Amazon SageMaker Unified Studio is in preview release and is subject to change.
Amazon Q in Amazon SageMaker Unified Studio
In the current release of Amazon SageMaker Unified Studio, by default, all users of an Amazon SageMaker platform domain have access to the Free Tier release of Amazon Q.
Amazon Q Developer is an AI coding assistant that can chat about code, provide inline code completions, and generate net new code. For more information, see What is Amazon Q Developer? in the Amazon Q Developer User Guide.
Enable Amazon Q Developer Pro
To enable Amazon Q Developer Pro in Amazon SageMaker Unified Studio, you must do the following:
-
Subscribe to Amazon Q Developer Pro in the Amazon Q console in the same AWS Region and the same AWS account that you use for Amazon SageMaker Unified Studio. To do this, complete the following procedure:
-
Navigate to the Amazon Q console
. -
Confirm that Amazon Q is connected to an instance of IAM Identity Center. This should be displayed on the Getting started page in the Connect to Identity Center section. If it is not connected, follow the steps in the Set up IAM Identity Center section in this guide.
-
On the Subscriptions page, choose Subscribe.
-
If you have not yet subscribed a user to Q, a popup window appears informing you that Amazon Q will create a managed application instance on your behalf. Choose Create and subscribe to Q Developer Pro.
-
A popup window appears inviting you to assign users and groups to Q for developer. Choose Get started.
-
In the search bar, type the first name of a user or the group name of a group you want to add to Q for developer. Then select the name of that user or group when it appears on the screen.
-
Repeat step 6 for all the users and groups that you want to have access to Q in Amazon SageMaker Unified Studio.
-
Choose Assign.
-
-
Enable Amazon Q Developer Pro in the Amazon SageMaker management console. To do this, complete the following procedure.
-
Navigate to the Amazon SageMaker management console at https://console.aws.amazon.com/datazone
and use the region selector in the top navigation bar to choose the appropriate AWS Region. -
Choose a domain where you want to enable Amazon Q Developer Pro and then on the domain's details page, choose the Amazon Q tab.
-
In the Amazon Q tab, expand the Actions drop-down and choose Edit.
-
On the Edit Amazon Q subscription page, choose Q Developer Pro and then choose Update.
-
Disable Amazon Q Developer Pro
In order to disable Amazon Q in your domain, you must update your permissions to use deny statements and update your domain level configuration. Do this by completing the following steps:
-
Update your permissions in the AWS policy: SageMakerStudioDomainExecutionRolePolicy to Deny “q:*”.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Deny", "Action": [ "q:*", "glue:StartCompletion", "glue:GetCompletion", ], "Resource": "*" } ]
-
Update your permissions in the AWS policy: SageMakerStudioProjectUserRolePolicy to Deny “q:*”.
{ "Sid": "AmazonQChatPermissions", "Effect": "Deny", "Action": [ "q:*", "glue:StartCompletion", "glue:GetCompletion", "codewhisperer:GenerateRecommendations", "sqlworkbench:PutQCustomContext", "sqlworkbench:GetQCustomContext", "sqlworkbench:DeleteQCustomContext", "sqlworkbench:GetQSqlRecommendations", "sqlworkbench:GetQSqlPromptQuotas" ], "Resource": "*" },
-
Update the Q setting in the domain level configuration.
arn:aws:ssm:<region>:<account-id>:parameter/amazon/datazone/q/<domain-id> to empty arn:aws:ssm:<region>:<account-id>:parameter/amazon/datazone/q/<domain-id>/q-enabled to false