Identify Amazon ECS optimization opportunities using application trace data
Amazon ECS integrates with Amazon Distro for OpenTelemetry to collect trace data from your
application. Amazon ECS uses an Amazon Distro for OpenTelemetry sidecar container to collect and
route trace data to Amazon X-Ray. For more information, see Setting up Amazon Distro for
OpenTelemetry Collector in Amazon ECS
For the Amazon Distro for OpenTelemetry Collector to send trace data to Amazon X-Ray, your application must be configured to create the trace data. For more information, see Instrumenting your application for Amazon X-Ray in the Amazon X-Ray Developer Guide.
Required IAM permissions for Amazon Distro for OpenTelemetry integration with Amazon X-Ray
The Amazon ECS integration with Amazon Distro for OpenTelemetry requires that you create a task role and specify the role in your task definition. We recommend that you configure the Amazon Distro for OpenTelemetry sidecar to route container logs to CloudWatch Logs.
Important
If you also collect application metrics using the Amazon Distro for OpenTelemetry integration, ensure your task IAM role also contains the permissions necessary for that integration. For more information, see Correlate Amazon ECS application performance using application metrics.
After you create the role, create a policy with the following permissions, and then attach it to the role.
logs:PutLogEventslogs:CreateLogGrouplogs:CreateLogStreamlogs:DescribeLogStreamslogs:DescribeLogGroupslogs:PutRetentionPolicyxray:PutTraceSegmentsxray:PutTelemetryRecordsxray:GetSamplingRulesxray:GetSamplingTargetsxray:GetSamplingStatisticSummariesssm:GetParameters