# Running ETL within AWS

### Author: Daniel Agustinus Pesiwarissa

Within this Python notebook,I will show you how an ETL can be performed within AWS:
- Creating the Redshift Cluster
- Setting up the IAM role ARN that would give access to Redshift to read from S3
- Create the Staging table and the Production tables
- Load the data from Udacity's S3 to the Staging table, then load it to the production. This can also be considered as an ELT instead of an ETL
- Perform analytical query on the IPYNB

In [1]:
from time import time
import configparser
import matplotlib.pyplot as plt
import pandas as pd
import boto3
import json

%load_ext sql

I've imported several libraries to ensure that we can perform the necessary tasks
- Configparser is used to read configuration setup information straight from the .cfg file. By doing this, we will not touch the source code at all
- The matplotlib and pandas is used for the analytical portion for the latter stage
- The %load_ext sql is used so we can perform SQL queries within this notebook

In [2]:
config = configparser.ConfigParser()
config.read_file(open('dwh.cfg'))

KEY                    = config.get('AWS','KEY')
SECRET                 = config.get('AWS','SECRET')

DWH_CLUSTER_TYPE       = config.get("CLUSTER","DWH_CLUSTER_TYPE")
DWH_NUM_NODES          = config.get("CLUSTER","DWH_NUM_NODES")
DWH_NODE_TYPE          = config.get("CLUSTER","DWH_NODE_TYPE")

DWH_CLUSTER_IDENTIFIER = config.get("DWH","DWH_CLUSTER_IDENTIFIER")
DWH_DB                 = config.get("CLUSTER","DB_NAME")
DWH_DB_USER            = config.get("CLUSTER","DB_USER")
DWH_DB_PASSWORD        = config.get("CLUSTER","DB_PASSWORD")
DWH_PORT               = config.get("CLUSTER","DB_PORT")

DWH_IAM_ROLE_NAME      = config.get("DWH", "DWH_IAM_ROLE_NAME")

# STEP 0: Create clients for IAM, EC2, S3 and Redshift

Within the code below, we will be starting the connection to the EC2, S3, IAM, and the Redshift it self. We will need to be able to connect to all of the above so we can run everything properly

In [3]:
ec2 = boto3.resource('ec2',
                       region_name="us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                    )

s3 = boto3.resource('s3',
                       region_name="us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                   )

iam = boto3.client('iam',aws_access_key_id=KEY,
                     aws_secret_access_key=SECRET,
                     region_name='us-west-2'
                  )

redshift = boto3.client('redshift',
                       region_name="us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                       )

# STEP 1: IAM ROLE
- Create an IAM Role that makes Redshift able to access S3 bucket (ReadOnly)

In [4]:
from botocore.exceptions import ClientError

#1.1 Create the role, 
try:
    print("1.1 Creating a new IAM Role") 
    dwhRole = iam.create_role(
        Path='/',
        RoleName=DWH_IAM_ROLE_NAME,
        Description = "Allows Redshift clusters to call AWS services on your behalf.",
        AssumeRolePolicyDocument=json.dumps(
            {'Statement': [{'Action': 'sts:AssumeRole',
               'Effect': 'Allow',
               'Principal': {'Service': 'redshift.amazonaws.com'}}],
             'Version': '2012-10-17'})
    )    
except Exception as e:
    print(e)
    
    
print("1.2 Attaching Policy")

iam.attach_role_policy(RoleName=DWH_IAM_ROLE_NAME,
                       PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
                      )['ResponseMetadata']['HTTPStatusCode']

print("1.3 Get the IAM role ARN")
roleArn = iam.get_role(RoleName=DWH_IAM_ROLE_NAME)['Role']['Arn']

print(roleArn)

1.1 Creating a new IAM Role
An error occurred (EntityAlreadyExists) when calling the CreateRole operation: Role with name dwhRole already exists.
1.2 Attaching Policy
1.3 Get the IAM role ARN
arn:aws:iam::692420999420:role/dwhRole


# STEP 2:  Redshift Cluster

- Create a RedShift Cluster
- For complete arguments to `create_cluster`, see [docs](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/redshift.html#Redshift.Client.create_cluster)

