# IaC set-up for Project-3 AWS Redshift

In [2]:
import pandas as pd
import boto3
import json

## STEP 0: Make sure you have an AWS secret and access key

- Create a new IAM user in your AWS account
- Give it AdministratorAccess, From Attach existing policies directly Tab
- Take note of the access key and secret
- Edit the file dwh.cfg in the same folder as this notebook and fill

[AWS]

KEY= YOUR_AWS_KEY

SECRET= YOUR_AWS_SECRET

In [3]:
import configparser
config = configparser.ConfigParser()
config.read_file(open('dwh.cfg'))

KEY                    = config.get('AWS','KEY')
SECRET                 = config.get('AWS','SECRET')

DWH_CLUSTER_TYPE       = config.get("DWH","DWH_CLUSTER_TYPE")
DWH_NUM_NODES          = config.get("DWH","DWH_NUM_NODES")
DWH_NODE_TYPE          = config.get("DWH","DWH_NODE_TYPE")

DWH_CLUSTER_IDENTIFIER = config.get("DWH","DWH_CLUSTER_IDENTIFIER")
DWH_DB                 = config.get("DWH","DWH_DB")
DWH_DB_USER            = config.get("DWH","DWH_DB_USER")
DWH_DB_PASSWORD        = config.get("DWH","DWH_DB_PASSWORD")
DWH_PORT               = config.get("DWH","DWH_PORT")

DWH_IAM_ROLE_NAME      = config.get("DWH", "DWH_IAM_ROLE_NAME")

(DWH_DB_USER, DWH_DB_PASSWORD, DWH_DB)

# NOTE: Un-comment this to print the result.
pd.DataFrame({"Param":
                 ["DWH_CLUSTER_TYPE", "DWH_NUM_NODES", "DWH_NODE_TYPE", "DWH_CLUSTER_IDENTIFIER", "DWH_DB", "DWH_DB_USER", "DWH_DB_PASSWORD", "DWH_PORT", "DWH_IAM_ROLE_NAME"],
             "Value":
                 [DWH_CLUSTER_TYPE, DWH_NUM_NODES, DWH_NODE_TYPE, DWH_CLUSTER_IDENTIFIER, DWH_DB, DWH_DB_USER, DWH_DB_PASSWORD, DWH_PORT, DWH_IAM_ROLE_NAME]
            })

Unnamed: 0,Param,Value
0,DWH_CLUSTER_TYPE,multi-node
1,DWH_NUM_NODES,4
2,DWH_NODE_TYPE,dc2.large
3,DWH_CLUSTER_IDENTIFIER,redshift-cluster-1
4,DWH_DB,dwh
5,DWH_DB_USER,redshift_user
6,DWH_DB_PASSWORD,UdacityDegree1
7,DWH_PORT,5439
8,DWH_IAM_ROLE_NAME,dwhRole


In [4]:
import boto3

ec2 = boto3.resource(   'ec2', 
                      region_name="us-west-2",
                      aws_access_key_id=KEY,
                      aws_secret_access_key=SECRET)

s3 = boto3.resource(  's3',
                    region_name="us-west-2",
                    aws_access_key_id=KEY,
                    aws_secret_access_key=SECRET)

iam = boto3.client('iam',
                    region_name="us-west-2",
                    aws_access_key_id=KEY,
                    aws_secret_access_key=SECRET)

redshift = boto3.client('redshift',
                        region_name="us-west-2",
                        aws_access_key_id=KEY,
                        aws_secret_access_key=SECRET)

In [5]:
LOG_DATA      = config.get("S3", "BUCKET")
logDataBucket = s3.Bucket(LOG_DATA)
count = 0

# Iterate over log_data bucket objects and print
for object in logDataBucket.objects.filter(Prefix='log_data'):
    count += 1
    print(object)
print("COUNT: " + str(count))

s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-01-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-02-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-03-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-04-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-05-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-06-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-07-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-08-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-09-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/2018/11/2018-11-10-events.json')
s3.ObjectSummary(b

In [None]:
SONG_DATA      = config.get("S3", "BUCKET")
songDataBucket = s3.Bucket(SONG_DATA)
count = 0

