Using Amazon Q Developer plugins
Amazon Q Developer integrates with third party monitoring tools and security platforms so you can access your AWS application insights without leaving the AWS builder environment. In the AWS Management Console, you can chat about metrics provided by these tools to understand and address application performance, errors, or vulnerabilities.
After you configure a plugin, add the plugin alias to the beginning of your question when you chat with Amazon Q in the AWS console. Amazon Q calls the third party provider APIs to retrieve resources and generates a response with deep links to the external resources.
When Amazon Q calls a third party API, the API will not appear in AWS CloudTrail logs. The CloudTrail log will only show when an AWS Secrets Manager secret is accessed by Amazon Q to retrieve credentials to connect to the third party provider.
Amazon Q doesn't share any information with third party providers when you configure or use plugins. For more information on how Amazon Q uses your data, see Data protection.
Regardless of where you use plugins, your requests may be processed in the US East (N. Virginia) Region, the US West (Oregon), or the US East (Ohio) Region, even if the AWS Management Console is set to a different AWS Region.
Warning
Third party provider user permissions are not detected by Amazon Q Developer plugins. When an administrator configures a plugin in an AWS account, users with plugin permissions in that account have access to any resources in the third party provider account retrievable by the plugin.
You can configure IAM policies to restrict which plugins users have access to. For more information, see Allow users to chat with plugins from one provider.
To get started, see the topic for the plugin you want to use with Amazon Q Developer.
Topics
