Q: What is Amazon CodeGuru?
Amazon CodeGuru, a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code.
Q: What can I do with Amazon CodeGuru?
Amazon CodeGuru has two components- Amazon CodeGuru Reviewer and Amazon CodeGuru Profiler. Amazon CodeGuru Reviewer uses machine learning to identify critical issues and hard-to-find bugs during application development to improve code quality. Amazon CodeGuru Profiler optimizes performance for applications running in production and identifies the most expensive lines of code, reducing operational costs significantly.
Q: How do I get started with Amazon CodeGuru?
Amazon CodeGuru is now generally available. You can start right now in the Amazon CodeGuru console.
To get started with Amazon CodeGuru Reviewer, log in to the Amazon CodeGuru Reviewer console where you can associate an existing code repository on GitHub, GitHub Enterprise, Bitbucket or AWS CodeCommit. After a one-time setup, Amazon CodeGuru Reviewer begins analysing code and providing code improvement recommendations directly within the pull request or code repository.
You can also start profiling your applications in minutes. To get started with Amazon CodeGuru Profiler, log in to the Amazon CodeGuru Profiler console where you can configure a profiling group for your application. Start your application with the profiling agent on the command line or follow the steps to use one of the described custom methods. You can let Amazon CodeGuru Profiler run continuously so it can proactively catch performance issues in your live applications.
Q: In which AWS Regions is Amazon CodeGuru available?
Amazon CodeGuru Reviewer
Q: What is Amazon CodeGuru Reviewer?
Amazon CodeGuru Reviewer is an automated code review service that identifies critical defects and deviation from coding best practices for Java code. It scans the lines of code within a pull request and provides intelligent recommendations based on standards learned from major open source projects as well as Amazon codebase. Amazon CodeGuru Reviewer seamlessly integrates with existing code review workflows on widely-used source control systems including GitHub, GitHub Enterprise, Bitbucket, and AWS CodeCommit, and provides actionable recommendations for improving code quality.
Q: What programming languages and source code repositories are supported?
Amazon CodeGuru Reviewer currently supports Java code stored in GitHub, GitHub Enterprise, Bitbucket and AWS CodeCommit repositories.
Q: What type of issues are detected by Amazon CodeGuru Reviewer?
Amazon CodeGuru Reviewer checks for concurrency issues, potential race conditions, un-sanitized or malicious inputs, inappropriate handling of sensitive data such as credentials, resource leaks, and also detects race conditions and deadlocks in concurrent code. It also suggests AWS and Java best practices and detects cloned code that could be consolidated for better code maintainability.
Q: How do I get started with Amazon CodeGuru Reviewer?
Visit the Amazon CodeGuru console to integrate Amazon CodeGuru Reviewer recommendations directly within your code pull requests. You can get started by visiting the CodeGuru console and following the steps to associate your AWS CodeCommit, GitHub, GitHub enterprise and BitBucket repositories to start receiving Amazon CodeGuru Reviewer’s recommendations. Once enabled, Amazon CodeGuru Reviewer will automatically provide intelligent recommendations as comments on your pull requests generated for the connected repositories.
Q: Does Amazon CodeGuru Reviewer access my code?
Amazon CodeGuru Reviewer needs read-only access to your code for the purpose of generating recommendations. Your trust, privacy, and the security of your content are our highest priority and we implement appropriate controls, including encryption in transit, to prevent unauthorized access to, or disclosure of, your content and ensure that our use complies with our commitments to you. Please see the Data Privacy FAQ for more information.
Q: Does Amazon CodeGuru Reviewer persist a copy of my code?
No, Amazon CodeGuru Reviewer does not store your source code.
Q: How is Amazon CodeGuru Reviewer trained to provide intelligent recommendations?
Amazon CodeGuru Reviewer is trained using rule mining and supervised machine learning models that use a combination of logistic regression and neural networks.
For example, during training for deviation from AWS best practices, Amazon CodeGuru Reviewer mines Amazon code bases using search techniques and locality sensitive models for pull requests that include AWS API calls. It looks at code changes intended to improve the quality of the code, and cross-references them against documentation data. The result is the creation of a new set of rules that Reviewer recommends to you as best practices when it reviews your code.
