artem-hatchenko’s gists

artem-hatchenko / ecs_task_definition_firelens_opensearch.json

Created December 30, 2023 14:41

ecs_task_definition_firelens_opensearch.json

	{
	"family": "nginx",
	"executionRoleArn": "arn:aws:iam::XXXXXXXXXXXX:role/ecsTaskExecutionRole",
	"taskRoleArn": "arn:aws:iam::XXXXXXXXXXXX:role/Sandbox-ECS-Nginx-Service-Role",
	"containerDefinitions": [
	{
	"name": "log_router",
	"image": "docker.io/amazon/aws-for-fluent-bit:latest",
	"cpu": 0,
	"memoryReservation": 50,

artem-hatchenko / ecs_task_execution_role_trusted_policy.json

Created December 30, 2023 14:54

ecs_task_execution_role_trusted_policy.json

	{
	"Version": "2008-10-17",
	"Statement": [
	{
	"Sid": "",
	"Effect": "Allow",
	"Principal": {
	"Service": "ecs-tasks.amazonaws.com"
	},
	"Action": "sts:AssumeRole"

artem-hatchenko / ecs_opensearch_log_policy.json

Created December 30, 2023 15:16

ecs_opensearch_log_policy.json

	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": [
	"es:ESHttpPost",
	"es:ESHttpPut"
	],
	"Resource": "arn:aws:es:us-east-1:XXXXXXXXXXXX:domain/sandbox"

artem-hatchenko / ec2_spots_eip_iam_policy.json

Created January 5, 2024 21:32

ec2_spots_eip_iam_policy.json

artem-hatchenko / ec2_spots_eip_handler.py

Last active January 5, 2024 23:45

ec2_spots_eip_handler.py

artem-hatchenko / opensearch_data_generator.sh

Created April 29, 2024 21:19

opensearch_data_generator.sh

	#!/bin/bash

	# OpenSearch parameters
	HOST="https://your-opensearch-url"
	INDEX="app"

	# Function to generate random data
	generate_random_data() {
	echo "{ \"timestamp\": \"$(date -Is)\", \"value\": $RANDOM }"
	}

artem-hatchenko / eks_fluent_bit_original.tf

Last active October 21, 2025 10:34

eks_fluent_bit_original.tf

	### AWS Fluent Bit
	resource "helm_release" "fluent-bit" {
	name = "aws-for-fluent-bit"
	repository = "https://aws.github.io/eks-charts"
	chart = "aws-for-fluent-bit"
	namespace = var.namespace

	version = var.helm_version

	dependency_update = true

artem-hatchenko / eks_fluent_bit_filter_kubernetes.tf

Created October 21, 2025 11:00

eks_fluent_bit_filter_kubernetes.tf

	[FILTER]
	Name kubernetes
	Match ${var.opensearch_filter}.*
	Kube_URL https://kubernetes.default.svc.cluster.local:443
	Merge_Log On
	# For rewrite_tag filter, Keep_log must be On
	Keep_log On
	K8S-Logging.Parser On
	K8S-Logging.Exclude On
	Kube_Tag_Prefix ${var.opensearch_filter}.var.log.containers.

artem-hatchenko / eks_fluent_bit_var.tf

Created October 21, 2025 11:06

eks_fluent_bit_var.tf

	variable "log_s3_outputs" {
	type = list(object({
	bucket = string
	namespace = string
	app = string
	tag_prefix = string
	bucket_out_prefix = string
	total_file_size = optional(string, "250M")
	upload_timeout = optional(string, "10m")
	shipping_logs_to_os = optional(string, "false")

artem-hatchenko / eks_fluent_bit_iam.tf

Created October 21, 2025 11:16

eks_fluent_bit_iam.tf

	# Get list of buckets without duplicates for IAM policy
	locals {
	log_s3_buckets = toset([for o in var.log_s3_outputs : o.bucket])
	}

	data "aws_iam_policy_document" "s3-logging" {
	dynamic "statement" {
	for_each = local.log_s3_buckets

	content {

Artem Hatchenko artem-hatchenko