# Exercise 2: Creating Redshift Cluster using the AWS python SDK 
## An example of Infrastructure-as-code

In [1]:
import pandas as pd
import boto3
import json

# Load DWH Params from a file

In [2]:
import configparser
config = configparser.ConfigParser()
config.read_file(open('dwh.cfg'))

KEY                    = config.get('AWS','KEY')
SECRET                 = config.get('AWS','SECRET')

DWH_CLUSTER_TYPE       = config.get("DWH","DWH_CLUSTER_TYPE")
DWH_NUM_NODES          = config.get("DWH","DWH_NUM_NODES")
DWH_NODE_TYPE          = config.get("DWH","DWH_NODE_TYPE")

DWH_CLUSTER_IDENTIFIER = config.get("DWH","DWH_CLUSTER_IDENTIFIER")
DWH_DB                 = config.get("DWH","DWH_DB")
DWH_DB_USER            = config.get("DWH","DWH_DB_USER")
DWH_DB_PASSWORD        = config.get("DWH","DWH_DB_PASSWORD")
DWH_PORT               = config.get("DWH","DWH_PORT")

DWH_IAM_ROLE_NAME      = config.get("DWH", "DWH_IAM_ROLE_NAME")

(DWH_DB_USER, DWH_DB_PASSWORD, DWH_DB)

pd.DataFrame({"Param":
                  ["DWH_CLUSTER_TYPE", "DWH_NUM_NODES", "DWH_NODE_TYPE", "DWH_CLUSTER_IDENTIFIER", "DWH_DB", "DWH_DB_USER", "DWH_DB_PASSWORD", "DWH_PORT", "DWH_IAM_ROLE_NAME"],
              "Value":
                  [DWH_CLUSTER_TYPE, DWH_NUM_NODES, DWH_NODE_TYPE, DWH_CLUSTER_IDENTIFIER, DWH_DB, DWH_DB_USER, DWH_DB_PASSWORD, DWH_PORT, DWH_IAM_ROLE_NAME]
             })

Unnamed: 0,Param,Value
0,DWH_CLUSTER_TYPE,multi-node
1,DWH_NUM_NODES,4
2,DWH_NODE_TYPE,dc2.large
3,DWH_CLUSTER_IDENTIFIER,redshift-cluster-1
4,DWH_DB,dev
5,DWH_DB_USER,awsuser
6,DWH_DB_PASSWORD,LT491894a
7,DWH_PORT,5439
8,DWH_IAM_ROLE_NAME,myRedshiftRole


# Create clients for IAM, EC2, S3 and Redshift
**Note**: We are creating these resources in the the **us-east-1** region. Choose the same region in the your AWS web console to the see these resources.

In [3]:
import boto3

ec2 = boto3.resource('ec2',
                       region_name="us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                    )

s3 = boto3.resource('s3',
                       region_name="us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                   )

iam = boto3.client('iam',aws_access_key_id=KEY,
                     aws_secret_access_key=SECRET,
                     region_name='us-west-2'
                  )

redshift = boto3.client('redshift',
                       region_name="us-west-2",
                       aws_access_key_id=KEY,
                       aws_secret_access_key=SECRET
                       )

In [6]:
s3bucket =  s3.Bucket("udacity-dend")

s3_logs = iter(s3bucket.objects.filter(Prefix="log-data"))
for _ in range(10): 
    print(next(s3_logs))

s3_songs = iter(s3bucket.objects.filter(Prefix="song-data"))
for _ in range(10): 
    print(next(s3_songs))

s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-01-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-02-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-03-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-04-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-05-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-06-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-07-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-08-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='log-data/2018/11/2018-11-09-events.json')
s3.ObjectSummary(bucket_name='udacity-dend', key='song-data/')
s3.ObjectSummary(bucket_name='udacity-dend', ke

