# Identify Amazon ECS optimization opportunities using application trace data
<a name="trace-data"></a>

Amazon ECS integrates with AWS Distro for OpenTelemetry to collect trace data from your application. Amazon ECS uses an AWS Distro for OpenTelemetry sidecar container to collect and route trace data to AWS X-Ray. For more information, see [Setting up AWS Distro for OpenTelemetry Collector in Amazon ECS](https://aws-otel.github.io/docs/setup/ecs). You can then use AWS X-Ray to identify errors and exceptions, analyze performance bottlenecks and response times.

For the AWS Distro for OpenTelemetry Collector to send trace data to AWS X-Ray, your application must be configured to create the trace data. For more information, see [Instrumenting your application for AWS X-Ray](https://docs.aws.amazon.com/xray/latest/devguide/xray-instrumenting-your-app.html) in the *AWS X-Ray Developer Guide*.

## Required IAM permissions for AWS Distro for OpenTelemetry integration with AWS X-Ray
<a name="trace-data-iam"></a>

The Amazon ECS integration with AWS Distro for OpenTelemetry requires that you create a task role and specify the role in your task definition. We recommend that you configure the AWS Distro for OpenTelemetry sidecar to route container logs to CloudWatch Logs.

**Important**  
If you also collect application metrics using the AWS Distro for OpenTelemetry integration, ensure your task IAM role also contains the permissions necessary for that integration. For more information, see [Correlate Amazon ECS application performance using application metrics](metrics-data.md).

After you create the role, create a policy with the following permissions, and then attach it to the role.
+ `logs:PutLogEvents`
+ `logs:CreateLogGroup`
+ `logs:CreateLogStream`
+ `logs:DescribeLogStreams`
+ `logs:DescribeLogGroups`
+ `logs:PutRetentionPolicy`
+ `xray:PutTraceSegments`
+ `xray:PutTelemetryRecords`
+ `xray:GetSamplingRules`
+ `xray:GetSamplingTargets`
+ `xray:GetSamplingStatisticSummaries`
+ `ssm:GetParameters`

# Specifying the AWS Distro for OpenTelemetry sidecar for AWS X-Ray integration in your task definition
<a name="trace-data-containerdefinitions"></a>

The Amazon ECS console simplifies creating the AWS Distro for OpenTelemetry sidecar container by using the **Use trace collection** option. For more information, see [Creating an Amazon ECS task definition using the console](create-task-definition.md).

If you're not using the Amazon ECS console, you can add the AWS Distro for OpenTelemetry sidecar container to your task definition. The following task definition snippet shows the container definition for adding the AWS Distro for OpenTelemetry sidecar for AWS X-Ray integration.

```
{
	"family": "otel-using-xray",
	"taskRoleArn": "arn:aws:iam::111122223333:role/AmazonECS_OpenTelemetryXrayRole",
	"executionRoleArn": "arn:aws:iam::111122223333:role/ecsTaskExecutionRole",
	"containerDefinitions": [{
			"name": "aws-otel-emitter",
			"image": "application-image",
			"logConfiguration": {
				"logDriver": "awslogs",
				"options": {
					"awslogs-create-group": "true",
					"awslogs-group": "/ecs/aws-otel-emitter",
					"awslogs-region": "us-east-1",
					"awslogs-stream-prefix": "ecs"
				}
			},
			"dependsOn": [{
				"containerName": "aws-otel-collector",
				"condition": "START"
			}]
		},
		{
			"name": "aws-otel-collector",
			"image": "public.ecr.aws/aws-observability/aws-otel-collector:v0.30.0",
			"essential": true,
			"command": [
				"--config=/etc/ecs/otel-instance-metrics-config.yaml"
			],
			"logConfiguration": {
				"logDriver": "awslogs",
				"options": {
					"awslogs-create-group": "True",
					"awslogs-group": "/ecs/ecs-aws-otel-sidecar-collector",
					"awslogs-region": "us-east-1",
					"awslogs-stream-prefix": "ecs"
				}
			}
		}
	],
	"networkMode": "awsvpc",
	"requiresCompatibilities": [
		"FARGATE"
	],
	"cpu": "1024",
	"memory": "3072"
}
```