DUNLOP.GEEK.NZ

Amazon Q – Your new fledgling SRE

2 min read
3 months ago Paul Dunlop

It’s true ! 🙂 AWS have begun extending Amazon Q’s capabilities 🙂 Where will it go in the future has exciting possibilities 🙂 At present this is per account, but imagine when it becomes Org wide!

When you log into your AWS accounts and select Q on the right hand side you may see this now:

Clicking on Learn More for adding in cross-region preferences takes you here: https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/chat-actions.html

To summarize this for you:

Amazon Q allows users to interact with and retrieve information about their AWS resources through the AWS Management Console chat panel. This feature is currently in preview and may change.

Capabilities

  • Actions: Amazon Q can perform get, list, and describe actions.
  • Queries: Users can ask questions like “List my S3 buckets” or “Show my running EC2 instances in us-east-1”.
  • Limitations: Amazon Q cannot access data stored within resources or handle questions related to security, identity, credentials, or cryptography.

Responses

  • Results: Amazon Q lists up to 6 resources with details, ARNs, and links to the service console.
  • Format: When querying a single resource, the response includes information in JSON format.

Prerequisites

  • Permissions: Specific permissions are required to chat with Amazon Q and to view the resources (e.g., q:SendMessage, q:StartConversation, s3:ListAllMyBuckets).
  • Example Policy: An example IAM policy is available to grant the necessary permissions.

Important Notes

  • Fees: Standard AWS fees apply for read, list, or describe actions.
  • Cross-Region Consent: Amazon Q calls from US East (N. Virginia) and may need consent to access resources in other regions.

Using Amazon Q

  • Region Specification: Users can specify the Region; otherwise, Amazon Q uses the current or most recent console Region, defaulting to US East (N. Virginia) if none is specified.
  • Additional Information: Amazon Q may ask for further details, such as resource names or ARNs, to complete requests.

Example Questions

  • Describe the encryption settings for S3 bucket <name>
  • List my EC2 instances in us-west-2
  • Get the configuration for my lambda function <name>

Very cool! 🙂 Can’t wait to see how this can be integrated into chat ops and systems such as Teams, Slack and Discord 🙂

More Stories

4 min read

Query your Entire AWS Org using Steampipe

10 months ago Paul Dunlop
4 min read

Using IAM Role Anywhere Credentials for Seamless Access Beyond AWS

12 months ago Paul Dunlop
7 min read

AWS App Runner + PHP

12 months ago Paul Dunlop

You may have missed

2 min read

Amazon Q – Your new fledgling SRE

3 months ago Paul Dunlop
4 min read

Query your Entire AWS Org using Steampipe

10 months ago Paul Dunlop
4 min read

Using IAM Role Anywhere Credentials for Seamless Access Beyond AWS

12 months ago Paul Dunlop
7 min read

AWS App Runner + PHP

12 months ago Paul Dunlop