# Submit IDT usage metrics
<a name="idt-usage-metrics"></a>

If you provide Amazon credentials with required permissions, Amazon IoT Device Tester collects and submits usage metrics to Amazon. This is an opt-in feature and is used to improve IDT functionality. IDT collects information such as the following: 
+ The Amazon account ID used to run IDT
+  The IDT CLI commands used to run tests
+ The test suite that are run
+ The test suites in the {{<device-tester-extract-location>}} folder
+ The number of devices configured in the device pool
+ Test case names and run times
+ Test result information, such as whether tests passed, failed, encountered errors, or were skipped
+ Product features tested
+ IDT exit behavior, such as unexpected or early exits 

 All of the information that IDT sends is also logged to a `metrics.log` file in the `{{<device-tester-extract-location>}}/results/{{<execution-id>}}/` folder. You can view the log file to see the information that was collected during a test run. This file is generated only if you choose to collect usage metrics. 

To disable metrics collection, you do not need to take additional action. Simply do not store your Amazon credentials, and if you do have stored Amazon credentials, do not configure the `config.json` file to access them. 

## Sign up for an Amazon Web Services account
<a name="sign-up-for-aws"></a>

If you do not have an Amazon Web Services account, use the following procedure to create one.

**To sign up for Amazon Web Services**

1. Open [http://www.amazonaws.cn/](http://www.amazonaws.cn/) and choose **Sign Up**.

1. Follow the on-screen instructions.

Amazon sends you a confirmation email after the sign-up process is complete. At any time, you can view your current account activity and manage your account by going to [http://www.amazonaws.cn/](http://www.amazonaws.cn/) and choosing **My Account**.

## Secure IAM users
<a name="secure-an-admin"></a>

After you sign up for an Amazon Web Services account, safeguard your administrative user by turning on multi-factor authentication (MFA). For instructions, see [Enable a virtual MFA device for an IAM user (console)](https://docs.amazonaws.cn/IAM/latest/UserGuide/id_credentials_mfa_enable_virtual.html#enable-virt-mfa-for-iam-user) in the *IAM User Guide*.

To give other users access to your Amazon Web Services account resources, create IAM users. To secure your IAM users, turn on MFA and only give the IAM users the permissions needed to perform their tasks.

For more information about creating and securing IAM users, see the following topics in the *IAM User Guide*: 
+ [Creating an IAM user in your Amazon Web Services account](https://docs.amazonaws.cn//IAM/latest/UserGuide/id_users_create.html)
+ [Access management for Amazon resources](https://docs.amazonaws.cn/IAM/latest/UserGuide/access.html)
+ [Example IAM identity-based policies](https://docs.amazonaws.cn/IAM/latest/UserGuide/access_policies_examples.html)

To provide access, add permissions to your users, groups, or roles:
+ Users managed in IAM through an identity provider:

  Create a role for identity federation. Follow the instructions in [Create a role for a third-party identity provider (federation)](https://docs.amazonaws.cn//IAM/latest/UserGuide/id_roles_create_for-idp.html) in the *IAM User Guide*.
+ IAM users:
  + Create a role that your user can assume. Follow the instructions in [Create a role for an IAM user](https://docs.amazonaws.cn//IAM/latest/UserGuide/id_roles_create_for-user.html) in the *IAM User Guide*.
  + (Not recommended) Attach a policy directly to a user or add a user to a user group. Follow the instructions in [Adding permissions to a user (console)](https://docs.amazonaws.cn//IAM/latest/UserGuide/id_users_change-permissions.html#users_change_permissions-add-console) in the *IAM User Guide*.

## Provide Amazon credentials to IDT
<a name="idt-metrics-creds"></a>

To allow IDT to access your Amazon credentials and submit metrics to Amazon, do the following:

1. Store the Amazon credentials for your IAM user as environment variables or in a credentials file:

   1. To use environment variables, run the following command:

      ```
      AWS_ACCESS_KEY_ID={{access-key}}
      AWS_SECRET_ACCESS_KEY={{secret-access-key}}
      ```

   1. To use the credentials file, add the following information to the `.aws/credentials file:`

      ```
      [profile-name]
      aws_access_key_id={{access-key}}
      aws_secret_access_key={{secret-access-key}}
      ```

1. Configure the `auth` section of the `config.json` file. For more information, see [(Optional) Configure config.json](set-config-custom.md#config-json-custom).