In [7]:
from botocore.exceptions import ClientError

#1.1 Create the role, 
try:
    print("1.1 Creating a new IAM Role") 
    dwhRole = iam.create_role(
        Path='/',
        RoleName=DWH_IAM_ROLE_NAME,
        Description = "Allows Redshift clusters to call AWS services on your behalf.",
        AssumeRolePolicyDocument=json.dumps(
            {'Statement': [{'Action': 'sts:AssumeRole',
               'Effect': 'Allow',
               'Principal': {'Service': 'redshift.amazonaws.com'}}],
             'Version': '2021-06-26'})
    )    
except Exception as e:
    print(e)
    
    
print("1.2 Attaching Policy")

iam.attach_role_policy(RoleName=DWH_IAM_ROLE_NAME,
                       PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
                      )['ResponseMetadata']['HTTPStatusCode']

print("1.3 Get the IAM role ARN")
roleArn = iam.get_role(RoleName=DWH_IAM_ROLE_NAME)['Role']['Arn']

print(roleArn)

1.1 Creating a new IAM Role
An error occurred (EntityAlreadyExists) when calling the CreateRole operation: Role with name myRedshiftRole already exists.
1.2 Attaching Policy
1.3 Get the IAM role ARN
arn:aws:iam::150752158968:role/myRedshiftRole


In [8]:

try:
    response = redshift.create_cluster(        
        #HW
        ClusterType=DWH_CLUSTER_TYPE,
        NodeType=DWH_NODE_TYPE,
        NumberOfNodes=int(DWH_NUM_NODES),

        #Identifiers & Credentials
        DBName=DWH_DB,
        ClusterIdentifier=DWH_CLUSTER_IDENTIFIER,
        MasterUsername=DWH_DB_USER,
        MasterUserPassword=DWH_DB_PASSWORD,
        
        #Roles (for s3 access)
        IamRoles=[roleArn]  
    )
except Exception as e:
    print(e)

## 2.1 *Describe* the cluster to see its status
- run this block several times until the cluster status becomes `Available`

In [11]:
def prettyRedshiftProps(props):
    pd.set_option('display.max_colwidth', -1)
    keysToShow = ["ClusterIdentifier", "NodeType", "ClusterStatus", "MasterUsername", "DBName", "Endpoint", "NumberOfNodes", 'VpcId']
    x = [(k, v) for k,v in props.items() if k in keysToShow]
    return pd.DataFrame(data=x, columns=["Key", "Value"])

myClusterProps = redshift.describe_clusters(ClusterIdentifier=DWH_CLUSTER_IDENTIFIER)['Clusters'][0]
prettyRedshiftProps(myClusterProps)

Unnamed: 0,Key,Value
0,ClusterIdentifier,redshift-cluster-1
1,NodeType,dc2.large
2,ClusterStatus,available
3,MasterUsername,awsuser
4,DBName,dev
5,Endpoint,"{'Address': 'redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com', 'Port': 5439}"
6,VpcId,vpc-e6300f9e
7,NumberOfNodes,4


<h2> 2.2 Take note of the cluster <font color='red'> endpoint and role ARN </font> </h2>

<font color='red'>DO NOT RUN THIS unless the cluster status becomes "Available". Make ure you are checking your Amazon Redshift cluster in the **us-west-2** region. </font>


In [13]:
DWH_ENDPOINT = myClusterProps['Endpoint']['Address']
DWH_ROLE_ARN = myClusterProps['IamRoles'][0]['IamRoleArn']
print("DWH_ENDPOINT :: ", DWH_ENDPOINT)
print("DWH_ROLE_ARN :: ", DWH_ROLE_ARN)

DWH_ENDPOINT ::  redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com
DWH_ROLE_ARN ::  arn:aws:iam::150752158968:role/myRedshiftRole