During training for resource and sensitive data leaks, it does a full code analysis for all code paths that use the resource or sensitive data, creates a feature set representing those, and then uses those as inputs for logistic regression models and convolutional neural networks (CNNs).
For both rule-based and machine learning-based models, Amazon CodeGuru Reviewer uses the feedback you provide as labels and iteratively improves the quality of code detectors.
Amazon CodeGuru Profiler
Q: What is Amazon CodeGuru Profiler?
Amazon CodeGuru Profiler helps developers easily understand the runtime behaviour of their applications, improve performance, and decrease infrastructure costs. Amazon CodeGuru Profiler analyses the application runtime profile and provides intelligent recommendations and visualizations that guide developers on how to improve the performance of the most relevant parts of their code.
Q: What is a profiling group?
A profiling group is a logical grouping created by you. It represents the boundary of one application. For example, in a microservices architecture, a profiling group would aggregate the profiles of the microservices that you have assigned to it, and produce one profile for all of them.
Q: I already have extensive logging integrated into my code. Do I still need to profile?
Logging execution time only works for a limited set of scenarios because logging can only monitor latency (not CPU utilization), and is time consuming to implement because developers have to log every function in an application (without impacting application performance), leaving developers without the tools necessary to effectively monitor and troubleshoot applications in production. This is where profiling comes in: Amazon CodeGuru Profiler is designed to collect data on everything that happened in that application’s behaviour, regardless of scenarios. CodeGuru Profiler uses a knowledge base of commonly encountered performance inefficiencies to automatically discover code patterns in your live application that impact its performance. Developers can then follow the provided recommendations to fix the issues.
Q: How does Amazon CodeGuru Profiler differ from traditional APMs and standalone profilers?
Traditional APMs provide useful data on monitoring, tracing and application performance. Amazon CodeGuru Profiler complements these APM capabilities by providing visualization of the application’s runtime data as well as actionable recommendations for the performance issues it discovers. It also uses machine learning to detect and alert on anomalies in your application profile, pointing to the anomalous lines of code. Amazon CodeGuru Profiler enables you to easily see the parts of code that present the biggest opportunity for performance optimization, along with potential savings, and receive guidance on how to address them without the need to have a deep performance engineering background. Amazon CodeGuru Profiler profiles both EC2 instances, containers and serverless compute platforms including AWS Lambda. Furthermore, some standalone profilers are designed to only run in test environments while Amazon CodeGuru Profiler was designed to continuously run in production, under production traffic loads, and without impact to the application. This is useful when troubleshooting operational issues in production, including when running on bare metal hosts.
Q: What types of applications can I profile?
Amazon CodeGuru Profiler works with applications hosted on Amazon EC2, containerized applications running on Amazon ECS and Amazon EKS, as well as serverless applications running on AWS Fargate and AWS Lambda.
Q: How does the CodeGuru profiler impacts the performance of applications hosted on AWS Lambda?
Amazon CodeGuru Profiler's agent uses the resources (CPU, memory) allocated to AWS Lambda functions. It is tuned to have a minimal impact on your application's performance while it runs as an in-process thread. If your application consumes most of resources on AWS Lambda function, evaluate increasing the resources to enable the agent to properly function.
Q: What programming languages are supported?
Amazon CodeGuru Profiler currently supports JVM applications including Java, Scala, Kotlin, etc.
Q: How does Amazon CodeGuru Profiler work?
Amazon CodeGuru Profiler consists of three parts: an agent, the profiler service, and intelligent recommendations. The agent is started with your application on the command line and it runs as an in-process thread as part of your application. It takes data from each of your service instances running the agent and sends them to the profiler service every 10 minutes, which then aggregates them. Amazon CodeGuru Profiler then publishes the profile data in interactive flame graphs that enable you to visualize the performance of your application. Amazon CodeGuru Profiler also continuously scans the profiled data and compares it against Amazon and performance engineering best practices and proactively alerts you with intelligent recommendations when performance issues are discovered. It also uses machine learning to continuously analyse application runtime data and alerts when it detects anomalies in the application profile and points to the anomalous lines of code.