# Create Redshift Cluster using the AWS Python SDK

In [1]:
import pandas as pd
import boto3
import json
import configparser
config = configparser.ConfigParser()
config.read_file(open('dwh.cfg'))

KEY = config.get('AWS', 'KEY')
SECRET = config.get('AWS', 'SECRET')

DWH_CLUSTER_TYPE = config.get('DWH', 'DWH_CLUSTER_TYPE')
DWH_NUM_NODES = config.get('DWH', 'DWH_NUM_NODES')
DWH_NODE_TYPE = config.get('DWH', 'DWH_NODE_TYPE')

DWH_CLUSTER_IDENTIFIER = config.get('DWH', 'DWH_CLUSTER_IDENTIFIER')
DWH_DB = config.get('DWH', 'DWH_DB')
DWH_DB_USER = config.get('DWH', 'DWH_DB_USER')
DWH_DB_PASSWORD = config.get('DWH', 'DWH_DB_PASSWORD')
DWH_PORT = config.get('DWH', 'DWH_PORT')

DWH_IAM_ROLE_NAME = config.get('DWH', 'DWH_IAM_ROLE_NAME')



# Create Clients for IAM, EC2, S3 and Redshift

In [2]:
ec2 = boto3.resource(
    'ec2',
    region_name = 'us-west-2',
    aws_access_key_id = KEY,
    aws_secret_access_key = SECRET
)

# S3
S3 = boto3.resource(
    's3',
    region_name = 'us-west-2',
    aws_access_key_id = KEY,
    aws_secret_access_key = SECRET
)

# iam
iam = boto3.client(
    'iam',
    aws_access_key_id = KEY,
    aws_secret_access_key = SECRET,
    region_name = 'us-west-2'
)

# redshift
redshift = boto3.client(
    'redshift',
    region_name = 'us-west-2',
    aws_access_key_id = KEY,
    aws_secret_access_key = SECRET
)

# Create IAM role that makes Redshift able to access S3 bucket

In [3]:
from botocore.exceptions import ClientError

#1.1 Create the role, 
try:
    print("1.1 Creating a new IAM Role") 
    dwhRole = iam.create_role(
        Path='/',
        RoleName=DWH_IAM_ROLE_NAME,
        Description = "Allows Redshift clusters to call AWS services on your behalf.",
        AssumeRolePolicyDocument=json.dumps(
            {'Statement': [{'Action': 'sts:AssumeRole',
               'Effect': 'Allow',
               'Principal': {'Service': 'redshift.amazonaws.com'}}],
             'Version': '2012-10-17'})
    )    
except Exception as e:
    print(e)
    
    
print("1.2 Attaching Policy")

iam.attach_role_policy(RoleName=DWH_IAM_ROLE_NAME,
                       PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
                      )['ResponseMetadata']['HTTPStatusCode']

print("1.3 Get the IAM role ARN")
roleArn = iam.get_role(RoleName=DWH_IAM_ROLE_NAME)['Role']['Arn']

print(roleArn)

1.1 Creating a new IAM Role
An error occurred (EntityAlreadyExists) when calling the CreateRole operation: Role with name dwhRole already exists.
1.2 Attaching Policy
1.3 Get the IAM role ARN
arn:aws:iam::632024851298:role/dwhRole


# Redshift Cluster

In [4]:
try:
    response = redshift.create_cluster(
        ClusterType = DWH_CLUSTER_TYPE,
        NodeType = DWH_NODE_TYPE,
        NumberOfNodes = int(DWH_NUM_NODES),

        # identifiers and credentials
        DBName = DWH_DB,
        ClusterIdentifier = DWH_CLUSTER_IDENTIFIER,
        MasterUsername = DWH_DB_USER,
        MasterUserPassword = DWH_DB_PASSWORD,

        # roles (for s3 access)
        IamRoles = [roleArn]
    )

except Exception as e:
    print(e)

An error occurred (ClusterAlreadyExists) when calling the CreateCluster operation: Cluster already exists


# Describe the cluster to see its status

In [5]:
def prettyRedshiftProps(props):
    pd.set_option('display.max_colwidth', None)
    keysToShow = ['ClusterIdentifier', 'NodeType', 'ClusterStatus', 'MasterUsername', 'DBName', 'Endpoint', 'NumberOfNodes', 'VpcId']
    x = [(k,v) for k,v in props.items() if k in keysToShow]
    return pd.DataFrame(data=x, columns=['key', 'value'])

myClusterProps = redshift.describe_clusters(ClusterIdentifier = DWH_CLUSTER_IDENTIFIER)['Clusters'][0]
prettyRedshiftProps(myClusterProps)

