Databricks Community

Wayne · ‎02-21-2025

Try to follow the instructions to create custom IAM role for EC2 instance in Databricks clusters, but I can't find the instance profile ARN on the role. If I create a regual IAM role on EC2, I can find both role ARN and instance profile ARN.
https://docs.databricks.com/aws/en/admin/account-settings-e2/credentials

Get your Databricks account ID. See Locate your account ID.
Log into your AWS Console as a user with administrator privileges and go to the IAM console.
Click the Roles tab in the sidebar.
Click Create role.
1. In Select type of trusted entity, click the AWS account tile.
2. Select the Another AWS account checkbox.
3. In the Account ID field, enter the Databricks account ID 414351767826. This is not the Account ID you copied from the Databricks account console. If you are are using Databricks on AWS GovCloud use the Databricks account ID 044793339203 for AWS GovCloud or 170661010020 for AWS GovCloud DoD.
4. Select the Require external ID checkbox.
5. In the External ID field, enter your Databricks account ID, which you copied from the Databricks account console.
6. Click the Next button.
7. In the Add Permissions page, click the Next button. You should now be on the Name, review, and create page.
8. In the Role name field, enter a role name.
9. Click Create role. The list of roles appears.

Takuya-Omi · ‎02-22-2025

@Wayne

I need to understand more about what you’re trying to achieve,

but if you’re looking to grant permissions to the EC2 instances running behind a Databricks cluster using an instance profile, the following documentation provides a detailed explanation.

It includes an example of granting access to S3

Use Instance Profiles to Access S3 from Databricks

--------------------------
Takuya Omi (尾美拓哉)