# Iterate over song_data bucket objects and print
for object in logDataBucket.objects.filter(Prefix='song_data'):
    count += 1
    print(object)
print("COUNT: " + str(count))

## STEP 1: Create an IAM Role to allow redshift to access S3

In [16]:
# Create the IAM role (if not exists)

try:
    print('1.1 Creating a new IAM Role')
    dwhRole = iam.create_role(
        Path='/',
        RoleName=DWH_IAM_ROLE_NAME,
        Description="Allow Redshift clusters to call AWS services on your behalf.",
        AssumeRolePolicyDocument=json.dumps(
            {'Statement': [{'Action': 'sts:AssumeRole',
                'Effect': 'Allow',
                'Principal': {'Service': 'redshift.amazonaws.com'}}],
            'Version': '2012-10-17'})
    )
    

except Exception as e:
    print(e)

1.1 Creating a new IAM Role
An error occurred (EntityAlreadyExists) when calling the CreateRole operation: Role with name dwhRole already exists.


In [17]:
# Attach Policy

print('1.2 Attaching Policy')
iam.attach_role_policy(RoleName=DWH_IAM_ROLE_NAME,
                      PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
                      )['ResponseMetadata']['HTTPStatusCode']

1.2 Attaching Policy


200

In [18]:
# Get and print the IAM role ARN
print('1.3 Get the IAM role ARN')
iam_role = iam.get_role(
                        RoleName=DWH_IAM_ROLE_NAME
                        )
roleArn = iam_role['Role']['Arn']
# NOTE: Un-comment this to print the result.
print(roleArn)

1.3 Get the IAM role ARN
arn:aws:iam::898892311929:role/dwhRole


## STEP 2: Create Redshift Cluster

- Create a RedShift Cluster
- For complete arguments to create_cluster, see docs

In [19]:
try:
    response = redshift.create_cluster( 
        ClusterType=DWH_CLUSTER_TYPE,
        NodeType=DWH_NODE_TYPE,
        NumberOfNodes=int(DWH_NUM_NODES),
        DBName=DWH_DB,
        ClusterIdentifier=DWH_CLUSTER_IDENTIFIER,
        MasterUsername=DWH_DB_USER,
        MasterUserPassword=DWH_DB_PASSWORD,
        IamRoles=[roleArn]
    )
except Exception as e:
    print(e)

## 2.1 Describe the cluster to see its status

In [6]:
def prettyRedshiftProps(props):
    pd.set_option('display.max_colwidth', -1)
    keysToShow = ["ClusterIdentifier", "NodeType", "ClusterStatus", "MasterUsername", "DBName", "Endpoint", "NumberOfNodes", 'VpcId']
    x = [(k, v) for k,v in props.items() if k in keysToShow]
    return pd.DataFrame(data=x, columns=["Key", "Value"])

myClusterProps = redshift.describe_clusters(ClusterIdentifier=DWH_CLUSTER_IDENTIFIER)['Clusters'][0]
# NOTE: Un-comment this to print the result.
prettyRedshiftProps(myClusterProps)

Unnamed: 0,Key,Value
0,ClusterIdentifier,redshift-cluster-1
1,NodeType,dc2.large
2,ClusterStatus,available
3,MasterUsername,redshift_user
4,DBName,dwh
5,Endpoint,"{'Address': 'redshift-cluster-1.cvzum3b8mpnr.us-west-2.redshift.amazonaws.com', 'Port': 5439}"
6,VpcId,vpc-0dcf3b7e358c345b0
7,NumberOfNodes,4


## 2.2 Take note of the cluster endpoint and role ARN
DO NOT RUN THIS unless the cluster status becomes "Available"

In [9]:
DWH_ENDPOINT = myClusterProps['Endpoint']['Address']
DWH_ROLE_ARN = myClusterProps['IamRoles'][0]['IamRoleArn']

print("DWH_ENDPOINT :: ", DWH_ENDPOINT)
print("DWH_ROLE_ARN :: ", DWH_ROLE_ARN)

DWH_ENDPOINT ::  redshift-cluster-1.cvzum3b8mpnr.us-west-2.redshift.amazonaws.com
DWH_ROLE_ARN ::  arn:aws:iam::898892311929:role/dwhRole