In [5]:
try:
    response = redshift.create_cluster( 
        ClusterType=DWH_CLUSTER_TYPE,
        NodeType=DWH_NODE_TYPE,
        NumberOfNodes=int(DWH_NUM_NODES),
        DBName=DWH_DB,
        ClusterIdentifier=DWH_CLUSTER_IDENTIFIER,
        MasterUsername=DWH_DB_USER,
        MasterUserPassword=DWH_DB_PASSWORD,
        IamRoles=[roleArn]
    )
except Exception as e:
    print(e)

We will be saving the Host address and the ROLE within the DWH_ENDPOINT and DWH_ROLE_ARN

In [6]:
def prettyRedshiftProps(props):
    pd.set_option('display.max_colwidth', -1)
    keysToShow = ["ClusterIdentifier", "NodeType", "ClusterStatus", "MasterUsername", "DBName", "Endpoint", "NumberOfNodes", 'VpcId']
    x = [(k, v) for k,v in props.items() if k in keysToShow]
    return pd.DataFrame(data=x, columns=["Key", "Value"])

myClusterProps = redshift.describe_clusters(ClusterIdentifier=DWH_CLUSTER_IDENTIFIER)['Clusters'][0]
prettyRedshiftProps(myClusterProps)

DWH_ENDPOINT = myClusterProps['Endpoint']['Address']
DWH_ROLE_ARN = myClusterProps['IamRoles'][0]['IamRoleArn']

## STEP 3: Open an incoming  TCP port to access the cluster ednpoint


In [7]:
try:
    vpc = ec2.Vpc(id=myClusterProps['VpcId'])
    defaultSg = list(vpc.security_groups.all())[0]
    print(defaultSg)
    defaultSg.authorize_ingress(
        GroupName=defaultSg.group_name,
        CidrIp='0.0.0.0/0',
        IpProtocol='TCP',
        FromPort=int(DWH_PORT),
        ToPort=int(DWH_PORT)
    )
except Exception as e:
    print(e)

ec2.SecurityGroup(id='sg-79f6ac37')


Let's check if we're connected

In [8]:
conn_string="postgresql://{}:{}@{}:{}/{}".format(DWH_DB_USER, DWH_DB_PASSWORD, 'redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com', DWH_PORT,DWH_DB)
print(conn_string)
%sql $conn_string

postgresql://dagustinus:IcePack310@redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com:5439/dwh


'Connected: dagustinus@dwh'

## Step 4: Creating the Staging and Production tables

In [9]:
import psycopg2
from sql_queries import create_table_queries, drop_table_queries

conn = psycopg2.connect("host={} dbname={} user={} password={} port={}".format(DWH_ENDPOINT, DWH_DB, DWH_DB_USER, DWH_DB_PASSWORD, DWH_PORT))
cur = conn.cursor()

for query in drop_table_queries:
    cur.execute(query)
    conn.commit()
print('Tables has been dropped.')

for query in create_table_queries:
    cur.execute(query)
    conn.commit()
print('All tables has been created.')

Tables has been dropped.
All tables has been created.


## Step 5: Loading the data to the Staging, then to Production

In [10]:
import psycopg2
from sql_queries import copy_table_queries, insert_table_queries

for query in copy_table_queries:
    cur.execute(query)
    conn.commit()

for query in insert_table_queries:
    cur.execute(query)
    conn.commit()

## Step 6: Performing analysis

In [11]:
conn_string="postgresql://{}:{}@{}:{}/{}".format(DWH_DB_USER, DWH_DB_PASSWORD, DWH_ENDPOINT, DWH_PORT,DWH_DB)
print(conn_string)

%sql $conn_string

Top_10_Artist = """
select a.name as "Artist Name", count(s.artist_id) as played
from songplays s
join artists a on s.artist_id = a.artist_id
group by a.name 
order by played desc
limit 10;
"""

%sql $Top_10_Artist

postgresql://dagustinus:IcePack310@redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com:5439/dwh
 * postgresql://dagustinus:***@redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com:5439/dwh
10 rows affected.


