diff --git a/osi/create-stack.sh b/osi/create-stack.sh
new file mode 100755
index 0000000..628740e
--- /dev/null
+++ b/osi/create-stack.sh
@@ -0,0 +1,10 @@
+#!/bin/bash -e
+
+STACK_NAME=${1:-"ubi"}
+
+aws cloudformation create-stack \
+    --stack-name ${STACK_NAME} \
+    --template-body file://template.yaml \
+    --capabilities CAPABILITY_IAM \
+    --region us-east-1 \
+    --profile mtnfog
diff --git a/osi/delete-stack.sh b/osi/delete-stack.sh
new file mode 100755
index 0000000..3162771
--- /dev/null
+++ b/osi/delete-stack.sh
@@ -0,0 +1,8 @@
+#!/bin/bash -e
+
+STACK_NAME=${1:-"ubi"}
+
+aws cloudformation delete-stack \
+    --stack-name ${STACK_NAME} \
+    --region us-east-1 \
+    --profile mtnfog
diff --git a/osi/template.yaml b/osi/template.yaml
new file mode 100644
index 0000000..572f32c
--- /dev/null
+++ b/osi/template.yaml
@@ -0,0 +1,144 @@
+---
+AWSTemplateFormatVersion: '2010-09-09'
+Description: AWS CloudFormation Template for OpenSearch Service
+
+Parameters:
+
+  OpenSearchUserName:
+    Description: OpenSearch username
+    Type: String
+    Default: admin
+  
+  OpenSearchPassword:
+    Description: OpenSearch password
+    Type: String
+    NoEcho: true
+    Default: OpenSearchPasswod_123
+
+Outputs:
+  OpenSearchEndpoint:
+    Description: OpenSearch Endpoint URL
+    Value: !Sub ${OpenSearchDomain.DomainEndpoint}
+
+Resources:
+
+  S3Bucket:
+    Type: AWS::S3::Bucket
+    Properties:
+      BucketName: mtnfog-ubi
+
+  IngestionLogGroup: 
+    Type: AWS::Logs::LogGroup
+    Properties: 
+      LogGroupName: /aws/vendedlogs/OpenSearchService/ubi
+      RetentionInDays: 7
+
+  OpenSearchDomain:
+    Type: AWS::OpenSearchService::Domain
+    Properties:
+      DomainName: ubi
+      EngineVersion: OpenSearch_2.15
+      ClusterConfig:
+        InstanceType: t3.small.search
+        InstanceCount: 1
+      AdvancedSecurityOptions:
+        Enabled: true
+        InternalUserDatabaseEnabled: true
+        MasterUserOptions: 
+          MasterUserName: !Ref OpenSearchUserName
+          MasterUserPassword: !Ref OpenSearchPassword
+      EncryptionAtRestOptions: 
+          Enabled: true
+      NodeToNodeEncryptionOptions:
+          Enabled: true
+      DomainEndpointOptions:
+          EnforceHTTPS: true
+      EBSOptions:
+        EBSEnabled: true
+        VolumeType: gp2
+        VolumeSize: 10
+      AccessPolicies:
+        Version: '2012-10-17'
+        Statement:
+          - Effect: Allow
+            Principal:
+              AWS: '*'
+            Action: 'es:*'
+            Resource: '*'
+
+  OsisRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service:
+                - osis-pipelines.amazonaws.com
+            Action:
+              - "sts:AssumeRole"
+      Path: /
+      Policies:
+        - PolicyName: root
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              - Effect: Allow
+                Action: 'es:DescribeDomain'
+                Resource:   
+                  Fn::Join:
+                    - ':/'
+                    - - Fn::GetAtt:
+                          - OpenSearchDomain
+                          - Arn
+                      - "*"
+              - Effect: Allow
+                Action: 'es:ESHttp*'
+                Resource:
+                  Fn::Join:
+                    - ':/'
+                    - - Fn::GetAtt:
+                          - OpenSearchDomain
+                          - Arn
+                      - "ubi/*"
+
+  # OpenSearchIngestionPipeline:
+  #   Type: AWS::OSIS::Pipeline
+  #   Properties:
+  #     LogPublishingOptions:
+  #       IsLoggingEnabled: true
+  #       CloudWatchLogDestination:
+  #         LogGroup: !Ref IngestionLogGroup
+  #     MinUnits: 3
+  #     MaxUnits: 9
+  #     PipelineName: ubi-pipeline
+  #     PipelineConfigurationBody: !Sub |
+  #         version: "2"
+  #         log-pipeline:
+  #           source:
+  #             s3:
+  #               codec:
+  #                 newline: # Other options "json", "csv", "parquet"
+  #               compression: "none"
+  #               aws:
+  #                 region: "!Ref AWS::Region"
+  #                 sts_role_arn: "!Ref OsisRole"
+  #               acknowledgments: true
+  #               scan:
+  #                 range: "PT8H"
+  #                delete_s3_objects_on_read: true
+  #           processor:
+  #             - date:
+  #                 destination: "@timestamp"
+  #                 from_time_received: true
+  #             - delete_entries:
+  #                 with_keys: [ "s3" ]
+  #           sink:
+  #             - opensearch:
+  #                 hosts: [ "!GetAtt OpenSearchDomain.DomainEndpoint" ]
+  #                 aws:
+  #                   sts_role_arn: "!Ref OsisRole"
+  #                   region: "!Ref AWS::Region"
+  #                   serverless: false
+  #                 index: "ubi"
diff --git a/osi/update-stack.sh b/osi/update-stack.sh
new file mode 100755
index 0000000..dedf79a
--- /dev/null
+++ b/osi/update-stack.sh
@@ -0,0 +1,10 @@
+#!/bin/bash -e
+
+STACK_NAME=${1:-"ubi"}
+
+aws cloudformation update-stack \
+    --stack-name ${STACK_NAME} \
+    --template-body file://template.yaml \
+    --capabilities CAPABILITY_IAM \
+    --region us-east-1 \
+    --profile mtnfog
diff --git a/osi/validate-template.sh b/osi/validate-template.sh
new file mode 100755
index 0000000..08ec08f
--- /dev/null
+++ b/osi/validate-template.sh
@@ -0,0 +1,6 @@
+#!/bin/bash -e
+
+aws cloudformation validate-template \
+    --template-body file://template.yaml \
+    --region us-east-1 \
+    --profile mtnfog