## STEP 3: Open an incoming TCP port to access the cluster endpoint

In [26]:
try:
    vpc = ec2.Vpc(id=myClusterProps['VpcId'])
    print(vpc)
    defaultSg = list(vpc.security_groups.all())[0]
    print(defaultSg)
    
    defaultSg.authorize_ingress(
        GroupName= defaultSg.group_name,
        CidrIp='0.0.0.0/0',
        IpProtocol='TCP', 
        FromPort=int(DWH_PORT),
        ToPort=int(DWH_PORT)
    )
except Exception as e:
    print(e)


ec2.Vpc(id='vpc-0dcf3b7e358c345b0')
ec2.SecurityGroup(id='sg-06b0bfcb9dfb7e7d9')
An error occurred (InvalidPermission.Duplicate) when calling the AuthorizeSecurityGroupIngress operation: the specified rule "peer: 0.0.0.0/0, TCP, from port: 5439, to port: 5439, ALLOW" already exists


## STEP 4: Make sure you can connect to the cluster

In [7]:
%load_ext sql

In [10]:
conn_string="postgresql://{}:{}@{}:{}/{}".format(DWH_DB_USER, DWH_DB_PASSWORD, DWH_ENDPOINT, DWH_PORT, 'dwh')
# NOTE: Un-comment this to print the result.
print(conn_string)
%sql $conn_string

postgresql://redshift_user:UdacityDegree1@redshift-cluster-1.cvzum3b8mpnr.us-west-2.redshift.amazonaws.com:5439/dwh


'Connected: redshift_user@dwh'

### Step 5: Analytical Queries

#### Queries to check count of staging tables:

In [18]:
%sql SELECT COUNT(*) FROM staging_events;

 * postgresql://redshift_user:***@redshift-cluster-1.cvzum3b8mpnr.us-west-2.redshift.amazonaws.com:5439/dwh
1 rows affected.


count
8056


In [19]:
%sql SELECT COUNT(*) FROM staging_songs;

 * postgresql://redshift_user:***@redshift-cluster-1.cvzum3b8mpnr.us-west-2.redshift.amazonaws.com:5439/dwh
1 rows affected.


count
14896


#### Query to answer a question: Who played which song and when.

In [20]:
%%sql 
SELECT  sp.songplay_id,
        u.user_id,
        u.last_name,
        u.first_name,
        sp.start_time,
        a.name,
        s.title
FROM songplays AS sp
        JOIN users   AS u ON (u.user_id = sp.user_id)
        JOIN songs   AS s ON (s.song_id = sp.song_id)
        JOIN artists AS a ON (a.artist_id = sp.artist_id)
        JOIN time    AS t ON (t.start_time = sp.start_time)
ORDER BY (u.last_name)
LIMIT 100;

 * postgresql://redshift_user:***@redshift-cluster-1.cvzum3b8mpnr.us-west-2.redshift.amazonaws.com:5439/dwh
100 rows affected.


songplay_id,user_id,last_name,first_name,start_time,name,title
8247,66,Arellano,Kevin,2018-11-13 00:40:37,Fu,Nie Mów Mi
7560,66,Arellano,Kevin,2018-11-06 07:39:56,Kings Of Leon,Wicker Chair
631,66,Arellano,Kevin,2018-11-02 02:42:48,Skillet,Would It Matter (Bonus Track)
7322,66,Arellano,Kevin,2018-11-23 05:56:58,The Cinematic Orchestra,Dawn
6286,66,Arellano,Kevin,2018-11-12 11:55:04,Guns N' Roses,Catcher In The Rye
9679,66,Arellano,Kevin,2018-11-23 00:11:00,Soziedad Alkoholika,Rumore
640,66,Arellano,Kevin,2018-11-02 02:42:48,Skillet,Rebirthing (Album Version)
5471,66,Arellano,Kevin,2018-11-06 07:31:32,Benga,Zero M2
972,66,Arellano,Kevin,2018-11-27 04:48:07,Alice In Chains,Brother
168,66,Arellano,Kevin,2018-11-10 12:44:10,Juanes,Rebelion
