In [1]:
import pandas as pd
import boto3
import json

In [2]:
import configparser
config = configparser.ConfigParser()

config.read_file(open('dwh.cfg'))

KEY                        = config.get('AWS','KEY')
SECRET                     = config.get('AWS','SECRET')

HOST                       = config.get('CLUSTER','HOST')
DB_NAME                    = config.get('CLUSTER','DB_NAME')
DB_USER                    = config.get('CLUSTER','DB_USER')
DB_PASSWORD                = config.get('CLUSTER','DB_PASSWORD')
DB_PORT                    = config.get('CLUSTER','DB_PORT')
    
    
LOG_DATA                   = config.get('S3','LOG_DATA')
LOG_JSONPATH               = config.get('S3','LOG_JSONPATH')
SONG_DATA                  = config.get('S3','SONG_DATA')
    
ARN                        = config.get('IAM_ROLE','ARN')

'''pd.DataFrame({"Param":
             ["KEY",
              "SECRET",
              "HOST",
              "DB_NAME",
              "DB_USER",
              "DB_PASSWORD",
              "DB_PORT",
              "LOG_DATA",
              "LOG_JSONPATH",
              "SONG_DATA",
              "ARN"],
             "Value":
             [KEY,
              SECRET,
              HOST,
              DB_NAME,
              DB_USER,
              DB_PASSWORD,
              DB_PORT,
              LOG_DATA,
              LOG_JSONPATH,
              SONG_DATA,
              ARN]})''';

# Check out the sample data sources on S3

In [3]:
s3 = boto3.resource('s3',
                   region_name="us-west-2",
                   aws_access_key_id=KEY,
                   aws_secret_access_key=SECRET)

In [4]:
from itertools import islice

In [5]:
sampleDbBucket = s3.Bucket("udacity-dend")

print("Song Data")
for obj in islice(sampleDbBucket.objects.filter(Prefix="song_data"),10):
    print(obj)
    
print("\n Log Data")
for obj in islice(sampleDbBucket.objects.filter(Prefix="log_data"),10):
    print(obj)

Song Data
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAAK128F9318786.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAAV128F421A322.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAABD128F429CF47.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAACN128F9355673.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAEA128F935A30D.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAED128E0783FAB.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAEM128F93347B9.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAEW128F42930C0.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song_data/A/A/A/TRAAAFD128F92F423A.json')

 Log Data
s3.ObjectSummary(bucket_name='udacity-dend', key='log_data/')
s3.ObjectSummary(bucket_na

# STEP 1: IAM ROLE
- Create an IAM Role that makes Redshift able to access S3 bucket (ReadOnly)

In [6]:
iam = boto3.client('iam',
                   aws_access_key_id=KEY,
                  aws_secret_access_key=SECRET,
                  region_name='us-west-2')

In [7]:
from botocore.exceptions import ClientError

In [8]:
# Create the role
try:
    print("Creating new IAM Role")
    dwhRole = iam.create_role(
        Path='/',
        RoleName='dwhRole',
        Description = "Allows Redshift clusters to call AWS services on your behalf.",
        AssumeRolePolicyDocument = json.dumps(
            {'Statement':[{
                    'Action':'sts:AssumeRole',
                    'Effect': 'Allow',
                    'Principal':{'Service':'redshift.amazonaws.com'}}],
                 'Version': '2012-10-17'
            })
    )
except Exception as e:
    print(e)


Creating new IAM Role


In [9]:
print(" Attaching Policy")

iam.attach_role_policy(
    RoleName='dwhRole',
    PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
    )['ResponseMetadata']['HTTPStatusCode']
    
print("Get the IAM role ARN")
roleArn = iam.get_role(RoleName='dwhRole')['Role']['Arn']

print(roleArn)

 Attaching Policy
Get the IAM role ARN
arn:aws:iam::141636789646:role/dwhRole


In [10]:
config['IAM_ROLE']={'ARN':roleArn}
config.write(open('dwh.cfg','w'))

# STEP 2:  Redshift Cluster

- Create a RedShift Cluster
- For complete arguments to `create_cluster`, see [docs](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/redshift.html#Redshift.Client.create_cluster)

In [10]:
redshift = boto3.client(
    'redshift',
    region_name='us-west-2',
    aws_access_key_id=KEY,
    aws_secret_access_key=SECRET,
)

In [12]:
try:
    response = redshift.create_cluster(
        #HW
        ClusterType='multi-node',
        NodeType='dc2.large',
        NumberOfNodes=4,
        
        #CREDENTIALS
        DBName='dwh',
        ClusterIdentifier='dwhCluster',
        MasterUsername=DB_USER,
        MasterUserPassword=DB_PASSWORD,
        
        #Roles
        IamRoles=[roleArn]
    )
except Exception as e:
    print(e)

## 2.1 *Describe* the cluster to see its status
- run this block several times until the cluster status becomes `Available`

In [11]:
def prettyRedshiftProps(props):
    pd.set_option('display.max_colwidth', -1)
    keysToShow = ["ClusterIdentifier", "NodeType", "ClusterStatus", "MasterUsername", "DBName", "Endpoint", "NumberOfNodes", 'VpcId']
    x = [(k, v) for k,v in props.items() if k in keysToShow]
    return pd.DataFrame(data=x, columns=["Key", "Value"])

myClusterProps = redshift.describe_clusters(ClusterIdentifier='dwhCluster')['Clusters'][0]
prettyRedshiftProps(myClusterProps)

Unnamed: 0,Key,Value
0,ClusterIdentifier,dwhcluster
1,NodeType,dc2.large
2,ClusterStatus,available
3,MasterUsername,dwhuser
4,DBName,dwh
5,Endpoint,"{'Address': 'dwhcluster.c3ocwixrnbd0.us-west-2.redshift.amazonaws.com', 'Port': 5439}"
6,VpcId,vpc-0280f67a
7,NumberOfNodes,4


