AWS Marketplace

Boost developer productivity and security with Amazon Q Developer and JumpCloud integration

In today’s fast-paced software development landscape, enterprises are constantly seeking methods to streamline workflows and enhance developer productivity. Amazon Q Developer is a generative AI–powered assistant for software development. When used in an integrated development environment (IDE), Amazon Q Developer can chat about code, provide inline code completions, generate new code, and scan your code for security vulnerabilities. It can also perform code upgrades and improvements and assist with debugging and optimizations.

As a member of the AWS Partner Network (APN) and available in AWS Marketplace, JumpCloud offers centralized identity management solutions that can streamline development workflows and boost productivity through secure authentication. Organizations often strive to streamline their development processes, and identity providers (IdPs) like JumpCloud play a crucial role in enabling secure authentication. JumpCloud provides centralized identity management across the organization. With JumpCloud, you can implement and enforce single sign-on (SSO) and multi-factor authentication (MFA) across SAML and OIDC-based applications, ensuring a secure and efficient development environment

Solution overview

In this post, we’ll show you how to enable seamless authentication to Amazon Q Developer using existing JumpCloud credentials. We’ll explain the steps for subscribing to JumpCloud, configuring it as an external IdP within AWS IAM Identity Center and enabling automatic user provisioning. This synchronizes identities across both services, eliminating the need for manual user management. By subscribing to Amazon Q Developer Pro tier, organizations gain access to advanced features such as customizations and integrate with AWS IAM Identity center for secure authentication.

Amazon Q Developer supports extended session duration feature, which allows developers to work seamlessly for up to 90 days without frequent re-authentication. This extended session duration is specific to Amazon Q Developer and does not affect session durations for the AWS access portal or other IAM Identity Center integrated applications.

Prerequisites

Solution walkthrough: Boost developer productivity and security with Amazon Q Developer and JumpCloud integration

In this section, walks you through the steps required to deploy the solution.

Subscribe to JumpCloud through AWS Marketplace

  1. Sign in to your AWS Management Console, and go to AWS Marketplace.
  2. On the JumpCloud product page, choose View purchase Options, or create your 30-day free trial.
  3. On the Configure your Software Contract page, review the contract details then choose Create contract.
  4. When the subscription is complete, you’ll receive a confirmation email from AWS Marketplace.

Step 1: Enable IAM Identity Center integration in JumpCloud

  1. Referring to the details in the confirmation email you can create an Administrator account.
  2. Using your credentials for an Administrator account via the JumpCloud Admin console, go to SSO Applications > Get Started.

Jumplcoud Home screen to add apps

Figure 1: JumpCloud Admin console to set up SSO Applications

  1. Browse the Application Catalog and choose AWS IAM Identity Center.
  2. Provide a Display Name for the App Integration using the Application label. For example: “IAM Identity Center-JumpCloud”.
  3. Choose Save Application and proceed to Configure Application.
  4. Under SSO, choose Export Metadatato download the JumpCloud-aws-sso-metadata.xml.

IAM Identity Center screen to setup external Identity provider

Figure 2: JumpCloud console to set up IAM Identity Center

Step 2: Configure JumpCloud as an external IdP in IAM Identity Center

  1. In the IAM Identity Center console, go to the Dashboard. If IAM Identity Center is not enabled, enable it by following the steps listed in Enabling AWS IAM Identity Center.
  2. Select Confirm identity source from the Dashboard and chooseChange identity source under the Actions drop-down menu.
  3. On the next page, choose External identity provider, and click Next.
  4. Configure the external IdP:
    1. IdP SAML metadata: Select Choose fileto upload the JumpCloud-aws-sso-metadata.xml file saved in Step 1.5.
    2. Under Service provider metadata, choose Download metadata file. You’ll need upload it in the JumpCloud console later on.
    3. Copy and save the AWS access portal sign-in URL, as it’s required for SSO and IDE configuration.
    4. Click Next.

IAM Identity Center screen to download the metadata

Figure 3: IAM Identity Center Configure external IdP screen

  1. Review the changes, type ACCEPT, and choose Change identity source to proceed.

Step 3: Configure JumpCloud with IAM Identity Center Single Sign-On details

  1. In the JumpCloud Admin console, go to the SSO tab (or open the AWS IAM Identity Center application if it’s not already open):
    • Under Service Provider Metadata, choose Upload Metadata and upload the file downloaded in Step 2.4b.
    • Paste the AWS access portal sign-in URL (from Step 2.4c) into URL field.
  2. Choose Save.

JumpCloud console to set up IAM Identity Center

Figure 4: JumpCloud console to set up IAM Identity Center

Step 4: Enable provisioning in IAM Identity Center

  1. In the IAM Identity Center console, go to the Settings
  2. In the Automatic provisioninginformation box, choose Enable.
  3. In the Inbound automatic provisioningdialog box, copy the values for SCIM endpoint and Access token, as you’ll need them to configure provisioning in JumpCloud. Then, Close the dialog.