Unnamed: 0,key,value
0,ClusterIdentifier,dwhcluster
1,NodeType,dc2.large
2,ClusterStatus,available
3,MasterUsername,dwhuser
4,DBName,dwh
5,Endpoint,"{'Address': 'dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com', 'Port': 5439}"
6,VpcId,vpc-05e7f14573171a90d
7,NumberOfNodes,4


In [6]:
DWH_ENDPOINT = myClusterProps['Endpoint']['Address']
DWH_ROLE_ARN = myClusterProps['IamRoles'][0]['IamRoleArn']

print(f'DWH_ENDPOINT : {DWH_ENDPOINT}')
print(f'DWH_ROLE_ARN : {DWH_ROLE_ARN}')

DWH_ENDPOINT : dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com
DWH_ROLE_ARN : arn:aws:iam::632024851298:role/dwhRole


# Open an Incoming TCP port to access the cluster endpoint

In [7]:
try:
    vpc = ec2.Vpc(id = myClusterProps['VpcId'])
    defaultSg = list(vpc.security_groups.all())[0]
    print(defaultSg)
    defaultSg.authorize_ingress(
        GroupName = defaultSg.group_name,
        CidrIp = '0.0.0.0/0',
        IpProtocol = 'TCP',
        FromPort = int(DWH_PORT),
        ToPort = int(DWH_PORT)
    )

except Exception as e:
    print(e)

ec2.SecurityGroup(id='sg-0e4ec79947a4675ca')
An error occurred (InvalidPermission.Duplicate) when calling the AuthorizeSecurityGroupIngress operation: the specified rule "peer: 0.0.0.0/0, TCP, from port: 5439, to port: 5439, ALLOW" already exists


# Connect to the Cluster

In [8]:
%load_ext sql

In [13]:
conn_string = "postgresql://{}:{}@{}:{}/{}".format(
    DWH_DB_USER,
    DWH_DB_PASSWORD,
    DWH_ENDPOINT,
    DWH_PORT,
    DWH_DB
)
%sql $conn_string

In [14]:
%sql SELECT * FROM artists limit 10;

 * postgresql://dwhuser:***@dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com:5439/dwh
10 rows affected.


artist_id,name,location,latitude,longitude
AR6QILA1187B98A966,Fermin Muguruza,,,
AR720WN1187B99712F,Waltari,,,
AR54HGU1187FB5ACDE,Girugämesh,,,
ARUIVPF1187B9A2090,The Skygreen Leopards,,,
ARALONC1187FB4CDE7,Arab On Radar,"Groton, CT",41.35484,-72.07074
ARQQ3PM1187FB41517,Catherine Feeny,California - LA,,
ARIQC381187B9A825E,Antonio Carlos Jobim,"Rio de Janeiro, Brazil",,
ARL5BEN1187B98E4D9,Jah Cure,"Montego Bay, Jamaica",,
AR6T64S1187FB5673A,EPROM featuring Boreta,San Francisco CA,,
ARMFDMS11F4C841E87,Signal The Escape,,,


In [15]:
%sql SELECT * FROM time limit 10;


 * postgresql://dwhuser:***@dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com:5439/dwh
10 rows affected.


start_time,hour,day,week,month,year,weekday
2018-11-01 21:02:12,21,1,44,11,2018,4
2018-11-01 21:42:00,21,1,44,11,2018,4
2018-11-02 01:25:34,1,2,44,11,2018,5
2018-11-02 03:34:34,3,2,44,11,2018,5
2018-11-02 09:01:21,9,2,44,11,2018,5
2018-11-02 10:33:11,10,2,44,11,2018,5
2018-11-02 11:13:13,11,2,44,11,2018,5
2018-11-02 11:18:15,11,2,44,11,2018,5
2018-11-02 11:21:14,11,2,44,11,2018,5
2018-11-02 11:23:28,11,2,44,11,2018,5


In [16]:
%sql SELECT * FROM songs limit 10;


 * postgresql://dwhuser:***@dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com:5439/dwh
10 rows affected.


