Bob Benson bbenson29

## assume_root_credentials.sh
#!/bin/bash

AWS_ACCOUNT_ID=012345678901

# Check if jq is installed
if ! command -v jq &> /dev/null; then
    echo "Error: jq is not installed. Please install jq to parse JSON."
    exit 1
fi

## cloud-config.sh
export PROJECT_ID="INSERT-PROJECT-ID"
export PROJECT_NUMBER="INSERT-PROJECT-NUMBER"
export STATE_BUCKET="INSERT-STATE-BUCKET-NAME"


gcloud storage buckets create gs://$STATE_BUCKET --project=$PROJECT_ID --default-storage-class=STANDARD --location=EUROPE-WEST1 --uniform-bucket-level-access

gcloud iam workload-identity-pools create github \
    --project=$PROJECT_ID \
    --location="global" \

## README.md

      
              3 files
            
          
              21 forks
            
          
                12 comments
              
            
              50 stars
            
          
                iMilnb
                / README.md
            
            
              Last active
              January 18, 2024 08:08
            
              
                AWS Terraform configuration: Stream CloudWatch Logs to ElasticSearch
              
          
    Rationale

This snippet is a sample showing how to implement CloudWatch Logs streaming to ElasticSearch using terraform.
I wrote this gist because I didn't found a clear, end-to-end example on how to achieve this task. In particular,
I understood the resource "aws_lambda_permission" "cloudwatch_allow" part by reading a couple of bug reports plus
this stackoverflow post.
The js file is actually the Lambda function automatically created by AWS when creating this pipeline through the
web console. I only added a endpoint variable handling so it is configurable from terraform.

  
## sample-traefik-setup.yml
version: "3"

services:
    # FaaS API Gateway
  gateway:
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    image: alexellis2/faas-gateway:latest
    networks:
      - traefik-net

## packer.json
{
  "variables": {
    "aws_access_key": "",
    "aws_secret_key": "",
    "aws_account_id": "",
    "aws_region": ""
  },
  "builders": [
    {
      "type": "amazon-ebs",

## install-docker-master.sh
#!/bin/sh
# option 2: paste this into user-data to automate install via boot script
# NOTE: update --label=owner=YOURNAME below if you want to easily identify yours

# renames the host to have a suffix of alexellisio
export original=$(cat /etc/hostname)
sudo hostname $original-master-alexellisio
echo $original-master-alexellisio | sudo tee /etc/hostname

apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
	#!/bin/bash

	AWS_ACCOUNT_ID=012345678901

	# Check if jq is installed
	if ! command -v jq &> /dev/null; then
	echo "Error: jq is not installed. Please install jq to parse JSON."
	exit 1
	fi
	export PROJECT_ID="INSERT-PROJECT-ID"
	export PROJECT_NUMBER="INSERT-PROJECT-NUMBER"
	export STATE_BUCKET="INSERT-STATE-BUCKET-NAME"


	gcloud storage buckets create gs://$STATE_BUCKET --project=$PROJECT_ID --default-storage-class=STANDARD --location=EUROPE-WEST1 --uniform-bucket-level-access

	gcloud iam workload-identity-pools create github \
	--project=$PROJECT_ID \
	--location="global" \
	version: "3"

	services:
	# FaaS API Gateway
	gateway:
	volumes:
	- "/var/run/docker.sock:/var/run/docker.sock"
	image: alexellis2/faas-gateway:latest
	networks:
	- traefik-net
	{
	"variables": {
	"aws_access_key": "",
	"aws_secret_key": "",
	"aws_account_id": "",
	"aws_region": ""
	},
	"builders": [
	{
	"type": "amazon-ebs",
	#!/bin/sh
	# option 2: paste this into user-data to automate install via boot script
	# NOTE: update --label=owner=YOURNAME below if you want to easily identify yours

	# renames the host to have a suffix of alexellisio
	export original=$(cat /etc/hostname)
	sudo hostname $original-master-alexellisio
	echo $original-master-alexellisio \| sudo tee /etc/hostname

	apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D