How to fixed an AccessDeniedException error when signing into Amazon Q Developer

Amazon CodeWhisperer is now Amazon Q Developer (30th April). I was excited to try the new features, so after I first updated my VSCode plugins to the latest versions, and then trying to re-authenticate with my IAM Identity Centre SSO User (I shared a previous post on how I set this up in, Setting up Amazon Q in VSCode using IAM Identity Centre).

You will notice the wording has changed, and that we now have "Use For Free" which is where you can use a Builder ID to use Amazon Q Developer without the need for an AWS Account, or the "Use with Pro licence" which is for folk who are going to log in with IAM Identity Centre accounts.

When I went to try and authenticate (Pro Licence), authentication failed and I received the following error (in the Amazon Q Logs option from the OUTPUT menu)

I did two things to fix my problem, so sharing this in case anyone else runs into this error.

The first was to update my Permissions Set within IAM Identity Centre, for the authenticated users that I had provided access to Amazon Q Developer to. The Amazon Q Developer documentation shares the various policies, and I just deleted the old one and replaced it with this one.

When I completed this, I was still getting errors. The next thing I did was from the Amazon Q Developer Dashboard within the AWS Console, was to remove the Amazon Identity Centre group that is attached to the permissions set, and then add it back again. Once I did that, I was able to get back into using Amazon Q Developer, Pro Licence within my VSCode.

Check out the short video below of this in action.

I hope this helps folk who might be running into this same error. Stay tuned for more adventures in Amazon Q Developer, and as always, I would love to hear your stories and what you are doing with Amazon Q Developer. Find more ways that Amazon Q Developer can help you by checking out the Developer Centre resources.