artist name,played
Dwight Yoakam,37
Kid Cudi / Kanye West / Common,10
Kid Cudi,10
Ron Carter,9
Lonnie Gordon,9
B.o.B,8
Usher,6
Usher featuring Jermaine Dupri,6
Muse,6
Richard Hawley And Death Ramps_ Arctic Monkeys,5


In [12]:
Top_10_Songs="""
select s.title as "Song Title", a.name as "Artist", count(s.title) as played
from songplays sp
join songs s on sp.song_id = s.song_id
join artists a on sp.artist_id = a.artist_id
group by s.title,a.name
order by played desc
limit 10;
"""

%sql $Top_10_Songs

 * postgresql://dagustinus:***@redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com:5439/dwh
10 rows affected.


song title,artist,played
You're The One,Dwight Yoakam,37
Catch You Baby (Steve Pitron & Max Sanna Radio Edit),Lonnie Gordon,9
I CAN'T GET STARTED,Ron Carter,9
Nothin' On You [feat. Bruno Mars] (Album Version),B.o.B,8
Hey Daddy (Daddy's Home),Usher featuring Jermaine Dupri,6
Hey Daddy (Daddy's Home),Usher,6
Up Up & Away,Kid Cudi,5
Make Her Say,Kid Cudi / Kanye West / Common,5
Up Up & Away,Kid Cudi / Kanye West / Common,5
Make Her Say,Kid Cudi,5


In [13]:
Users_per_level="""
select level, count(level) as "total users per level"
from users
group by level
"""

%sql $Users_per_level

 * postgresql://dagustinus:***@redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com:5439/dwh
2 rows affected.


level,total users per level
paid,22
free,83


# STEP 7: Clean up the Cluster

In [14]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
redshift.delete_cluster( ClusterIdentifier=DWH_CLUSTER_IDENTIFIER,  SkipFinalClusterSnapshot=True)
#### CAREFUL!!

{'Cluster': {'ClusterIdentifier': 'redshift-cluster-1',
  'NodeType': 'dc2.large',
  'ClusterStatus': 'deleting',
  'MasterUsername': 'dagustinus',
  'DBName': 'dwh',
  'Endpoint': {'Address': 'redshift-cluster-1.cplfbl78n5jd.us-west-2.redshift.amazonaws.com',
   'Port': 5439},
  'ClusterCreateTime': datetime.datetime(2019, 9, 12, 14, 15, 28, 251000, tzinfo=tzlocal()),
  'AutomatedSnapshotRetentionPeriod': 1,
  'ClusterSecurityGroups': [],
  'VpcSecurityGroups': [{'VpcSecurityGroupId': 'sg-79f6ac37',
    'Status': 'active'}],
  'ClusterParameterGroups': [{'ParameterGroupName': 'default.redshift-1.0',
    'ParameterApplyStatus': 'in-sync'}],
  'ClusterSubnetGroupName': 'default',
  'VpcId': 'vpc-5e2a9226',
  'AvailabilityZone': 'us-west-2c',
  'PreferredMaintenanceWindow': 'tue:08:30-tue:09:00',
  'PendingModifiedValues': {},
  'ClusterVersion': '1.0',
  'AllowVersionUpgrade': True,
  'NumberOfNodes': 4,
  'PubliclyAccessible': True,
  'Encrypted': False,
  'Tags': [],
  'EnhancedVpcRou

# STEP 8: Turning off the IAM Role

In [15]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
iam.detach_role_policy(RoleName=DWH_IAM_ROLE_NAME, PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
iam.delete_role(RoleName=DWH_IAM_ROLE_NAME)
#### CAREFUL!!

{'ResponseMetadata': {'RequestId': 'cfa2aac5-d568-11e9-8bd8-6b3598217f12',
  'HTTPStatusCode': 200,
  'HTTPHeaders': {'x-amzn-requestid': 'cfa2aac5-d568-11e9-8bd8-6b3598217f12',
   'content-type': 'text/xml',
   'content-length': '200',
   'date': 'Thu, 12 Sep 2019 14:22:54 GMT'},
  'RetryAttempts': 0}}