DEV Community

Sergey Zhekpisov
Sergey Zhekpisov

Posted on

Honest impression about Amazon Q

I know, you're tired of AI noise, I get it. No worries, me too! But listen, here is the story I want to tell you - no propaganda, just pure experience.

For the record, I was not paying for any AI subscription - no ChatGPT, no Claude, no Cursor, and for sure no Perplexity. I didn't see the value! However, I must admit that I used it occasionally - to research the best robot vacuum on the market, to check my English grammar, and to create a travel plan for the weekend. Life was simple, and the free tier of every model was more than enough.

However, more than one month ago, I came across an article stating that AWS had released MCP (Model Context Protocol) for EKS (Elastic Kubernetes Service, managed Kubernetes service in AWS), which you can connect to Amazon Q - Generative AI Assistant from Amazon.

I never heard of Amazon Q. There was always a button in the console that never did anything useful, so I was successfully ignoring it.

But as a long-time practitioner of EKS, I was curious. "Why don't I give it a shot?"

Oh boy, I wasn't ready for the outcome. Amazon Q is mighty. Here is the list of scenarios it helped me with:

Create NACL (Network Access Control List) using VPC flow logs from the last 24 hours. You don't need to combine complex rules anymore - ask in the chat.
Identify issues with the ELK (Elastic, Logstash, Kibana) stack deployed in EKS.
Troubleshoot faulty pods and suggest solutions for the problems that require attention.
Troubleshoot network connectivity and provide suggestions on the cause of the issue.
Identify access issues and recommend a policy to resolve them.
Find a security group where I deleted a rule during the last 30 minutes
...and many, many more!

Let's examine one of the scenarios: the pod is restarting. What would you do? Usually, it means that the pod is out of memory, or the liveness probe has not passed. Therefore, you should check the logs, the monitoring tool, and verify resource usage, limits, and requests of the pod. Based on the data, you can then make a decision.

And this is where Agentic AI is doing its best - working with data! It collects information from multiple sources and creates a summary of what is going on. And now, instead of spending time on all that analysis, you can ask AI and verify its conclusion, which is, in most cases (but not always), right.

And here the cherry on the top: I was struggling with my Terraform code. The AWS Config configuration that worked in one region didn't work in another. It drove me crazy - the region was the only difference, and I couldn't figure out why it was not working. I checked everything and double-checked my access - nothing.

As a last resort, I went to ask Amazon Q what was wrong. It went through access and suggested using the service config principal instead of the service role, which will have access to the bucket for the delivery channel.

"It does not make sense", were my thoughts, "service role should be fine, it's Security Hub recommendation, it works already". But I had nothing to lose, so I agreed to try that.

And it worked.

It turns out that AWS has undocumented regional discrepancies in its configuration (and their support confirmed it). And Amazon Q helped me to discover it.

I find it quite entertaining that one product from the company helped to find flaws in another product of the same company.

However, it's not a silver bullet. Of course, if the context is limited, its conclusions will be faulty. Additionally, Amazon Q offers Claude-Sonnet-3.7 and Claude-Sonnet-4; however, in reality, only the latest version is capable of producing meaningful results. And sometimes it uses incorrect parameters for the AWS CLI and fails to consider the entire context until it is pointed out, making it less than ideal.

But it's capable, I can assure you. With MCP for EKS and Terraform, it has become a daily tool for me now. Luckily, there is a free version available, allowing you to try it out for yourself.

At Katanox, we, as a "tech-first" company, are always looking for opportunities to improve our processes, and Amazon Q has already helped me to:

  • Reduce troubleshooting time by 50%
  • Reduce time-to-enable by 65%
  • Generate tests to cover the code and critical cases

Did I tell you that I don't pay for any AI subscription? Now it's changed.

If you tried Amazon Q already, what is your impression? Which MCPs are you using in addition? Please let me know in the comments below; I am curious.

Top comments (0)