## STEP 3: Open an incoming  TCP port to access the cluster ednpoint

In [14]:
try:
    vpc = ec2.Vpc(id=myClusterProps['VpcId'])
    defaultSg = list(vpc.security_groups.all())[0]
    print(defaultSg)
    defaultSg.authorize_ingress(
        GroupName=defaultSg.group_name,
        CidrIp='0.0.0.0/0',
        IpProtocol='TCP',
        FromPort=int(DWH_PORT),
        ToPort=int(DWH_PORT)
    )
except Exception as e:
    print(e)

ec2.SecurityGroup(id='sg-cca4cff9')


# STEP 4: Make sure you can connect to the cluster

In [15]:
%load_ext sql

In [16]:
conn_string="postgresql://{}:{}@{}:{}/{}".format(DWH_DB_USER, DWH_DB_PASSWORD, DWH_ENDPOINT, DWH_PORT,DWH_DB)
print(conn_string)
%sql $conn_string

postgresql://awsuser:LT491894a@redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com:5439/dev


'Connected: awsuser@dev'

# STEP 5: Clean up your resources

<b><font color='red'>DO NOT RUN THIS UNLESS YOU ARE SURE <br/> 
    We will be using these resources in the next exercises</span></b>

In [None]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
redshift.delete_cluster( ClusterIdentifier=DWH_CLUSTER_IDENTIFIER,  SkipFinalClusterSnapshot=True)
#### CAREFUL!!

- run this block several times until the cluster really deleted

In [24]:
#### CAREFUL!!
#-- Uncomment & run to delete the created resources
iam.detach_role_policy(RoleName=DWH_IAM_ROLE_NAME, PolicyArn="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
iam.delete_role(RoleName=DWH_IAM_ROLE_NAME)
#### CAREFUL!!

{'ResponseMetadata': {'RequestId': '0fcd5bf1-dfa3-4f86-b0c0-19e63b82ecaa',
  'HTTPStatusCode': 200,
  'HTTPHeaders': {'x-amzn-requestid': '0fcd5bf1-dfa3-4f86-b0c0-19e63b82ecaa',
   'content-type': 'text/xml',
   'content-length': '200',
   'date': 'Sun, 27 Jun 2021 02:34:34 GMT'},
  'RetryAttempts': 0}}

In [17]:
%sql SELECT * FROM artists limit 10;

 * postgresql://awsuser:***@redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com:5439/dev
10 rows affected.


artist_id,name,location,latitude,longitude
AR8LMZM1187B9A8160,Brooke Valentine,"Houston, TX",,
ARO99NZ1187FB3D209,Drafi Deutscher,DE,51.16418,10.45415
ARP9ZS01187B9AA28F,Bong-ra,,,
ARNJLGR1242078249B,Max Avery Lichtenstein,,,
ARAWQ751187FB36C18,Bloodhound Gang,"King of Prussia, PA",,
AR4TLW81187B99683D,Martin Sexton,"Syracuse, NY",,
ARX9KBJ1187FB3A99C,Alabama,,,
ARRSSVL11E2835C246,Red Bennies,United States,,
ARW118R1187FB3A921,Cathy Davey,,,
ARD3Y081187B9ABB07,Del Amitri,"Glasgow, Scotland",,


In [19]:
%sql SELECT * FROM time limit 10;

 * postgresql://awsuser:***@redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com:5439/dev
10 rows affected.


start_time,hour,day,week,month,year,weekday
2018-11-01 21:50:15,21,1,44,11,2018,4
2018-11-01 21:52:05,21,1,44,11,2018,4
2018-11-02 03:32:41,3,2,44,11,2018,5
2018-11-02 05:52:29,5,2,44,11,2018,5
2018-11-02 10:04:05,10,2,44,11,2018,5
2018-11-02 10:24:12,10,2,44,11,2018,5
2018-11-02 10:34:14,10,2,44,11,2018,5
2018-11-02 10:53:11,10,2,44,11,2018,5
2018-11-02 11:17:10,11,2,44,11,2018,5
2018-11-02 11:20:31,11,2,44,11,2018,5


