use the context of the entire project or repo.

Hopefully, the above answers a lot of questions about Amazon CodeWhisperer. We have a more exhaustive list, including some design considerations, on the official FAQ page: https://aws.amazon.com/codewhisperer/faqs/

Also, there are some useful videos to setup and get started with Amazon CodeWhisperer here:

https://aws.amazon.com/codewhisperer/resources/#Getting_started

Feel free to ask more questions in the comments!

#AWSStartupCommunity #GenAI #CodeWhisperer #Developers #awsishow