# Infrastructure-as-code

In [5]:
import pandas as pd
import boto3
import json

## Step 1: Search and create a IAM role on AWS region "US-west-2" and keep note of the KEY  and SECRETE Codes.

## Step 2: Show the Current Values of Desired DWH Params in the dwh.cfg File

In [6]:
import configparser
config = configparser.ConfigParser()
config.read_file(open('dwh.cfg'))

KEY                    = config.get('AWS','KEY')
SECRET                 = config.get('AWS','SECRET')

IAM_ROLE_NAME=config.get('CLUSTER','IAM_ROLE_NAME')

CLUSTER_TYPE       = config.get("CLUSTER","CLUSTER_TYPE")
NUM_NODES          = config.get("CLUSTER","NUM_NODES")
NODE_TYPE          = config.get("CLUSTER","NODE_TYPE")

CLUSTER_IDENTIFIER = config.get("CLUSTER","CLUSTER_IDENTIFIER")


DB_NAME                 = config.get("CLUSTER","DB_NAME")
DB_USER            = config.get("CLUSTER","DB_USER")
DB_PASSWORD        = config.get("CLUSTER","DB_PASSWORD")
DB_PORT               = config.get("CLUSTER","DB_PORT")



pd.DataFrame({"Param":["KEY", "SECRET", "IAM_ROLE_NAME", "CLUSTER_TYPE",\
                      "NUM_NODES", "NODE_TYPE", "CLUSTER_IDENTIFIER",\
                      "DB_NAME", "DB_USER", "DB_PASSWORD", "DB_PORT"],
             "Value": [KEY, SECRET, IAM_ROLE_NAME, CLUSTER_TYPE,\
                      NUM_NODES, NODE_TYPE, CLUSTER_IDENTIFIER,\
                      DB_NAME, DB_USER, DB_PASSWORD, DB_PORT]})

Unnamed: 0,Param,Value
0,KEY,AKIA26GR4HLB3FRO4N5J
1,SECRET,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
2,IAM_ROLE_NAME,dwhRole
3,CLUSTER_TYPE,single-node
4,NUM_NODES,1
5,NODE_TYPE,dc2.large
6,CLUSTER_IDENTIFIER,dwhCluster
7,DB_NAME,redshift-cluster-2
8,DB_USER,awsuser
9,DB_PASSWORD,Awspassword1


## Step 3: Create Clients for EC2, S3 Data Bucket, IAM and AWS Redshift

In [6]:
import boto3

ec2 = boto3.resource('ec2',
                    region_name = "us-west-2",
                    aws_access_key_id = KEY,
                    aws_secret_access_key = SECRET)

s3 = boto3.resource('s3',
                       region_name = "us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                   )

iam = boto3.client('iam',aws_access_key_id=KEY,
                     aws_secret_access_key=SECRET,
                     region_name="us-west-2"
                  )

redshift = boto3.client('redshift',
                       region_name = "us-west-2",
                       aws_access_key_id = KEY,
                       aws_secret_access_key = SECRET)

## Step 4: Check Out the Sample Data Sources in the S3 Bucket

In [7]:
sampleDbBucket =  s3.Bucket("awssampledbuswest2")

for obj in sampleDbBucket.objects.filter(Prefix="ssbgz"):
    print(obj)

s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/customer0002_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/dwdate.tbl.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0000_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0001_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0002_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0003_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0004_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0005_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0006_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='ssbgz/lineorder0007_part_00.gz')
s3.ObjectSummary(bucket_name='awssampledbuswest2', key='s

## Step 5: Get the Authentification Role Number (ARN) and Update the ARN Var in "dwh.cpg"

In [10]:
# Create the IAM role
try:
    print('1.1 Creating a new IAM Role')
    dwhRole = iam.create_role(
        Path='/',
        RoleName=DWH_IAM_ROLE_NAME,
        Description = "Allows Redshift clusters to call AWS services on your behalf.",
        AssumeRolePolicyDocument=json.dumps(
            {'Statement': [{'Action': 'sts:AssumeRole',
               'Effect': 'Allow',
               'Principal': {'Service': 'redshift.amazonaws.com'}}],
             'Version': '2012-10-17'})
    )  
    

except Exception as e:
    print(e)

1.1 Creating a new IAM Role


In [11]:
# Attach Policy

try:
    print('1.2 Attaching Policy')
    iam.attach_role_policy(RoleName=DWH_IAM_ROLE_NAME,
                       PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
                      )['ResponseMetadata']['HTTPStatusCode']
    

except Exception as e:
    print(e)