Step 5: Configure extended session for Amazon Q Developer in IAM Identity Center

  1. In the IAM Identity Center console, click the Settings page, and select Authentication tab
  2. Under Session Settings, choose Configure, and check the box to Enable extended sessions for Amazon Q Developer. This allows the developers to use the IDE to re-authenticate to Amazon Q Developer every 90 days.

IAM Identity Center screen to set up extended sessions for Amazon Q Developer

Figure 5: IAM Identity Center screen to set up extended sessions for Amazon Q Developer

For developers who find frequent re-authentication unnecessary, the 90-day extended session benefits them. However, organizations with specific security requirements can maintain the standard session duration with IAM Identity Center.

Step 6: Configure provisioning in JumpCloud

  1. In JumpCloud admin console, open the AWS IAM Identity Center
  2. On the AWS IAM Identity Center app page, go to the Identity Management tab, and click Configure:
    1. For Authentication Base URL: enter the copied SCIM endpoint (from Step 4.3).
    2. For Authentication Token: enter the copied Access Token endpoint (from Step 4.3).
  1. Choose Activate and Save the changes to establish the SCIM provisioning process, which will synchronize users and groups from JumpCloud to IAM Identity Center.

Step 7: Assign access for groups in JumpCloud

  1. In the JumpCloud admin console, go to the AWS IAM Identity Center app page, and select the User Groups
  2. Choose the JumpCloud groups you want to assign access to the IAM Identity Center app, and choose Save. This starts provisioning the users in those groups into the IAM Identity Center.

JumpCloud console to sync users and groups through SCIM to IAM Identity Center

Figure 6: JumpCloud console to sync users and groups through SCIM to IAM Identity Center

Step 8: Provide access to Amazon Q Developer

  1. In the Amazon Q console, subscribe to Amazon Q Developer Pro from Getting Started page.

Subscribe to Amazon Q Developer Pro

Figure 7: Subscribe to Amazon Q Developer Pro

  1. Search and assign your preferred groups and users from your Identity Center.

Amazon Q Developer console to assign users and groups through IAM Identity Center

Figure 8: Amazon Q Developer console to assign users and groups through IAM Identity Center

Step 9: Set up AWS Toolkit for Visual Studio with IAM Identity Center

To use Amazon Q Developer, set up the AWS Toolkit for Visual Studio to authenticate with the IAM Identity Center.

  1. In IDE, open the AWS extension panel, search for Amazon Q, and choose Install
  2. In the resulting pane for Amazon Q, choose Use with Pro License, and choose Continue.

Authenticate with IAM Identity center through IDE

Figure 9: Authenticate with IAM Identity center through IDE

  1. Enter the AWS access portal sign-in URL that was previously copied (Step 2.4c) into the Start URL Select us-east-1 as the AWS Region, then Sign in.
  2. Choose Copy Code and Proceedto copy the code from the resulting pop-up, and open the external website when prompted.
  3. Paste the code copied and choose Next.
  4. Enter your JumpCloud credentials, and Sign in.
  5. Choose Allowto grant AWS IDE Extensions to access Amazon Q Developer.
  6. When the connection is complete, close the browser and return to the IDE. You can use Amazon Q from within IDE, authenticated with your JumpCloud credentials.

After you’ve configured your authentication with Amazon Q Developer, your users can use Amazon Q developer for code generation, code transformation, infrastructure automation, and security vulnerability assessment.

Cleanup

  • Unsubscribe the user from Amazon Q Developer Pro plan to avoid monthly charges.
  • Remove any temporary or unused configurations, such as test user accounts or groups, from JumpCloud
  • If you have enrolled into a JumpCloud subscription plan through AWS Marketplace, please refer to the terms and conditions of the agreement.

Conclusion

In this post, we showed you how to provide secure access to Amazon Q Developer for developers by connecting JumpCloud as an external IdP with the IAM Identity Center. This integration offers several significant advantages, including streamlined authentication, centralized identity management, and improved productivity.

As part of the next steps, checkout JumpCloud AWS IAM Identity Center integration , learn more about new updates and features of Amazon Q Developer and subscribe to Jumpcloud in AWS Marketplace.

About Authors

Sunil Ramachandra

Sunil is a Senior Solutions Architect enabling hyper-growth Independent Software Vendors (ISVs) to innovate and accelerate on AWS. He partners with customers to build highly scalable and resilient cloud architectures. When not collaborating with customers, Sunil enjoys spending time with family, running, meditating, and watching movies on Prime Video

JP Boreddy

Jayaprakash Boreddy is Senior Solutions Architect at AWS. He works with ISV customers in designing and building highly scalable, flexible and resilient applications on AWS Cloud

John Brunot

John serves as an AWS Partner Solution Architect, taking charge of creating, driving, and implementing technical strategies for ISV partners. As a trusted advisor, he plays a pivotal role in designing scalable, flexible, and resilient cloud architectures. John takes the lead on go-to-market activities for ISV partner’s products built-on and/or integrated with AWS.

Chase Doelling

Chase is a Principal Strategist at JumpCloud, designing authentication strategies and evangelizing customer solutions. He has been working in venture-backed startups across identity, security, integration, and DevOps for the last decade. He’s based in Colorado and is a mentor at the University of Colorado at Boulder.