Amazon CodeWhisperer
AWS-native AI code assistant with security scanning and IAM-aware suggestions
What is Amazon CodeWhisperer?
Amazon CodeWhisperer, now integrated into the broader Amazon Q Developer platform, is AWS's answer to GitHub Copilot. It provides real-time code suggestions inside VS Code, JetBrains IDEs, and AWS Cloud9, with a particular strength in AWS service integrations. When you are writing code that interacts with S3, Lambda, DynamoDB, or any other AWS service, CodeWhisperer can suggest idiomatic SDK calls based on the latest AWS documentation — a meaningful advantage over generic models that may suggest outdated or incorrect API patterns.
Security is a first-class concern in CodeWhisperer's design. The tool includes a built-in security scanner that checks your code against a library of security vulnerabilities (CWEs) and can detect hardcoded credentials, SQL injection vectors, and other common issues. It also includes a reference tracker that identifies when a suggestion is similar to open-source code and provides attribution — useful for teams with licensing compliance requirements. These features go beyond what most AI code assistants offer out of the box.
The Individual tier is completely free with no usage cap on code suggestions, which makes CodeWhisperer compelling for AWS developers as a zero-cost alternative to Copilot. The Professional tier adds centralized administration, SSO integration, higher security scan quotas, and the policy controls that enterprise teams typically need. As Amazon Q Developer continues to evolve, CodeWhisperer's capabilities are expanding to include natural language AWS console actions, infrastructure-as-code generation, and operational intelligence features.
Key Features
- Real-time code completions optimized for AWS service SDKs
- Built-in security vulnerability scanner (CWEs, hardcoded credentials)
- Open-source license reference tracker for compliance
- Support for 15+ programming languages
- VS Code, JetBrains, and AWS Cloud9 integration
- Infrastructure-as-code suggestions for CloudFormation and Terraform
- Natural language to code for AWS tasks via Amazon Q
- Centralized admin console for team usage and policies
- Data privacy controls with no training on customer code option
- Integration with AWS IAM for permission-aware suggestions
Pros & Cons
Pros
- Free for individual developers with no cap on code completions
- Best-in-class AWS service and SDK knowledge for cloud developers
- Built-in security scanning that most competitors charge extra for
- Strong data privacy controls with opt-out of training data sharing
Cons
- Significantly less useful for non-AWS development contexts
- Less capable than Cursor or Copilot for general-purpose coding tasks
- UI and editor experience feel less polished than newer AI IDEs
- The transition to Amazon Q branding has created some product confusion
Pricing
Model: Freemium
| Plan | Price | Key Limits |
|---|---|---|
| Individual | $0/mo | Unlimited code completions, 50 security scans per month |
| Professional | $19/user/mo | 500 security scans, SSO, admin console, centralized billing |