1.2 Attaching Policy


In [12]:
# Get and print the IAM role ARN
print('1.3 Get the IAM role ARN')
roleArn = iam.get_role(RoleName=DWH_IAM_ROLE_NAME)['Role']['Arn']

print(roleArn)

1.3 Get the IAM role ARN
arn:aws:iam::752059431619:role/dwhRole


## Step 6: CREATE Redshift CLUSTER

In [18]:
try:
    response = redshift.create_cluster(        
        #HW
        ClusterType=CLUSTER_TYPE,
        NodeType=NODE_TYPE,
        #NumberOfNodes=int(NUM_NODES),
        
        #Identifiers & Credentials
        DBName=DB_NAME,
        ClusterIdentifier=CLUSTER_IDENTIFIER,
        MasterUsername=DB_USER,
        MasterUserPassword=DB_PASSWORD,
        
        #Roles (for s3 access)
        IamRoles=[roleArn]
         
    )
except Exception as e:
    print(e)

## Step 7: Describe the Cluster

In [22]:
def prettyRedshiftProps(props):
    pd.set_option('display.max_colwidth', -1)
    keysToShow = ["ClusterIdentifier", "NodeType", "ClusterStatus", "MasterUsername", "DBName", "Endpoint", "NumberOfNodes", 'VpcId']
    x = [(k, v) for k,v in props.items() if k in keysToShow]
    return pd.DataFrame(data=x, columns=["Key", "Value"])

myClusterProps = redshift.describe_clusters(ClusterIdentifier=CLUSTER_IDENTIFIER)['Clusters'][0]
prettyRedshiftProps(myClusterProps)

Unnamed: 0,Key,Value
0,ClusterIdentifier,dwhcluster
1,NodeType,dc2.large
2,ClusterStatus,available
3,MasterUsername,awsuser
4,DBName,redshift-cluster-2
5,Endpoint,"{'Address': 'dwhcluster.cf9k4u5ogcjk.us-west-2.redshift.amazonaws.com', 'Port': 5439}"
6,VpcId,vpc-0eea5b7ba4687493c
7,NumberOfNodes,1


## Step 8: Get Endpoint/host from cluster, Update the Corresponding Variables in "dwh.cpg": Host and TCP

In [25]:
DWH_ENDPOINT = myClusterProps['Endpoint']['Address']
DWH_ROLE_ARN = myClusterProps['IamRoles'][0]['IamRoleArn']
print("DWH_ENDPOINT :: ", DWH_ENDPOINT)
print("DWH_ROLE_ARN :: ", DWH_ROLE_ARN)

DWH_ENDPOINT ::  dwhcluster.cf9k4u5ogcjk.us-west-2.redshift.amazonaws.com
DWH_ROLE_ARN ::  arn:aws:iam::752059431619:role/dwhRole


## Step 9: Use TCP Protocol, Opening an Incoming TCP Port to Acess the End Point

In [24]:
try:
    vpc = ec2.Vpc(id=myClusterProps['VpcId'])
    defaultSg = list(vpc.security_groups.all())[0]
    print(defaultSg)
    
    defaultSg.authorize_ingress(
        GroupName= 'default',
        CidrIp='0.0.0.0/0', 
        IpProtocol='TCP',  
        FromPort=int(DB_PORT),
        ToPort=int(DB_PORT)
    )
except Exception as e:
    print(e)

ec2.SecurityGroup(id='sg-0fc46d487188f6bf6')


## Step 10: Test Connection to the created cluster

In [28]:
%load_ext sql

The sql extension is already loaded. To reload it, use:
  %reload_ext sql


In [3]:
import psycopg2

In [34]:
conn_string="postgresql://{}:{}@{}:{}/{}".format(DB_USER, DB_PASSWORD, DWH_ENDPOINT, DB_PORT,DB_NAME)
print(conn_string)
%sql $conn_string


postgresql://awsuser:Awspassword1@dwhcluster.cf9k4u5ogcjk.us-west-2.redshift.amazonaws.com:5439/redshift-cluster-2


'Connected: awsuser@redshift-cluster-2'

## Step 11: Test Queries

In [7]:
    conn = psycopg2.connect("host={} dbname={} user={} password={} port={}".format(*config['CLUSTER'].values()))
    cur = conn.cursor()

In [12]:
query1 = """
select COUNT(*) from staging_events
"""
cur.execute(query1)