<h2> 2.2 Take note of the cluster <font color='red'> endpoint and role ARN </font> </h2>

<font color='red'>DO NOT RUN THIS unless the cluster status becomes "Available" </font>

In [12]:
ec2 = boto3.resource('ec2',
    region_name='us-west-2',
    aws_access_key_id=KEY,
    aws_secret_access_key=SECRET)

In [13]:
DWH_ENDPOINT = myClusterProps['Endpoint']['Address']
DWH_ROLE_ARN = myClusterProps['IamRoles'][0]['IamRoleArn']
print("DWH_ENDPOINT :: ", DWH_ENDPOINT)
print("DWH_ROLE_ARN :: ", DWH_ROLE_ARN)

DWH_ENDPOINT ::  dwhcluster.c3ocwixrnbd0.us-west-2.redshift.amazonaws.com
DWH_ROLE_ARN ::  arn:aws:iam::141636789646:role/dwhRole


In [14]:
config['CLUSTER']={'HOST':DWH_ENDPOINT,
    'DB_NAME':DB_NAME,
    'DB_USER':DB_USER,
    'DB_PASSWORD':DB_PASSWORD,
    'DB_PORT':DB_PORT}
config.write(open('dwh.cfg','w'))

In [15]:
try:
    vpc = ec2.Vpc(id=myClusterProps['VpcId'])
    defaultSg = list(vpc.security_groups.all())[0]
    print(defaultSg)
    defaultSg.authorize_ingress(
        GroupName=defaultSg.group_name,
        CidrIp='0.0.0.0/0',
        IpProtocol='TCP',
        FromPort=int(DB_PORT),
        ToPort=int(DB_PORT)
    )
except Exception as e:
    print(e)
    
    #not sure why this error is raised...

ec2.SecurityGroup(id='sg-f13e05a2')
An error occurred (InvalidPermission.Duplicate) when calling the AuthorizeSecurityGroupIngress operation: the specified rule "peer: 0.0.0.0/0, TCP, from port: 5439, to port: 5439, ALLOW" already exists


# STEP 4: Make sure you can connect to the cluster

In [16]:
%load_ext sql

In [17]:
conn_string="postgresql://{}:{}@{}:{}/{}".format(DB_USER, DB_PASSWORD, DWH_ENDPOINT, DB_PORT,'dwh')
print(conn_string)
%sql $conn_string

postgresql://dwhuser:Passw0rd@dwhcluster.c3ocwixrnbd0.us-west-2.redshift.amazonaws.com:5439/dwh


'Connected: dwhuser@dwh'

In [18]:
%sql select * from stl_load_errors;

 * postgresql://dwhuser:***@dwhcluster.c3ocwixrnbd0.us-west-2.redshift.amazonaws.com:5439/dwh
0 rows affected.


userid,slice,tbl,starttime,session,query,filename,line_number,colname,type,col_length,position,raw_line,raw_field_value,err_code,err_reason


# STEP 5: Clean up your resources
<b><font color='red'>DO NOT RUN THIS UNLESS YOU ARE SURE <br/> 
    We will be using these resources in the project exercises</span></b>

In [19]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
redshift.delete_cluster( ClusterIdentifier='dwhCluster',  SkipFinalClusterSnapshot=True)
#### CAREFUL!!

{'Cluster': {'ClusterIdentifier': 'dwhcluster',
  'NodeType': 'dc2.large',
  'ClusterStatus': 'deleting',
  'MasterUsername': 'dwhuser',
  'DBName': 'dwh',
  'Endpoint': {'Address': 'dwhcluster.c3ocwixrnbd0.us-west-2.redshift.amazonaws.com',
   'Port': 5439},
  'ClusterCreateTime': datetime.datetime(2020, 6, 16, 15, 6, 10, 969000, tzinfo=tzlocal()),
  'AutomatedSnapshotRetentionPeriod': 1,
  'ClusterSecurityGroups': [],
  'VpcSecurityGroups': [{'VpcSecurityGroupId': 'sg-f13e05a2',
    'Status': 'active'}],
  'ClusterParameterGroups': [{'ParameterGroupName': 'default.redshift-1.0',
    'ParameterApplyStatus': 'in-sync'}],
  'ClusterSubnetGroupName': 'default',
  'VpcId': 'vpc-0280f67a',
  'AvailabilityZone': 'us-west-2d',
  'PreferredMaintenanceWindow': 'tue:12:30-tue:13:00',
  'PendingModifiedValues': {},
  'ClusterVersion': '1.0',
  'AllowVersionUpgrade': True,
  'NumberOfNodes': 4,
  'PubliclyAccessible': True,
  'Encrypted': False,
  'Tags': [],
  'EnhancedVpcRouting': False,
  'Iam

In [20]:
myClusterProps = redshift.describe_clusters(ClusterIdentifier='dwhCluster')['Clusters'][0]
prettyRedshiftProps(myClusterProps)

Unnamed: 0,Key,Value
0,ClusterIdentifier,dwhcluster
1,NodeType,dc2.large
2,ClusterStatus,deleting
3,MasterUsername,dwhuser
4,DBName,dwh
5,Endpoint,"{'Address': 'dwhcluster.c3ocwixrnbd0.us-west-2.redshift.amazonaws.com', 'Port': 5439}"
6,VpcId,vpc-0280f67a
7,NumberOfNodes,4


In [21]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
iam.detach_role_policy(RoleName='dwhRole', PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
iam.delete_role(RoleName='dwhRole')
#### CAREFUL!!

NoSuchEntityException: An error occurred (NoSuchEntity) when calling the DetachRolePolicy operation: The role with name dwhRole cannot be found.