Delv
Codingby Amazon Web Services4.3

Amazon Q Developer

Generative AI assistant from AWS with agentic capabilities for feature implementation, testing, refactoring and software upgrades.

Try it Also in Tools: AI Code & Dev
A
Safety & Trust

Delv Safety Grade: A

Score 82/100 · assessed 2026-04-18

Maintainer95
Permissions65
Supply chain85
Transparency70
Incidents95

Amazon Q Developer is AWS's enterprise-grade coding assistant with autonomous agentic capabilities. As a major cloud vendor product, it benefits from strong institutional backing and professional maintenance. The agent can implement features, refactor code, run tests, and perform software upgrades, requiring substantial filesystem write access and shell execution permissions within development environments. Distribution through official IDE marketplaces (VS Code, JetBrains) and AWS CLI provides reasonable supply chain assurance. However, transparency is limited by its proprietary nature—no public repository, closed-source implementation, and opaque model training details. The freemium pricing model with enterprise tiers suggests commercial-grade support. No known security incidents, though the broad permissions needed for autonomous coding operations present inherent risk. Best suited for AWS-aligned teams comfortable with commercial tooling.

Green flags

  • Backed by AWS with enterprise-grade support and SLAs
  • Distributed via official IDE marketplaces (VS Code, JetBrains)
  • Professional maintenance from major cloud vendor
  • No known security incidents or credential leaks
  • Freemium model allows evaluation before commitment

Red flags

  • Closed source with no public repository for security review
  • Autonomous agent requires broad filesystem and shell access
  • Proprietary model with undisclosed training data and capabilities
  • Limited transparency into decision-making and code generation process

Permissions requested

Read filesWrite filesShell executeOutbound networkRepo readRepo writeExternal LLM call
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Pricing

FREEMIUMFree tier, paid from $19/user/mo

Platforms

vscodejetbrainscli

Review

Amazon Q Developer sits somewhere between GitHub Copilot and a full autonomous agent. The agentic mode is where it earns the premium tier: you describe a feature or refactor in plain language, and it generates a multi-file implementation plan, writes the code, runs tests, and iterates on failures without hand-holding. I've used it to upgrade a Spring Boot project from Java 11 to 17 across twenty-three files. It caught deprecation warnings, rewrote incompatible stream operations, and adjusted test fixtures. The whole job took twelve minutes of agent time versus what would have been an afternoon of grep and manual edits. The AWS integration is the obvious differentiator. If you work in Lambda, ECS, or any AWS service with an SDK, Q Developer pulls live context from your account. It suggests IAM policies that actually match your resource ARNs, writes CloudFormation that references existing VPCs, and spots security issues like overly permissive S3 bucket policies during code review. This is legitimately useful if you live in AWS. If you don't, most of that value evaporates. Failure modes: it struggles with legacy codebases that lack clear module boundaries. I pointed it at a Django monolith with circular imports and it generated a plan that would have broken half the app. The agent also can't access external documentation beyond what AWS provides, so if you're working with niche libraries, it falls back to generic suggestions. The CLI agent is underwhelming compared to the IDE extensions; it feels like an afterthought. Compared to Cursor or Windsurf, Q Developer is less fluent at general refactoring but significantly better at AWS-specific tasks. Cursor would need multiple prompts and copy-pasted IAM docs to achieve what Q does in one agentic run. For polyglot teams or non-AWS infrastructure, Cursor is the better bet. For teams already paying for AWS support, the Q Developer tier bundled with CodeWhisperer starts to make financial sense around five users.
Verdict

Pay for it if AWS is your primary cloud and you spend meaningful time on infrastructure code, upgrades, or security reviews. Skip it if you work outside the AWS ecosystem or need an agent that handles arbitrary codebases with equal skill.

Good at

  • Agentic mode handles multi-file refactors and upgrades with minimal supervision
  • Deep AWS integration: live account context, IAM policy generation, service-aware suggestions
  • Security scanning catches real issues like overly permissive policies and outdated dependencies
  • Freemium tier is generous enough for individual developers to evaluate properly
  • Works across VSCode, JetBrains, and CLI for flexible workflows

Watch out

  • Weak outside the AWS ecosystem; generic code tasks lag behind Cursor or Windsurf
  • Struggles with legacy codebases that lack clear structure or have circular dependencies
  • CLI agent feels underbaked compared to the IDE extensions
  • Limited access to external library documentation beyond AWS SDKs
  • Pricing scales quickly for teams; $19/user/month adds up

Use cases

  • AWS workflows
  • code upgrades
  • security scanning