song_id,title,artist_id,year,duration
SOINBCU12A6D4F94C0,Human Cannonball,ARV1JVD1187B9AD195,1995,190.48444
SONWUSK12AB01837FD,Sittin' Back Easy,AR1DATU1187B9A5498,0,222.58893
SOCHRXB12A8AE48069,Let's Get It Started,ARTDQRC1187FB4EFD4,2004,229.61587
SOREAWH12AB017BF03,Ain't No Secret,ARBTDXS11E2835CEC6,2009,209.34485
SOPJIQE12AF72A442F,In Our Angelhood,ARBJQTM1187B9B862B,1983,235.20608
SOEDVKT12A8C141EAD,To The Girl I Loved For An Hour,ARF3L7D1187B9984B7,2002,34.87302
SOBBNAN12AB017FC67,Sometimes They Stay_ Sometimes They Go,AR1XABQ1187B9B178A,2006,271.51628
SONRVSA12A6D4F7A88,Will I Find Someone,ARP4J5Q1187B99171D,1995,234.10893
SOABNPC12A8C13A9CC,Après Le Show,ARFM1EQ1187FB533ED,2005,223.4771
SOXCMTH12AC9075692,Death Is Only a Dream,ARC0T361187B9AFDBE,2000,141.40036


In [17]:
%sql SELECT * FROM songplays order by songplay_id limit 10;


 * postgresql://dwhuser:***@dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com:5439/dwh
10 rows affected.


songplay_id,start_time,user_id,level,song_id,artist_id,session_id,location,user_agent
0,2018-11-20 17:46:38,49,paid,SOCHRXB12A8AE48069,ARTDQRC1187FB4EFD4,758,"San Francisco-Oakland-Hayward, CA",Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0
1,2018-11-24 13:55:51,95,paid,SOARUPP12AB01842E0,ARD46C811C8A414F3F,564,"Winston-Salem, NC","""Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53"""
2,2018-11-06 16:38:15,2,free,SOSMXVH12A58A7CA6C,AR6PJ8R1187FB5AD70,126,"Plymouth, IN","""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"""
3,2018-11-21 03:12:22,80,paid,SOMULQH12A8C138213,ARENWML1187B99ECB6,774,"Portland-South Portland, ME","""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"""
4,2018-11-19 08:32:12,24,paid,SOSMTXQ12A6D4F721D,ARS927Z1187B9ACA29,672,"Lake Havasu City-Kingman, AZ","""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"""
5,2018-11-21 21:56:47,15,paid,SOZCTXZ12AB0182364,AR5KOSW1187FB35FF4,818,"Chicago-Naperville-Elgin, IL-IN-WI","""Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36"""
6,2018-11-07 07:58:28,100,free,SODTPBM12A8C1339D7,AR4OH581187B9B7157,301,"New York-Newark-Jersey City, NY-NJ-PA","""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2"""
7,2018-11-26 08:33:59,44,paid,SOVWWJW12A670206BE,AR3ZL6A1187B995B37,781,"Waterloo-Cedar Falls, IA",Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0
8,2018-11-27 18:09:11,49,paid,SOCHRXB12A8AE48069,ARTDQRC1187FB4EFD4,987,"San Francisco-Oakland-Hayward, CA",Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0
9,2018-11-12 21:22:01,12,free,SOARUPP12AB01842E0,ARD46C811C8A414F3F,371,"New York-Newark-Jersey City, NY-NJ-PA",Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0


In [18]:
%%sql
delete from staging_events;
delete from staging_songs;
delete from songplays;
delete from users;
delete from songs;
delete from artists;
delete from time;

 * postgresql://dwhuser:***@dwhcluster.cywcwqwbrwup.us-west-2.redshift.amazonaws.com:5439/dwh
8056 rows affected.
14896 rows affected.
319 rows affected.
104 rows affected.
14896 rows affected.
10025 rows affected.
8023 rows affected.


[]

In [19]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
iam.detach_role_policy(RoleName=DWH_IAM_ROLE_NAME, PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
iam.delete_role(RoleName=DWH_IAM_ROLE_NAME)
#### CAREFUL!!

{'ResponseMetadata': {'RequestId': 'beb19467-a100-4111-a012-777acf1afec0',
  'HTTPStatusCode': 200,
  'HTTPHeaders': {'x-amzn-requestid': 'beb19467-a100-4111-a012-777acf1afec0',
   'content-type': 'text/xml',
   'content-length': '200',
   'date': 'Wed, 21 Dec 2022 13:23:59 GMT'},
  'RetryAttempts': 0}}