# Signing up for Redshift

### Introduction

In this lesson, we'll walk through the process of signing up for Amazon Redshift.  Redshift gives us a number of advantages in working with our analytics database.  We'll get into them in future lessons.  For now, let's begin the signup process.

### Data Flow and AWS Roles

As we know with redshift we'll copy data from an OLTP like AWS RDS and store that data in CSV files on S3, which can store various text files.  Then, we'll copy the data from S3 over to Redshift.  We'll do this from an 

So to perform these actions, we'll need to create a security group for redshift, that gives redshift access to read from S3.  

> <img src="./s3_redshift.jpg" width="50%">

So our first step is to create a role with these permissions.  Let's do it.

1. Go to the AWS IAM console by [clicking here](https://console.aws.amazon.com/iam/home).
2. Then on the dashboard to the left, click on the `Roles` link, and then click on the blue `Create Role` button.

> <img src="./create_role.png" width="60%">

3. Next, under `AWS Service - Choose a Use Case`, select Redshift, over to the right. 

> <img src="./redshift_service.png" width="90%">

4. Then follow this with `Redshift - Customizable`, and then click `Next Permissions`.

> <img src="./redshift_custom.png" width="60%">

As the description mentions, this use case is to allow redshift to call AWS services.  The service we'll ultimately want to access is S3.

5. So then in the next step select `AmazonS3ReadOnlyAccess`, and click `Next Tags`.

> <img src="./s3_readonly.png" width="60%">

6. Here, we can proceed to the next step of `Review`.  There, add a role name of `redshiftRole`, and check that you see something like the following:

> <img src="./redshiftRole.png" width="80%">

### Create a Security Group

Now that we have created the role that allows redshift access S3, we'll need create a new security group that allows an outside computer (like our laptop) to access redshift.  So just like we allowed any computer to access an EC2 machine, here we'll do something similar in redshift.  Let's do it. 

We access the security group from the VPC service.  So type `VPC` into the AWS console search bar, click on the link.  Then on the VPC dashboard, on the panel to the left find the heading `Security` and click on the link for `Security Groups`.  

> <img src="./security-group-panel.png" width="20%">

Then click on the orange button that says `Create Security Group`.  Here, we'll enter in the following information:

> <img src="./redshift_cluster_access.png" width="60%">

So we (1) named our `Security group` `redshift_security_group`, have a description of `redshift cluster access`, and then under the inbound rules we set port range to `5439` and source as Custom with allowing access from any computer `0.0.0.0/0`.  

> We'll restrict our access to redshift later on.  But this is fine, to start.

### Creating a Redshift Cluster

Ok, now that we have created a role that allows redshift to access S3, and a security group that allows our laptop to access redshift, it's time to create our redshift cluster.

1. We can create our cluster by going to the [AWS redshift page](https://console.aws.amazon.com/redshift).

2. Then from the left panel, click on `Clusters`, followed by `Launch Cluster` - the blue button to the right.

> <img src='./launch_cluster.png' width="60%">

3. Fill in cluster details

> <img src="./redshift-launch.png" width="80%">

From here, we are taken to the cluster details page.  Fill in the information as seen above, with the master password that you can login with.  

> Write down the password somewhere so you do not forget.

Next, use the default settings for nodes, and click `Continue`.

> <img src="./nodes.png" width='60%'>

And then on `Advanced Settings` in the next page, we'll connect our security group and role.

> Choose our `redshift_security_group` under VPC security groups, and choose `redshiftRole` for the IAM roles.

<img src="./security-grps.png" width="60%">

Then click continue. We are taken to the review page, where we can check the following:

> <img src="./cluster-review.png" width="60%">

Finally, click `Launch Cluster`, and then click on `clusters`.  We should see our cluster listed there.

<img src="./clusters.png" width="80%">

### Summary


In this lesson, we signed up for Redshift, and setup access for redshift to read from S3, as well as enabling a security group that granted public access to the redshift cluster.  Then we created our redshift cluster, and attached the security group that enabled public access, and attached the `redshiftRole` that enables our cluster to read from S3.

### Resources

[AWS Storage S3](https://shravan-kuchkula.github.io/cloud/aws-storage-s3/)