In [20]:
%sql SELECT * FROM songs limit 10;

 * postgresql://awsuser:***@redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com:5439/dev
10 rows affected.


song_id,title,artist_id,year,duration
SOHCLBE12A6D4F8A42,Four Or Five Times (Medley) (1999 Digital Remaster),ARIJE1A1187B9A458D,1968,380.70812
SOVXAXI12A8C1383D9,Don't Go,ARY65231187FB46283,2007,367.62077
SOSBDES12A6D4FAFD0,Across the Board,ARKAWZX1187FB46D27,1987,111.72526
SOIBFHF12AAF3B5237,How 'Bout You,ARW5M0Q1187FB4D1E9,1996,182.54322
SOCHFCE12A6D4F941F,Man On The Corner (Live) (2000 Digital Remaster),AROTVAL1271F5743BC,0,243.19955
SOCCRZP12A8C13A8B4,In The Night (Entering The Danger Zone),AR0YTWT1187FB3D62F,1995,86.41261
SOKHSIC12A6D4F8895,Sex Talk,AR7X6Q41187B9AEC51,1987,252.89098
SOPLKKK12A58A7670D,London_ London,ARNJRQ91187B9ACFDD,0,251.03628
SODXYFV12A6701E4DE,Ecoute Fils,ARMM6VP1187B99CBBD,0,224.02567
SOIQGXP12A6D4F8C27,I'm All Yours (LP Version),AR658OS1187FB5C451,0,269.00853


In [21]:
%sql SELECT * FROM songplays order by songplay_id limit 10;

 * postgresql://awsuser:***@redshift-cluster-1.cmvkagopibdo.us-west-2.redshift.amazonaws.com:5439/dev
10 rows affected.


songplay_id,start_time,user_id,level,song_id,artist_id,session_id,location,user_agent
0,2018-11-21 03:12:22,80,paid,SOMULQH12A8C138213,ARENWML1187B99ECB6,774,"Portland-South Portland, ME","""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"""
1,2018-11-20 08:05:30,15,paid,SOMCKUB12AB018BD24,ARL1MEI1187B9AD98B,716,"Chicago-Naperville-Elgin, IL-IN-WI","""Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36"""
2,2018-11-15 19:01:55,42,paid,SOIOESO12A6D4F621D,ARVLXWP1187FB5B94A,404,"New York-Newark-Jersey City, NY-NJ-PA","""Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"""
3,2018-11-06 16:38:15,2,free,SOSMXVH12A58A7CA6C,AR6PJ8R1187FB5AD70,126,"Plymouth, IN","""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"""
4,2018-11-24 12:43:00,73,paid,SONQBUB12A6D4F8ED0,ARFCUN31187B9AD578,692,"Tampa-St. Petersburg-Clearwater, FL","""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2"""
5,2018-11-10 08:20:13,44,paid,SOTNHIP12AB0183131,ARD46C811C8A414F3F,350,"Waterloo-Cedar Falls, IA",Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0
6,2018-11-30 16:43:28,33,free,SOKSREW12A6D4F926D,ARC4W081187B9ACDBD,1026,"Eugene, OR","""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"""
7,2018-11-19 07:11:29,24,paid,SOIOESO12A6D4F621D,ARVLXWP1187FB5B94A,672,"Lake Havasu City-Kingman, AZ","""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"""
8,2018-11-24 04:29:50,88,paid,SOQIHQO12AB018A35C,AR4JOZD11C8A421F6A,888,"Sacramento--Roseville--Arden-Arcade, CA","""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"""
9,2018-11-13 08:30:01,25,paid,SODWLOQ12AB017EC73,AR4SRB61187FB5538F,442,"Marinette, WI-MI","""Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"""


In [None]:
%%sql
delete from staging_events;
delete from staging_songs;
delete from songplays;
delete from users;
delete from songs;
delete from artists;
delete from time;