# IDT usage metrics
If you provide Amazon credentials with required permissions, Amazon IoT Device Tester collects and submits usage metrics to Amazon. This is an opt-in feature and is used to improve IDT functionality. IDT collects information such as the following:
+ The Amazon Web Services account ID used to run IDT
+ The IDT Amazon CLI commands used to run tests
+ The test suites that are run
+ The test suites in the {{}} folder
+ The number of devices configured in the device pool
+ Test case names and run times
+ Test result information, such as whether tests passed, failed, encountered errors, or were skipped
+ Product features tested
+ IDT exit behavior, such as unexpected or early exits
All of the information that IDT sends is also logged to a `metrics.log` file in the `{{}}/results/{{}}/` folder. You can view the log file to see the information that was collected during a test run. This file is generated only if you choose to collect usage metrics.
To disable metrics collection, you do not need to take additional action. Simply do not store your Amazon credentials, and if you do have stored Amazon credentials, do not configure the `config.json` file to access them.
## Configure your Amazon credentials
If you do not already have an Amazon Web Services account, you must [create one](#idt-metrics-permissions). If you already have an Amazon Web Services account, you simply need to [configure the required permissions](#idt-metrics-permissions) for your account that allow IDT to send usage metrics to Amazon on your behalf.
### Step 2: Configure permissions for IDT
In this step, configure the permissions that IDT uses to run tests and collect IDT usage data. You can use the Amazon Web Services Management Console or Amazon Command Line Interface (Amazon CLI) to create an IAM policy and a user for IDT, and then attach policies to the user.
+ [To Configure Permissions for IDT (Console)](#idt-metrics-permissions-console)
+ [To Configure Permissions for IDT (Amazon CLI)](#idt-metrics-permissions-cli)
**To configure permissions for IDT (console)**
Follow these steps to use the console to configure permissions for IDT for Amazon IoT Greengrass.
1. Sign in to the [IAM console](https://console.amazonaws.cn/iam).
1. Create a customer managed policy that grants permissions to create roles with specific permissions.
1. In the navigation pane, choose **Policies**, and then choose **Create policy**.
1. On the **JSON** tab, replace the placeholder content with the following policy.
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot-device-tester:SendMetrics"
],
"Resource": "*"
}
]
}
```
------
1. Choose **Review policy**.
1. For **Name**, enter **IDTUsageMetricsIAMPermissions**. Under **Summary**, review the permissions granted by your policy.
1. Choose **Create policy**.
1. Create an IAM user and attach permissions to the user.
1. Create an IAM user. Follow steps 1 through 5 in [Creating IAM users (console)](https://docs.amazonaws.cn/IAM/latest/UserGuide/id_users_create.html#id_users_create_console) in the *IAM User Guide*. If you already created an IAM user, skip to the next step.
1. Attach the permissions to your IAM user:
1. On the **Set permissions ** page, choose **Attach existing policies to user directly**.
1. Search for the **IDTUsageMetricsIAMPermissions** policy that you created in the previous step. Select the check box.
1. Choose **Next: Tags**.
1. Choose **Next: Review** to view a summary of your choices.
1. Choose **Create user**.
1. To view the user's access keys (access key IDs and secret access keys), choose **Show** next to the password and access key. To save the access keys, choose **Download.csv** and save the file to a secure location. You use this information later to configure your Amazon credentials file.
**To configure permissions for IDT (Amazon CLI)**
Follow these steps to use the Amazon CLI to configure permissions for IDT for Amazon IoT Greengrass.
1. On your computer, install and configure the Amazon CLI if it's not already installed. Follow the steps in [ Installing the Amazon CLI](https://docs.amazonaws.cn/cli/latest/userguide/cli-chap-install.html) in the *Amazon Command Line Interface User Guide*.
**Note**
The Amazon CLI is an open source tool that you can use to interact with Amazon services from your command-line shell.
1. Create the following customer managed policy that grants permissions to manage IDT and Amazon IoT Greengrass roles.
------
#### [ Linux or Unix ]
```
aws iam create-policy --policy-name IDTUsageMetricsIAMPermissions --policy-document '{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot-device-tester:SendMetrics"
],
"Resource": "*"
}
]
}'
```
------
#### [ Windows command prompt ]
```
aws iam create-policy --policy-name IDTUsageMetricsIAMPermissions --policy-document
'{\"Version\": \"2012-10-17\", \"Statement\": [{\"Effect\": \"Allow\", \"Action\": [\"iot-device-tester:SendMetrics\"], \"Resource": \"*\"}]}'
```
**Note**
This step includes a Windows command prompt example because it uses a different JSON syntax than Linux, macOS, or Unix terminal commands.
------
#### [ PowerShell ]
```
aws iam create-policy --policy-name IDTUsageMetricsIAMPermissions --policy-document '{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot-device-tester:SendMetrics"
],
"Resource": "*"
}
]
}'
```
------
1. Create an IAM user and attach the permissions required by IDT for Amazon IoT Greengrass.
1. Create an IAM user.
```
aws iam create-user --user-name {{user-name}}
```
1. Attach the `IDTUsageMetricsIAMPermissions` policy you created to your IAM user. Replace {{user-name}} with your IAM user name and {{}} in the command with the ID of your Amazon Web Services account.
```
aws iam attach-user-policy --user-name {{user-name}} --policy-arn arn:aws-cn:iam::{{}}:policy/IDTGreengrassIAMPermissions
```
1. Create a secret access key for the user.
```
aws iam create-access-key --user-name {{user-name}}
```
Store the output in a secure location. You use this information later to configure your Amazon credentials file.
## Provide Amazon credentials to IDT
To allow IDT to access your Amazon credentials and submit metrics to Amazon, do the following:
1. Store the Amazon credentials for your IAM user as environment variables or in a credentials file:
1. To use environment variables, run the following commands.
------
#### [ Linux or Unix ]
```
export AWS_ACCESS_KEY_ID={{access-key}}
export AWS_SECRET_ACCESS_KEY={{secret-access-key}}
```
------
#### [ Windows Command Prompt (CMD) ]
```
set AWS_ACCESS_KEY_ID={{access-key}}
set AWS_SECRET_ACCESS_KEY={{secret-access-key}}
```
------
#### [ PowerShell ]
```
$env:AWS_ACCESS_KEY_ID="{{access-key}}"
$env:AWS_SECRET_ACCESS_KEY="{{secret-access-key}}"
```
------
1. To use the credentials file, add the following information to the `~/.aws/credentials` file.
```
[profile-name]
aws_access_key_id={{access-key}}
aws_secret_access_key={{secret-access-key}}
```
1. Configure the `auth` section of the `config.json` file. For more information, see [(Optional) Configure config.json](set-custom-idt-config.md#config-json-custom).